Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/XeCJewtOo6l2Opo6BI92U0n5PiY.roa
File: XeCJewtOo6l2Opo6BI92U0n5PiY.roa (raw, json)
Hash identifier: X7bkUycVa+3Vm0XLONVfnQBM0Z6mcOmkLcbP8Sn9Pvs=
Subject key identifier: 5D:E0:89:7B:0B:4E:A3:A9:76:3A:9A:3A:04:8F:76:53:49:F9:3E:26
Certificate issuer: /CN=492a8e482a81d90c45c4d90ac668a3f2245c0d6d
Certificate serial: 018CC9BBD9C7471E9D656DA697D7062456BB
Authority key identifier: 49:2A:8E:48:2A:81:D9:0C:45:C4:D9:0A:C6:68:A3:F2:24:5C:0D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSqOSCqB2QxFxNkKxmij8iRcDW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/XeCJewtOo6l2Opo6BI92U0n5PiY.roa
Signing time: Tue 02 Jan 2024 10:33:00 +0000
ROA not before: Tue 02 Jan 2024 10:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201259
IP address blocks: 185.60.35.0/24 maxlen: 24
185.60.32.0/24 maxlen: 24
185.60.32.0/22 maxlen: 22
185.60.32.0/23 maxlen: 23
185.60.33.0/24 maxlen: 24
185.60.34.0/24 maxlen: 24
185.60.34.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d9:c7:47:1e:9d:65:6d:a6:97:d7:06:24:56:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=492a8e482a81d90c45c4d90ac668a3f2245c0d6d
Validity
Not Before: Jan 2 10:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de0897b0b4ea3a9763a9a3a048f765349f93e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a7:64:1b:f3:da:06:f8:f4:6a:3d:10:16:f5:
e1:a4:98:0b:a9:e4:8d:b0:e7:a4:a8:ee:c2:21:c4:
48:b7:ca:e9:86:87:24:fc:65:d4:f6:e8:11:9d:1b:
6c:e4:d7:54:1b:a8:f2:5e:84:71:75:31:c0:45:77:
92:11:a0:3c:ab:87:56:9d:72:a0:d1:c3:05:00:cd:
04:71:d4:52:d0:8c:e8:c9:e0:b4:9d:81:e1:47:cf:
b7:81:51:22:f7:99:20:ff:2a:eb:d7:0e:ef:31:88:
b5:61:3c:2d:0d:5c:60:7c:84:60:05:08:7a:aa:68:
87:7e:61:b2:a8:04:40:5f:dd:f9:11:94:93:dc:53:
f5:94:de:e1:6d:17:df:2c:87:4a:e9:e1:c7:70:cc:
fb:b6:62:de:c7:23:25:24:b3:c5:40:0a:da:3d:e8:
e5:5a:fa:45:4d:fb:63:42:75:78:f4:18:e0:f5:7a:
0d:2f:4a:37:69:85:83:80:87:1b:ed:2f:1d:67:3d:
7e:8b:48:01:d7:3a:7c:46:7a:d3:75:ea:6d:4c:9b:
bb:96:f5:a6:76:d7:c9:1b:49:30:9c:be:f7:74:06:
70:c2:bb:ea:c2:8b:4b:2c:3c:60:7f:f5:89:b1:b5:
d0:1e:d4:6b:bd:5d:d1:2c:e1:3d:f6:a7:38:a9:c6:
ae:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E0:89:7B:0B:4E:A3:A9:76:3A:9A:3A:04:8F:76:53:49:F9:3E:26
X509v3 Authority Key Identifier:
keyid:49:2A:8E:48:2A:81:D9:0C:45:C4:D9:0A:C6:68:A3:F2:24:5C:0D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSqOSCqB2QxFxNkKxmij8iRcDW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/XeCJewtOo6l2Opo6BI92U0n5PiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/SSqOSCqB2QxFxNkKxmij8iRcDW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.32.0/22
Signature Algorithm: sha256WithRSAEncryption
76:fb:1b:4b:e9:08:71:2e:c4:9e:a4:f6:07:4a:92:b9:08:75:
25:b5:32:06:b9:b4:36:37:b4:9d:7a:17:8e:2d:6f:f2:46:21:
c1:58:ed:65:24:45:f9:19:1a:91:c9:ad:ee:10:0d:1c:3d:32:
f4:ef:73:8f:42:9a:24:f0:e8:aa:b1:a4:59:e9:39:21:c1:b3:
4c:44:ce:53:46:fb:81:74:b3:c1:32:6a:78:98:e7:eb:07:51:
08:75:c2:6f:9f:fa:aa:22:7f:41:02:9f:0f:df:88:a2:d4:79:
cc:e9:2d:4d:e3:57:92:ff:b8:8f:cb:43:37:42:f7:a2:77:fb:
ab:2d:57:58:7c:38:b3:fb:89:95:5d:54:36:a2:c1:33:8b:8c:
7b:81:9c:cd:27:ce:1d:d4:98:1f:36:e4:ba:68:8c:c4:ce:24:
e4:5d:3b:9e:9e:13:1c:1d:96:cd:66:28:cd:dd:ff:9d:13:c1:
f3:54:3b:06:43:98:96:0e:a6:a3:dc:b4:cd:67:25:ca:b5:fc:
61:97:b7:ae:47:ad:fb:7d:c9:f2:e3:f3:cc:fc:77:39:79:bf:
dc:a4:d3:93:68:2e:34:3e:8f:17:49:fa:ad:5c:89:ac:8e:2c:
98:3f:43:7a:d6:72:b4:52:fd:e5:88:1f:16:fa:01:4a:0b:16:
3f:27:b1:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu9nHRx6dZW2ml9cGJFa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MmE4ZTQ4MmE4MWQ5MGM0NWM0ZDkwYWM2NjhhM2YyMjQ1
YzBkNmQwHhcNMjQwMTAyMTAzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUwODk3YjBiNGVhM2E5NzYzYTlhM2EwNDhmNzY1MzQ5ZjkzZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06dkG/PaBvj0aj0QFvXhpJgLqeSN
sOekqO7CIcRIt8rphock/GXU9ugRnRts5NdUG6jyXoRxdTHARXeSEaA8q4dWnXKg
0cMFAM0EcdRS0IzoyeC0nYHhR8+3gVEi95kg/yrr1w7vMYi1YTwtDVxgfIRgBQh6
qmiHfmGyqARAX935EZST3FP1lN7hbRffLIdK6eHHcMz7tmLexyMlJLPFQAraPejl
WvpFTftjQnV49Bjg9XoNL0o3aYWDgIcb7S8dZz1+i0gB1zp8RnrTdeptTJu7lvWm
dtfJG0kwnL73dAZwwrvqwotLLDxgf/WJsbXQHtRrvV3RLOE99qc4qcauTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3giXsLTqOpdjqaOgSPdlNJ+T4mMB8GA1UdIwQY
MBaAFEkqjkgqgdkMRcTZCsZoo/IkXA1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NxT1NDcUIyUXhGeE5rS3htaWo4aVJjRFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOGVhZGYtODAzNy00ZmFlLThkMmMt
ZTBhM2NiZDA0Nzk2LzEvWGVDSmV3dE9vNmwyT3BvNkJJOTJVMG41UGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iOGVhZGYtODAzNy00ZmFlLThkMmMtZTBhM2NiZDA0Nzk2
LzEvU1NxT1NDcUIyUXhGeE5rS3htaWo4aVJjRFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTwgMA0G
CSqGSIb3DQEBCwUAA4IBAQB2+xtL6QhxLsSepPYHSpK5CHUltTIGubQ2N7SdeheO
LW/yRiHBWO1lJEX5GRqRya3uEA0cPTL073OPQpok8OiqsaRZ6TkhwbNMRM5TRvuB
dLPBMmp4mOfrB1EIdcJvn/qqIn9BAp8P34ii1HnM6S1N41eS/7iPy0M3Qveid/ur
LVdYfDiz+4mVXVQ2osEzi4x7gZzNJ84d1JgfNuS6aIzEziTkXTuenhMcHZbNZijN
3f+dE8HzVDsGQ5iWDqaj3LTNZyXKtfxhl7euR637fcny4/PM/Hc5eb/cpNOTaC40
Po8XSfqtXImsjiyYP0N61nK0Uv3liB8W+gFKCxY/J7F1
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:32 2025 by rpki-client