Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/25On_b_xipjmDdQaUrcHeqY2qrA.roa
File: 25On_b_xipjmDdQaUrcHeqY2qrA.roa (raw, json)
Hash identifier: WINvsRYBKq7QMqg4YckhlinpSWkIaKCxo9OI37bTLAY=
Subject key identifier: DB:93:A7:FD:BF:F1:8A:98:E6:0D:D4:1A:52:B7:07:7A:A6:36:AA:B0
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 01889789D252F0A65AE37C2CD11EC2D473A3
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/25On_b_xipjmDdQaUrcHeqY2qrA.roa
Signing time: Wed 07 Jun 2023 20:26:11 +0000
ROA not before: Wed 07 Jun 2023 20:26:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201691
IP address blocks: 185.88.178.0/24 maxlen: 24
185.88.176.0/24 maxlen: 24
185.88.179.0/24 maxlen: 24
185.88.177.0/24 maxlen: 24
2a05:cd01::/32 maxlen: 32
2a05:cd00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:97:89:d2:52:f0:a6:5a:e3:7c:2c:d1:1e:c2:d4:73:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Jun 7 20:26:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db93a7fdbff18a98e60dd41a52b7077aa636aab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:dd:75:49:07:b7:3a:39:75:37:49:74:7a:12:
5b:c1:8a:91:ae:63:28:5d:0a:2f:cf:bf:60:c2:71:
0d:e6:81:2f:84:2a:d4:11:c6:4e:24:d0:3c:20:eb:
ea:9d:51:40:ea:a1:85:38:d4:8e:26:e2:c6:d6:da:
a7:dc:1a:6b:8c:5f:70:aa:aa:b0:ea:ca:64:7f:4c:
1d:89:d0:19:d5:a2:71:ef:2e:eb:bc:ea:7f:53:31:
8e:e5:2b:62:76:21:bb:9a:94:e6:1b:74:24:96:83:
09:a0:bb:74:fa:b4:2d:9b:35:8c:9d:20:a1:a8:22:
cd:8e:b3:cc:76:42:1b:97:92:cd:a3:c2:24:cb:de:
61:08:0b:84:88:56:b1:ea:d8:64:eb:e6:56:13:5d:
5c:f0:d8:6d:46:c6:fa:c2:62:27:20:4b:9b:bf:d8:
2a:61:a6:0a:2f:79:12:b9:57:a4:75:6a:26:bc:dc:
18:0e:c8:c4:f0:6b:f3:d7:3e:b7:9a:53:2d:5b:7f:
b4:ab:b4:d9:5b:1c:67:65:ae:ec:0c:47:40:15:46:
a0:1b:6c:fe:0f:36:f3:13:06:4d:28:71:6a:3f:eb:
50:08:9c:7a:53:10:ad:53:95:a4:c5:37:33:70:f3:
39:dc:e8:ad:43:f6:4c:69:16:e8:3a:ae:43:c8:bd:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:93:A7:FD:BF:F1:8A:98:E6:0D:D4:1A:52:B7:07:7A:A6:36:AA:B0
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/25On_b_xipjmDdQaUrcHeqY2qrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.176.0/22
IPv6:
2a05:cd00::/31
Signature Algorithm: sha256WithRSAEncryption
06:c8:92:e0:9e:71:c7:f4:a6:82:a3:45:ff:e4:76:27:56:c3:
28:88:9d:3c:de:db:56:f0:05:43:36:e7:5f:18:fa:8a:4b:4b:
80:b9:8e:fb:db:24:bb:7d:bb:b4:32:60:ae:fd:de:ea:2e:ea:
c7:50:e4:40:54:23:43:0a:18:09:92:fa:4e:ba:1d:6b:cc:6e:
9e:59:0f:66:f6:e4:f6:e6:fb:2a:0e:10:01:96:5d:42:9b:10:
35:45:b8:7d:fd:e6:f9:be:2a:c5:22:b7:99:ba:37:bb:17:cf:
68:0c:0d:2a:ce:5f:3d:a0:8e:8e:16:a5:92:1d:51:f6:65:30:
56:42:d8:2d:be:05:6d:1f:ae:da:bf:de:a6:89:4c:f0:31:19:
89:b4:e6:39:92:aa:17:31:29:60:60:9d:87:86:f6:25:8c:d0:
f8:60:bc:78:49:2d:c6:ee:e2:1e:8a:f9:5d:ea:be:e9:b7:25:
40:de:b9:15:fb:4d:a5:f2:29:0c:14:75:17:77:11:bf:5d:dd:
cb:87:a4:5d:03:fe:44:a2:b3:6a:f3:5c:bd:fe:6d:cf:df:94:
8b:b5:8e:09:04:87:0d:b7:1e:a2:b3:24:ac:d8:dd:68:16:26:
e7:41:c4:7d:5f:e3:03:8d:e1:7e:fc:69:1b:03:3a:43:d1:16:
31:ed:4c:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiXidJS8KZa43ws0R7C1HOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjMwNjA3MjAyNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkzYTdmZGJmZjE4YTk4ZTYwZGQ0MWE1MmI3MDc3YWE2MzZhYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit11SQe3Ojl1N0l0ehJbwYqRrmMo
XQovz79gwnEN5oEvhCrUEcZOJNA8IOvqnVFA6qGFONSOJuLG1tqn3BprjF9wqqqw
6spkf0wdidAZ1aJx7y7rvOp/UzGO5StidiG7mpTmG3QkloMJoLt0+rQtmzWMnSCh
qCLNjrPMdkIbl5LNo8Iky95hCAuEiFax6thk6+ZWE11c8NhtRsb6wmInIEubv9gq
YaYKL3kSuVekdWomvNwYDsjE8Gvz1z63mlMtW3+0q7TZWxxnZa7sDEdAFUagG2z+
DzbzEwZNKHFqP+tQCJx6UxCtU5WkxTczcPM53OitQ/ZMaRboOq5DyL0RKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNuTp/2/8YqY5g3UGlK3B3qmNqqwMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEvMjVPbl9iX3hpcGptRGRRYVVyY0hlcVkycXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuViwMA0E
AgACMAcDBQEqBc0AMA0GCSqGSIb3DQEBCwUAA4IBAQAGyJLgnnHH9KaCo0X/5HYn
VsMoiJ083ttW8AVDNudfGPqKS0uAuY772yS7fbu0MmCu/d7qLurHUORAVCNDChgJ
kvpOuh1rzG6eWQ9m9uT25vsqDhABll1CmxA1Rbh9/eb5virFIreZuje7F89oDA0q
zl89oI6OFqWSHVH2ZTBWQtgtvgVtH67av96miUzwMRmJtOY5kqoXMSlgYJ2HhvYl
jND4YLx4SS3G7uIeivld6r7ptyVA3rkV+02l8ikMFHUXdxG/Xd3Lh6RdA/5EorNq
81y9/m3P35SLtY4JBIcNtx6isySs2N1oFibnQcR9X+MDjeF+/GkbAzpD0RYx7Uwt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:13 2024 by rpki-client on console-ams.rpki-client.org