Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/25e76a-d140-4e0b-88e4-ef219381f10e/1/xYII3_Xwe3VkGwezYcRItCytkJI.roa
File: xYII3_Xwe3VkGwezYcRItCytkJI.roa (raw, json)
Hash identifier: yURD6FHf54AZRGlqMfKDx7lwlq8QINn6M/xo4TmADBI=
Subject key identifier: C5:82:08:DF:F5:F0:7B:75:64:1B:07:B3:61:C4:48:B4:2C:AD:90:92
Certificate issuer: /CN=7be907dd202152cf1902bedbecb19a2d72ac0859
Certificate serial: 018CCA29499945A07E86412FF11C3EA358E2
Authority key identifier: 7B:E9:07:DD:20:21:52:CF:19:02:BE:DB:EC:B1:9A:2D:72:AC:08:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-kH3SAhUs8ZAr7b7LGaLXKsCFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/25e76a-d140-4e0b-88e4-ef219381f10e/1/xYII3_Xwe3VkGwezYcRItCytkJI.roa
Signing time: Tue 02 Jan 2024 12:32:32 +0000
ROA not before: Tue 02 Jan 2024 12:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43028
IP address blocks: 94.140.104.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:49:99:45:a0:7e:86:41:2f:f1:1c:3e:a3:58:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7be907dd202152cf1902bedbecb19a2d72ac0859
Validity
Not Before: Jan 2 12:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c58208dff5f07b75641b07b361c448b42cad9092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:87:af:7d:9a:7c:c8:e6:9b:30:bf:04:63:
70:b7:a8:c7:bf:25:73:dd:83:1e:11:9b:79:f0:4b:
bc:1c:0a:ec:d1:02:11:c4:af:8f:50:cb:18:fe:5d:
9e:44:63:bb:9b:5b:ec:63:34:a7:8e:05:f0:a4:a0:
c1:6e:c5:14:43:33:28:b4:e8:bd:57:15:eb:58:03:
d8:b4:53:06:46:2b:1b:0a:08:87:69:0f:cc:14:08:
14:fe:07:72:f3:f4:da:8d:03:d1:ef:50:ea:07:cc:
42:3d:a6:31:cc:30:a2:8d:c0:c0:1e:44:b0:3f:3d:
45:db:30:11:a1:e7:4c:f6:10:d7:6b:d0:8a:6b:ef:
ca:f0:a7:b4:c2:52:73:c2:ce:3d:e7:f9:19:cc:d1:
73:ec:51:f9:e1:79:70:ab:10:37:9a:1b:67:5a:4e:
ef:80:09:e7:f5:13:fc:13:03:a6:6b:c0:9f:3c:51:
4f:44:a4:29:bd:39:5e:01:ce:bc:d7:fe:ee:4c:42:
a6:1c:5d:85:e6:9b:56:42:da:22:98:ce:5b:60:68:
1f:08:93:f3:c4:b4:41:ca:85:66:f8:83:a8:fe:f3:
2a:fd:91:7e:ba:9f:ca:20:8e:33:1d:95:9c:d3:7b:
f6:3a:4b:04:6e:20:3b:71:4c:de:54:8e:b6:43:00:
1b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:82:08:DF:F5:F0:7B:75:64:1B:07:B3:61:C4:48:B4:2C:AD:90:92
X509v3 Authority Key Identifier:
keyid:7B:E9:07:DD:20:21:52:CF:19:02:BE:DB:EC:B1:9A:2D:72:AC:08:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-kH3SAhUs8ZAr7b7LGaLXKsCFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/25e76a-d140-4e0b-88e4-ef219381f10e/1/xYII3_Xwe3VkGwezYcRItCytkJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/25e76a-d140-4e0b-88e4-ef219381f10e/1/e-kH3SAhUs8ZAr7b7LGaLXKsCFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.140.104.0/23
Signature Algorithm: sha256WithRSAEncryption
02:1b:93:0a:a6:6d:70:39:39:eb:da:d7:cd:b9:66:c2:07:13:
4f:1e:3c:7a:ec:2b:2e:c9:a5:b3:92:83:37:c8:b5:59:d5:74:
74:16:1c:fb:1a:9c:d9:82:77:13:2a:51:0f:f1:ff:6b:4c:d0:
61:96:1f:2e:27:bf:54:26:82:7a:9d:5a:3d:ed:9d:c3:e3:a7:
22:a6:16:1f:73:05:4c:1a:7a:42:1d:f3:05:8a:79:7f:6d:1e:
2a:fd:f7:83:e4:61:7d:53:18:92:6a:b1:f9:4d:05:a2:8f:cb:
67:d0:d3:23:6d:ba:34:57:a1:bb:17:18:d7:c3:a0:16:fb:0e:
e1:0b:9c:80:a2:9c:f9:34:fe:bd:ac:84:ae:2f:9f:9b:8d:c5:
6a:66:a6:80:6c:37:7c:b4:b1:2a:59:53:7c:e1:b6:57:d3:ea:
aa:63:d1:9b:70:a9:2f:23:65:64:67:dc:c6:1e:ba:8c:74:80:
3f:84:3d:d0:7e:7e:31:d6:b2:0d:6f:4f:0c:c5:27:10:d1:80:
33:dc:65:54:32:f0:b3:e8:d4:7d:4c:e3:aa:bd:d9:34:c7:53:
fc:b5:19:be:b9:a7:bc:f0:d9:de:07:67:37:a7:c2:45:11:23:
64:2c:04:a3:84:1f:d1:60:7c:92:64:fc:b7:5a:24:ca:bf:d3:
ec:15:73:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKUmZRaB+hkEv8Rw+o1jiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZTkwN2RkMjAyMTUyY2YxOTAyYmVkYmVjYjE5YTJkNzJh
YzA4NTkwHhcNMjQwMTAyMTIzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTgyMDhkZmY1ZjA3Yjc1NjQxYjA3YjM2MWM0NDhiNDJjYWQ5MDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+eHr32afMjmmzC/BGNwt6jHvyVz
3YMeEZt58Eu8HArs0QIRxK+PUMsY/l2eRGO7m1vsYzSnjgXwpKDBbsUUQzMotOi9
VxXrWAPYtFMGRisbCgiHaQ/MFAgU/gdy8/TajQPR71DqB8xCPaYxzDCijcDAHkSw
Pz1F2zARoedM9hDXa9CKa+/K8Ke0wlJzws495/kZzNFz7FH54XlwqxA3mhtnWk7v
gAnn9RP8EwOma8CfPFFPRKQpvTleAc681/7uTEKmHF2F5ptWQtoimM5bYGgfCJPz
xLRByoVm+IOo/vMq/ZF+up/KII4zHZWc03v2OksEbiA7cUzeVI62QwAbVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWCCN/18Ht1ZBsHs2HESLQsrZCSMB8GA1UdIwQY
MBaAFHvpB90gIVLPGQK+2+yxmi1yrAhZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS1rSDNTQWhVczhaQXI3YjdMR2FMWEtzQ0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yNWU3NmEtZDE0MC00ZTBiLTg4ZTQt
ZWYyMTkzODFmMTBlLzEveFlJSTNfWHdlM1ZrR3dlelljUkl0Q3l0a0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yNWU3NmEtZDE0MC00ZTBiLTg4ZTQtZWYyMTkzODFmMTBl
LzEvZS1rSDNTQWhVczhaQXI3YjdMR2FMWEtzQ0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXoxoMA0G
CSqGSIb3DQEBCwUAA4IBAQACG5MKpm1wOTnr2tfNuWbCBxNPHjx67CsuyaWzkoM3
yLVZ1XR0Fhz7GpzZgncTKlEP8f9rTNBhlh8uJ79UJoJ6nVo97Z3D46ciphYfcwVM
GnpCHfMFinl/bR4q/feD5GF9UxiSarH5TQWij8tn0NMjbbo0V6G7FxjXw6AW+w7h
C5yAopz5NP69rISuL5+bjcVqZqaAbDd8tLEqWVN84bZX0+qqY9GbcKkvI2VkZ9zG
HrqMdIA/hD3Qfn4x1rINb08MxScQ0YAz3GVUMvCz6NR9TOOqvdk0x1P8tRm+uae8
8NneB2c3p8JFESNkLASjhB/RYHySZPy3WiTKv9PsFXOa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:28 2025 by rpki-client