Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/T41xfdhug3YO8-xoVIWVLcet53k.roa
File: T41xfdhug3YO8-xoVIWVLcet53k.roa (raw, json)
Hash identifier: 4jYvf+N/eWxCBXR18Px/D+A8jpRS33h1S+37iuVo8Ng=
Subject key identifier: 4F:8D:71:7D:D8:6E:83:76:0E:F3:EC:68:54:85:95:2D:C7:AD:E7:79
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018CC9BC721E17BC825AB29FF6CC3E0A395F
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/T41xfdhug3YO8-xoVIWVLcet53k.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211826
IP address blocks: 185.225.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 15:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:72:1e:17:bc:82:5a:b2:9f:f6:cc:3e:0a:39:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8d717dd86e83760ef3ec685485952dc7ade779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d5:86:14:fb:02:1e:d1:f5:af:6b:92:5c:9a:
62:93:6d:95:65:bf:41:67:c9:09:48:ec:ce:40:0d:
0f:c5:1d:ad:b2:4a:11:57:12:3c:b2:7e:fb:42:29:
80:f0:b0:bd:58:75:aa:46:9c:ad:6a:c9:c6:7d:9c:
a5:01:aa:38:99:73:e5:98:c0:28:b1:30:ca:3f:f6:
5c:06:45:16:36:f8:83:73:b2:69:78:ff:72:16:37:
f1:ca:39:06:68:d4:fe:b8:01:89:88:a2:e0:5e:ac:
81:85:4e:80:5d:f7:ba:92:63:5a:d2:cd:e5:0c:fb:
29:e8:c4:29:ab:6e:e3:51:5e:e0:da:d6:aa:3f:22:
6b:74:00:0b:53:38:62:c3:c9:71:ca:bd:64:fc:4e:
e4:0b:23:2e:92:8c:6f:d2:6f:cc:6a:16:9b:1e:bb:
50:30:d6:c9:3d:18:2c:5a:8e:f6:16:aa:88:df:59:
81:75:28:cc:52:8f:0f:5e:48:0d:d5:40:f6:30:d1:
5f:9f:5f:97:94:ac:ef:ba:ed:e2:9d:d8:93:c0:f1:
d2:cf:e7:f1:fb:52:75:28:96:ca:56:ce:e1:98:aa:
45:ec:02:71:b7:c4:06:90:d8:5c:7d:f6:11:1f:00:
a5:1a:4d:8b:a8:47:2d:66:39:c2:f7:a4:3d:24:59:
c6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8D:71:7D:D8:6E:83:76:0E:F3:EC:68:54:85:95:2D:C7:AD:E7:79
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/T41xfdhug3YO8-xoVIWVLcet53k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.206.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:14:89:7f:7c:46:d2:cf:2d:b3:4c:44:74:07:3d:1c:5b:85:
c2:d9:84:d3:4f:99:c9:7a:77:de:28:bb:f6:2a:22:41:b0:16:
bb:f9:ea:5d:bf:5f:8f:8f:6d:1f:66:cd:4d:94:46:07:3f:fb:
fe:78:32:22:45:06:45:1a:0f:55:59:16:81:56:a8:7c:2d:d3:
af:79:16:08:fb:41:9d:98:05:38:72:b8:f0:99:7d:5d:cb:03:
94:f1:54:87:e7:c9:56:05:90:a6:c8:56:d2:dd:fd:5b:84:6b:
be:7f:38:c0:42:15:83:da:73:dd:10:96:f8:23:6e:28:3c:7f:
aa:ea:26:0e:01:0f:31:c6:f2:fc:f6:8b:5e:f9:e6:45:b3:a1:
83:e8:7f:74:f3:41:35:19:1d:c2:86:47:12:83:9c:d8:c4:de:
80:b3:9a:53:aa:6c:04:d3:cd:b3:36:03:d8:33:3d:b3:5c:3e:
07:51:93:4e:27:06:28:20:0a:10:d5:75:f7:ac:ca:ab:e9:ca:
24:3d:ee:b9:85:8e:a7:ce:a1:56:34:49:95:c0:10:8e:06:20:
e1:77:3f:df:26:42:5e:94:92:81:df:9b:61:3b:dc:24:c6:76:
e1:bd:b9:7f:63:74:64:b0:31:5a:db:87:2f:4d:28:c4:1f:56:
bd:15:e1:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvHIeF7yCWrKf9sw+CjlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhkNzE3ZGQ4NmU4Mzc2MGVmM2VjNjg1NDg1OTUyZGM3YWRlNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99WGFPsCHtH1r2uSXJpik22VZb9B
Z8kJSOzOQA0PxR2tskoRVxI8sn77QimA8LC9WHWqRpytasnGfZylAao4mXPlmMAo
sTDKP/ZcBkUWNviDc7JpeP9yFjfxyjkGaNT+uAGJiKLgXqyBhU6AXfe6kmNa0s3l
DPsp6MQpq27jUV7g2taqPyJrdAALUzhiw8lxyr1k/E7kCyMukoxv0m/MahabHrtQ
MNbJPRgsWo72FqqI31mBdSjMUo8PXkgN1UD2MNFfn1+XlKzvuu3indiTwPHSz+fx
+1J1KJbKVs7hmKpF7AJxt8QGkNhcffYRHwClGk2LqEctZjnC96Q9JFnGWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+NcX3YboN2DvPsaFSFlS3Hred5MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvVDQxeGZkaHVnM1lPOC14b1ZJV1ZMY2V0NTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueHOMA0G
CSqGSIb3DQEBCwUAA4IBAQArFIl/fEbSzy2zTER0Bz0cW4XC2YTTT5nJenfeKLv2
KiJBsBa7+epdv1+Pj20fZs1NlEYHP/v+eDIiRQZFGg9VWRaBVqh8LdOveRYI+0Gd
mAU4crjwmX1dywOU8VSH58lWBZCmyFbS3f1bhGu+fzjAQhWD2nPdEJb4I24oPH+q
6iYOAQ8xxvL89ote+eZFs6GD6H9080E1GR3ChkcSg5zYxN6As5pTqmwE082zNgPY
Mz2zXD4HUZNOJwYoIAoQ1XX3rMqr6cokPe65hY6nzqFWNEmVwBCOBiDhdz/fJkJe
lJKB35thO9wkxnbhvbl/Y3RksDFa24cvTSjEH1a9FeFZ
-----END CERTIFICATE-----
Generated at Fri May 10 18:20:42 2024 by rpki-client on console-ams.rpki-client.org