Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/02fd8e-2d38-4ab1-84b5-9ef129eade78/1/xk7vC6CkyBy-Lbb_A7vrVY-F0RI.roa
File: xk7vC6CkyBy-Lbb_A7vrVY-F0RI.roa (raw, json)
Hash identifier: 8ef1ZAXAkr3KrMuyKzp+X1aerC2bs7SphmAqjUfXFU8=
Subject key identifier: C6:4E:EF:0B:A0:A4:C8:1C:BE:2D:B6:FF:03:BB:EB:55:8F:85:D1:12
Certificate issuer: /CN=49f035f74bf6350bc379ff2e253882d2468ef588
Certificate serial: 0192580B4E8FA83E1C4F272F44754261707D
Authority key identifier: 49:F0:35:F7:4B:F6:35:0B:C3:79:FF:2E:25:38:82:D2:46:8E:F5:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfA190v2NQvDef8uJTiC0kaO9Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/02fd8e-2d38-4ab1-84b5-9ef129eade78/1/xk7vC6CkyBy-Lbb_A7vrVY-F0RI.roa
Signing time: Fri 04 Oct 2024 14:59:48 +0000
ROA not before: Fri 04 Oct 2024 14:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203792
IP address blocks: 185.164.161.0/24 maxlen: 24
2a12:bac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:0b:4e:8f:a8:3e:1c:4f:27:2f:44:75:42:61:70:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f035f74bf6350bc379ff2e253882d2468ef588
Validity
Not Before: Oct 4 14:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64eef0ba0a4c81cbe2db6ff03bbeb558f85d112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d0:18:23:9c:18:7e:f2:6c:b3:db:33:6e:b9:
31:13:b0:75:09:a2:5b:a1:1c:3c:4e:ae:5a:cc:66:
61:ea:0a:21:21:24:57:53:a7:a1:4b:79:73:7d:bd:
94:47:66:fb:84:a7:e5:0d:3f:2d:82:f0:c7:c5:86:
81:5f:ce:c4:c6:93:61:58:92:6a:95:3e:bb:fe:57:
4e:1e:9d:5b:17:46:dd:6a:5e:43:6c:df:ab:60:cf:
0a:6d:87:b5:bc:d0:e0:73:b1:aa:c5:dd:07:7f:3e:
fc:7b:51:7d:42:59:55:e3:fe:86:13:c7:76:c1:f3:
73:ac:cd:d1:6d:4a:79:a1:cb:c7:ff:a9:3a:08:83:
e1:97:2d:fd:89:13:35:ca:d2:c5:73:6b:1a:22:2f:
e1:64:53:2c:c3:c4:64:16:63:ff:96:08:06:fd:bb:
88:6b:f6:b5:3c:63:04:bb:93:92:03:d7:ab:06:d8:
2b:9c:0d:6c:35:3f:98:12:cc:25:bb:1e:1d:39:00:
85:ea:d5:0f:55:4d:78:ad:9e:dd:77:37:a2:54:15:
87:b0:ac:06:11:dd:47:ec:59:57:a3:9b:31:6c:a0:
ca:48:be:1a:13:71:ce:0c:7b:98:17:fd:33:62:bd:
e1:f3:b5:a2:42:96:22:d1:fc:32:44:7a:db:6a:51:
90:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4E:EF:0B:A0:A4:C8:1C:BE:2D:B6:FF:03:BB:EB:55:8F:85:D1:12
X509v3 Authority Key Identifier:
keyid:49:F0:35:F7:4B:F6:35:0B:C3:79:FF:2E:25:38:82:D2:46:8E:F5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfA190v2NQvDef8uJTiC0kaO9Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/02fd8e-2d38-4ab1-84b5-9ef129eade78/1/xk7vC6CkyBy-Lbb_A7vrVY-F0RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/02fd8e-2d38-4ab1-84b5-9ef129eade78/1/SfA190v2NQvDef8uJTiC0kaO9Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.161.0/24
IPv6:
2a12:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
39:89:ef:4f:ea:31:7d:46:b6:85:4e:cd:46:0b:28:b7:a6:7e:
ac:e2:00:b5:10:21:45:c4:a2:18:50:dd:72:57:63:85:80:61:
87:a2:77:61:8e:1d:0b:0d:26:60:df:88:61:fc:e6:15:4a:07:
be:65:05:ea:33:ff:11:7a:ca:ca:54:8e:69:e8:db:a6:cb:b0:
ff:11:5c:e3:e3:a8:8d:78:8e:0c:fe:6c:9f:26:e5:0d:3d:84:
c0:fb:55:49:b8:d1:0a:c1:1d:67:4c:c0:85:38:57:0a:6f:68:
f1:ad:7f:12:46:00:f6:97:06:7c:59:b8:c8:39:b0:07:ac:5d:
6b:5e:13:be:f5:75:f8:bb:9c:1c:9e:4f:c4:75:49:c2:3d:a8:
63:91:cb:5a:0e:b7:37:4c:9e:ef:8f:13:d1:09:72:46:50:3f:
11:4f:da:40:6d:b1:dd:0a:a6:9e:df:07:66:33:f1:62:59:0a:
5a:85:2f:e7:10:44:f9:57:70:42:42:62:bf:77:25:b4:49:7b:
98:fc:54:f8:12:08:ce:e6:55:df:4e:8d:43:80:60:46:2e:ac:
ce:3a:69:e3:00:d2:e9:62:2b:c6:73:1a:20:79:5a:97:93:10:
b5:d9:59:13:79:8b:2b:61:a7:8e:ff:d9:93:b3:61:29:c4:c8:
64:83:20:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJYC06PqD4cTycvRHVCYXB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjAzNWY3NGJmNjM1MGJjMzc5ZmYyZTI1Mzg4MmQyNDY4
ZWY1ODgwHhcNMjQxMDA0MTQ1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRlZWYwYmEwYTRjODFjYmUyZGI2ZmYwM2JiZWI1NThmODVkMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9AYI5wYfvJss9szbrkxE7B1CaJb
oRw8Tq5azGZh6gohISRXU6ehS3lzfb2UR2b7hKflDT8tgvDHxYaBX87ExpNhWJJq
lT67/ldOHp1bF0bdal5DbN+rYM8KbYe1vNDgc7Gqxd0Hfz78e1F9QllV4/6GE8d2
wfNzrM3RbUp5ocvH/6k6CIPhly39iRM1ytLFc2saIi/hZFMsw8RkFmP/lggG/buI
a/a1PGMEu5OSA9erBtgrnA1sNT+YEswlux4dOQCF6tUPVU14rZ7ddzeiVBWHsKwG
Ed1H7FlXo5sxbKDKSL4aE3HODHuYF/0zYr3h87WiQpYi0fwyRHrbalGQGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMZO7wugpMgcvi22/wO761WPhdESMB8GA1UdIwQY
MBaAFEnwNfdL9jULw3n/LiU4gtJGjvWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZBMTkwdjJOUXZEZWY4dUpUaUMwa2FPOVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMmZkOGUtMmQzOC00YWIxLTg0YjUt
OWVmMTI5ZWFkZTc4LzEveGs3dkM2Q2t5QnktTGJiX0E3dnJWWS1GMFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMmZkOGUtMmQzOC00YWIxLTg0YjUtOWVmMTI5ZWFkZTc4
LzEvU2ZBMTkwdjJOUXZEZWY4dUpUaUMwa2FPOVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaShMA0E
AgACMAcDBQMqErrAMA0GCSqGSIb3DQEBCwUAA4IBAQA5ie9P6jF9RraFTs1GCyi3
pn6s4gC1ECFFxKIYUN1yV2OFgGGHondhjh0LDSZg34hh/OYVSge+ZQXqM/8ResrK
VI5p6Numy7D/EVzj46iNeI4M/myfJuUNPYTA+1VJuNEKwR1nTMCFOFcKb2jxrX8S
RgD2lwZ8WbjIObAHrF1rXhO+9XX4u5wcnk/EdUnCPahjkctaDrc3TJ7vjxPRCXJG
UD8RT9pAbbHdCqae3wdmM/FiWQpahS/nEET5V3BCQmK/dyW0SXuY/FT4EgjO5lXf
To1DgGBGLqzOOmnjANLpYivGcxogeVqXkxC12VkTeYsrYaeO/9mTs2EpxMhkgyDd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:18 2025 by rpki-client