Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/xnBnDVwS_oZc3tlPUiSBG8K1CFw.roa
File: xnBnDVwS_oZc3tlPUiSBG8K1CFw.roa (raw, json)
Hash identifier: p+qiDwo6SZ0sAXsSikBqz/cd+zYR8skYqznE063CRVQ=
Subject key identifier: C6:70:67:0D:5C:12:FE:86:5C:DE:D9:4F:52:24:81:1B:C2:B5:08:5C
Certificate issuer: /CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Certificate serial: 019122114C3C71872E5B73F88A0BF04CE014
Authority key identifier: 3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/xnBnDVwS_oZc3tlPUiSBG8K1CFw.roa
Signing time: Mon 05 Aug 2024 10:24:04 +0000
ROA not before: Mon 05 Aug 2024 10:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39257
IP address blocks: 185.146.48.0/22 maxlen: 22
185.191.216.0/22 maxlen: 22
185.221.148.0/22 maxlen: 22
2a0a:2040::/29 maxlen: 29
2a0c:2000::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 Aug 2024 12:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:11:4c:3c:71:87:2e:5b:73:f8:8a:0b:f0:4c:e0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Validity
Not Before: Aug 5 10:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c670670d5c12fe865cded94f5224811bc2b5085c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7e:5b:86:9b:21:b5:31:2f:d4:60:67:67:28:
b0:09:01:e8:87:3d:18:68:8e:e2:eb:7f:27:4e:a7:
9f:89:7e:12:98:25:d0:c8:a3:86:05:66:fe:73:23:
99:23:33:89:6b:5d:a1:d8:3c:c2:12:7d:ed:aa:66:
13:d2:93:78:82:ea:d7:33:48:25:cd:a6:c8:b3:f4:
94:d1:80:ed:91:f7:83:2a:c4:e2:d2:c7:a4:37:c2:
20:a3:da:76:60:fb:6c:dd:e3:a6:30:7a:6e:2a:81:
b1:a7:bc:51:54:f5:e1:bd:ad:07:6a:df:ec:1d:90:
04:f3:30:15:e3:d5:cc:aa:7b:b7:4c:35:da:6f:09:
39:27:f1:5c:f9:0a:1a:7a:82:02:c9:75:6a:7f:44:
b4:16:d9:42:a5:46:73:77:bf:1f:42:d8:cc:fe:a7:
81:6a:1a:75:24:50:e5:3a:9d:b6:5d:55:94:72:aa:
a8:83:51:90:09:5a:fa:77:ed:13:a5:8e:ff:97:49:
20:5a:51:2d:df:39:a5:8d:83:7f:8c:ea:dc:87:93:
7e:12:61:f0:41:68:fd:98:5b:d9:ff:a7:c0:23:f2:
65:bb:35:bf:c9:50:38:26:a0:ff:07:4c:65:61:9e:
60:2c:f3:8d:51:e9:72:8f:6c:79:61:c4:13:e5:29:
9c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:70:67:0D:5C:12:FE:86:5C:DE:D9:4F:52:24:81:1B:C2:B5:08:5C
X509v3 Authority Key Identifier:
keyid:3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/xnBnDVwS_oZc3tlPUiSBG8K1CFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.48.0/22
185.191.216.0/22
185.221.148.0/22
IPv6:
2a0a:2040::/29
2a0c:2000::/29
Signature Algorithm: sha256WithRSAEncryption
96:2a:50:da:11:f5:e2:f9:87:1f:60:51:bd:e0:05:2d:cb:f1:
61:8e:94:29:27:6d:4b:22:1a:1c:c8:41:dd:2e:83:63:40:d5:
b6:8d:dd:68:9e:06:cb:be:0f:85:db:ea:13:a7:26:cd:a6:4a:
c9:0a:eb:6e:26:20:8e:cf:51:4b:11:b8:8d:0a:a9:90:bf:71:
0b:45:9b:a0:3b:80:86:97:e8:f4:c8:21:4e:8d:5a:c8:24:40:
42:c4:ce:ae:9d:df:55:21:99:9b:27:44:55:41:8b:b2:a4:a5:
ac:c6:3f:11:9f:9b:94:30:7e:9a:c4:83:0c:18:49:47:26:be:
41:5e:36:0e:de:e3:0d:87:d8:ae:cf:d4:99:a7:cf:46:87:84:
e4:ee:60:85:f3:8f:f3:43:6d:a2:d0:ec:bc:91:40:23:31:42:
26:ff:6e:f4:0a:9a:d4:8c:c0:53:47:41:fd:97:52:d0:2d:d7:
af:96:fe:15:3e:e7:58:ed:8a:2f:d9:e3:c9:2c:49:ef:4e:18:
2a:84:9b:3d:46:d1:08:98:81:ff:54:e0:a2:e8:72:07:52:83:
53:e4:3a:02:58:75:0e:0e:1d:3a:42:a6:61:fc:d2:7c:03:4d:
58:6b:46:a7:a2:29:3e:37:7d:7b:71:c1:cf:70:4b:ef:70:d8:
b1:55:ea:d8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZEiEUw8cYcuW3P4igvwTOAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODdmZWI0YWI5YTU3NzY1ZmMwYTY2NDU3MmMzNTAzMmU4
NjZhZDQwHhcNMjQwODA1MTAyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjcwNjcwZDVjMTJmZTg2NWNkZWQ5NGY1MjI0ODExYmMyYjUwODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8H5bhpshtTEv1GBnZyiwCQHohz0Y
aI7i638nTqefiX4SmCXQyKOGBWb+cyOZIzOJa12h2DzCEn3tqmYT0pN4gurXM0gl
zabIs/SU0YDtkfeDKsTi0sekN8Igo9p2YPts3eOmMHpuKoGxp7xRVPXhva0Hat/s
HZAE8zAV49XMqnu3TDXabwk5J/Fc+QoaeoICyXVqf0S0FtlCpUZzd78fQtjM/qeB
ahp1JFDlOp22XVWUcqqog1GQCVr6d+0TpY7/l0kgWlEt3zmljYN/jOrch5N+EmHw
QWj9mFvZ/6fAI/JluzW/yVA4JqD/B0xlYZ5gLPONUelyj2x5YcQT5SmcuQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMZwZw1cEv6GXN7ZT1IkgRvCtQhcMB8GA1UdIwQY
MBaAFDyH/rSrmld2X8CmZFcsNQMuhmrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQt
NDhmYjAwZmM5N2I2LzEveG5CbkRWd1Nfb1pjM3RsUFVpU0JHOEsxQ0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQtNDhmYjAwZmM5N2I2
LzEvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuZIwAwQC
ub/YAwQCud2UMBQEAgACMA4DBQMqCiBAAwUDKgwgADANBgkqhkiG9w0BAQsFAAOC
AQEAlipQ2hH14vmHH2BRveAFLcvxYY6UKSdtSyIaHMhB3S6DY0DVto3daJ4Gy74P
hdvqE6cmzaZKyQrrbiYgjs9RSxG4jQqpkL9xC0WboDuAhpfo9MghTo1ayCRAQsTO
rp3fVSGZmydEVUGLsqSlrMY/EZ+blDB+msSDDBhJRya+QV42Dt7jDYfYrs/UmafP
RoeE5O5ghfOP80NtotDsvJFAIzFCJv9u9Aqa1IzAU0dB/ZdS0C3Xr5b+FT7nWO2K
L9njySxJ704YKoSbPUbRCJiB/1TgouhyB1KDU+Q6Alh1Dg4dOkKmYfzSfANNWGtG
p6IpPjd9e3HBz3BL73DYsVXq2A==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:23 2025 by rpki-client