Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/fe3b56-94ca-4295-b0cc-10bed27d766e/1/59rrrfwoWsJlljrqnfzeyzpu7MI.roa
File: 59rrrfwoWsJlljrqnfzeyzpu7MI.roa (raw, json)
Hash identifier: vx1pzoTjZHW0pZvxOXUs59auvdOvVA4bKoyMDGDHRtg=
Subject key identifier: E7:DA:EB:AD:FC:28:5A:C2:65:96:3A:EA:9D:FC:DE:CB:3A:6E:EC:C2
Certificate issuer: /CN=5f0a0dd2f964e860f6ba4c176112a5d712ba93aa
Certificate serial: 018CC424780063B959692DBCA94C7C039B19
Authority key identifier: 5F:0A:0D:D2:F9:64:E8:60:F6:BA:4C:17:61:12:A5:D7:12:BA:93:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwoN0vlk6GD2ukwXYRKl1xK6k6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/fe3b56-94ca-4295-b0cc-10bed27d766e/1/59rrrfwoWsJlljrqnfzeyzpu7MI.roa
Signing time: Mon 01 Jan 2024 08:29:33 +0000
ROA not before: Mon 01 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205002
IP address blocks: 185.233.20.0/22 maxlen: 32
2a0c:cf00::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:78:00:63:b9:59:69:2d:bc:a9:4c:7c:03:9b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0a0dd2f964e860f6ba4c176112a5d712ba93aa
Validity
Not Before: Jan 1 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7daebadfc285ac265963aea9dfcdecb3a6eecc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:dd:3a:06:8f:8b:ad:3b:17:18:5e:50:54:
ec:46:d1:d7:f6:fa:b0:d4:00:ae:a7:dd:a8:d8:73:
bf:47:ba:6c:84:04:af:84:fb:6d:c7:56:10:ff:41:
57:86:ef:3f:0f:37:ec:b4:67:61:7c:17:6a:a1:96:
48:ac:7f:1e:be:00:e2:af:87:d6:37:8c:fc:b0:db:
bd:34:19:7b:8b:b0:b9:e7:c3:6e:4a:f4:a1:7a:d4:
fd:17:2f:96:78:3e:5b:c1:cc:3a:6c:33:c7:6f:ef:
69:e2:95:04:92:a1:64:b4:2a:7c:5c:a0:63:c9:f4:
15:c6:7d:f9:a9:6c:57:9e:6e:11:c7:bb:0b:f3:61:
fb:c9:57:cc:a2:94:ce:1d:de:dd:af:c0:df:c0:f6:
a0:5c:f8:da:56:d8:82:54:7e:56:3e:bb:87:7c:06:
bc:0c:13:90:b2:d4:38:ca:31:cf:d9:96:9f:75:65:
5d:50:c5:ce:d0:70:07:70:5f:9a:ca:83:fc:4c:35:
0a:03:43:73:e8:7d:f5:90:02:99:1f:fa:40:4c:f5:
9c:c2:22:3e:04:6a:ed:29:a5:b3:16:6e:ec:be:73:
fc:0b:53:59:a8:c7:ce:37:6e:2c:1f:9d:2a:86:f9:
3e:4f:1b:a4:e3:59:ba:29:fc:4f:d0:a3:6e:16:c5:
f9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DA:EB:AD:FC:28:5A:C2:65:96:3A:EA:9D:FC:DE:CB:3A:6E:EC:C2
X509v3 Authority Key Identifier:
keyid:5F:0A:0D:D2:F9:64:E8:60:F6:BA:4C:17:61:12:A5:D7:12:BA:93:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwoN0vlk6GD2ukwXYRKl1xK6k6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fe3b56-94ca-4295-b0cc-10bed27d766e/1/59rrrfwoWsJlljrqnfzeyzpu7MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fe3b56-94ca-4295-b0cc-10bed27d766e/1/XwoN0vlk6GD2ukwXYRKl1xK6k6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.20.0/22
IPv6:
2a0c:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
4e:47:43:d4:c5:e4:ac:72:b8:7d:90:8a:e8:7b:e9:d2:83:91:
dc:c6:8b:95:af:4f:a7:8d:75:ae:46:a0:7e:4a:89:4a:5c:4b:
f8:24:ea:4e:5f:e9:8a:eb:f7:98:e2:60:37:eb:70:8c:30:e5:
6b:2d:e3:eb:c4:ce:d4:94:48:f4:7a:ab:7f:a7:6d:fc:35:5f:
93:58:ea:a2:0f:d8:8c:29:bb:b7:f0:80:f6:22:bb:55:d5:df:
ac:82:c6:66:e8:5e:2b:3b:6d:22:3d:2d:d4:d5:10:c2:6c:c1:
11:3d:d4:2b:32:22:f6:6f:97:a4:da:d2:d4:6d:03:2b:ef:dc:
44:c3:5e:82:22:2d:6c:8b:ef:c7:23:42:99:81:95:96:ac:84:
da:e5:cc:64:72:92:ec:04:85:45:a8:5f:6a:64:3d:c7:a3:9f:
94:51:99:23:89:ae:9f:0b:d5:3b:36:7f:81:8e:87:d5:be:9c:
72:7a:46:b6:06:b3:da:1a:20:76:17:63:80:18:9b:cc:8f:bf:
38:69:8a:35:c9:ac:b7:d1:9f:87:5f:7a:43:3d:b9:de:3b:42:
cc:06:cd:c0:62:b6:db:0b:1c:7e:41:14:2c:e4:ae:96:b5:66:
89:2f:51:ac:03:88:e7:9b:4a:76:ac:3c:52:aa:db:e0:ad:cb:
59:53:d5:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJHgAY7lZaS28qUx8A5sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGEwZGQyZjk2NGU4NjBmNmJhNGMxNzYxMTJhNWQ3MTJi
YTkzYWEwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RhZWJhZGZjMjg1YWMyNjU5NjNhZWE5ZGZjZGVjYjNhNmVlY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDLdOgaPi607FxheUFTsRtHX9vqw
1ACup92o2HO/R7pshASvhPttx1YQ/0FXhu8/DzfstGdhfBdqoZZIrH8evgDir4fW
N4z8sNu9NBl7i7C558NuSvShetT9Fy+WeD5bwcw6bDPHb+9p4pUEkqFktCp8XKBj
yfQVxn35qWxXnm4Rx7sL82H7yVfMopTOHd7dr8DfwPagXPjaVtiCVH5WPruHfAa8
DBOQstQ4yjHP2ZafdWVdUMXO0HAHcF+ayoP8TDUKA0Nz6H31kAKZH/pATPWcwiI+
BGrtKaWzFm7svnP8C1NZqMfON24sH50qhvk+Txuk41m6KfxP0KNuFsX5TwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOfa6638KFrCZZY66p383ss6buzCMB8GA1UdIwQY
MBaAFF8KDdL5ZOhg9rpMF2ESpdcSupOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdvTjB2bGs2R0QydWt3WFlSS2wxeEs2azZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mZTNiNTYtOTRjYS00Mjk1LWIwY2Mt
MTBiZWQyN2Q3NjZlLzEvNTlycnJmd29Xc0psbGpycW5memV5enB1N01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mZTNiNTYtOTRjYS00Mjk1LWIwY2MtMTBiZWQyN2Q3NjZl
LzEvWHdvTjB2bGs2R0QydWt3WFlSS2wxeEs2azZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuekUMA0E
AgACMAcDBQMqDM8AMA0GCSqGSIb3DQEBCwUAA4IBAQBOR0PUxeSscrh9kIroe+nS
g5HcxouVr0+njXWuRqB+SolKXEv4JOpOX+mK6/eY4mA363CMMOVrLePrxM7UlEj0
eqt/p238NV+TWOqiD9iMKbu38ID2IrtV1d+sgsZm6F4rO20iPS3U1RDCbMERPdQr
MiL2b5ek2tLUbQMr79xEw16CIi1si+/HI0KZgZWWrITa5cxkcpLsBIVFqF9qZD3H
o5+UUZkjia6fC9U7Nn+BjofVvpxyeka2BrPaGiB2F2OAGJvMj784aYo1yay30Z+H
X3pDPbneO0LMBs3AYrbbCxx+QRQs5K6WtWaJL1GsA4jnm0p2rDxSqtvgrctZU9Xv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:55 2025 by rpki-client