Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/X4q-w2pHpEUXeVT4WRi8KVGNqmI.roa
File: X4q-w2pHpEUXeVT4WRi8KVGNqmI.roa (raw, json)
Hash identifier: aLkyrbvQgWng2m2jPHzX79z4EwVYT1xhoUFUBX1hDs0=
Subject key identifier: 5F:8A:BE:C3:6A:47:A4:45:17:79:54:F8:59:18:BC:29:51:8D:AA:62
Certificate issuer: /CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Certificate serial: 01943C35B083A5DE2A6C50F290E7BF21D158
Authority key identifier: 3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/X4q-w2pHpEUXeVT4WRi8KVGNqmI.roa
Signing time: Mon 06 Jan 2025 15:22:19 +0000
ROA not before: Mon 06 Jan 2025 15:22:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.117.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 07:39:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:35:b0:83:a5:de:2a:6c:50:f2:90:e7:bf:21:d1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Validity
Not Before: Jan 6 15:22:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f8abec36a47a445177954f85918bc29518daa62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:0a:43:15:8d:ac:3a:9d:45:5a:92:c7:16:
c2:44:d7:02:6a:df:17:07:29:49:28:cd:ff:8d:5f:
1e:ad:cc:27:be:8c:39:91:86:79:36:fb:01:89:f0:
ff:e0:92:92:5d:b8:de:bf:d6:e0:34:b6:f4:19:d4:
d2:a7:47:44:8a:5c:b6:90:6b:bd:8e:99:b8:d0:c3:
4e:a4:a5:46:b1:fa:68:26:33:3f:aa:41:ca:bd:90:
9a:c0:8b:77:5b:a5:c5:b3:9c:a8:10:39:5f:79:c2:
36:2a:3a:bd:cf:9e:86:63:8c:e6:60:d5:8d:bf:91:
ad:15:39:53:f2:84:a2:c4:f2:b4:80:63:61:7a:3b:
f2:8d:7d:b1:d4:0d:30:1c:86:6f:4c:ac:a8:8b:c9:
c3:96:e3:5a:e2:64:24:7d:67:17:fb:76:00:39:be:
88:d2:7b:19:bd:6b:22:10:8d:01:de:ad:ae:c0:ca:
c8:dd:ac:b7:5e:10:4b:31:90:78:de:66:86:25:5a:
6d:a9:95:68:2f:54:7a:cc:7d:3f:10:5d:9b:19:a0:
be:51:3e:f0:cb:af:91:c0:e9:2f:f4:eb:1b:98:4f:
30:75:4f:60:ad:a8:45:47:b9:92:7c:3a:e8:7e:13:
55:b3:32:ee:7c:c7:ea:38:31:b1:34:f0:60:8b:cb:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8A:BE:C3:6A:47:A4:45:17:79:54:F8:59:18:BC:29:51:8D:AA:62
X509v3 Authority Key Identifier:
keyid:3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/X4q-w2pHpEUXeVT4WRi8KVGNqmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.60.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4e:61:4e:fd:b1:6f:d6:93:9a:5e:2f:06:56:63:bf:91:5f:
24:09:20:0b:e1:c9:91:76:95:7a:48:bf:89:74:92:43:30:87:
30:41:92:5c:d0:52:aa:b5:f3:fd:b2:27:ea:e8:ac:f8:77:1a:
66:05:8d:d9:c9:71:6a:5a:61:fb:ba:a0:3f:8b:93:1c:8a:2e:
ca:e2:df:af:0f:ba:08:b6:7c:34:0d:59:ad:b8:4c:d7:c8:79:
d9:14:fe:6e:a8:05:e1:0b:50:aa:c1:f9:9a:d8:01:a2:17:e6:
7a:f0:1a:01:c2:18:89:00:ef:5a:4e:e8:4b:48:21:96:34:93:
8f:77:98:d1:d2:7d:3e:6d:fa:d3:d6:83:43:dc:de:d4:e6:c6:
bc:38:89:78:cf:f9:c6:46:37:95:5c:e2:8e:83:b3:88:12:0a:
c8:9f:05:94:57:6f:e6:e4:1a:39:f4:58:8e:b2:ee:82:4d:c7:
f3:2b:04:a6:fa:9f:63:b7:a5:57:b9:17:5a:92:2c:d0:c0:e0:
63:fd:9a:8a:f8:1e:d5:9b:cf:a3:b1:ac:30:3f:e7:13:ca:2b:
53:9b:1f:71:4e:bc:72:2e:a4:34:5d:e8:04:67:0e:40:c4:49:
97:da:37:3e:88:88:ec:b9:b4:c3:e1:31:54:28:40:4f:bf:bc:
15:0a:c6:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ8NbCDpd4qbFDykOe/IdFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOGZlMjQ2NTg0MzAzMWI3NzhiYjhkOGI3YmQzNWEwOTRm
Y2NmNDgwHhcNMjUwMTA2MTUyMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhhYmVjMzZhNDdhNDQ1MTc3OTU0Zjg1OTE4YmMyOTUxOGRhYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq8KQxWNrDqdRVqSxxbCRNcCat8X
BylJKM3/jV8ercwnvow5kYZ5NvsBifD/4JKSXbjev9bgNLb0GdTSp0dEily2kGu9
jpm40MNOpKVGsfpoJjM/qkHKvZCawIt3W6XFs5yoEDlfecI2Kjq9z56GY4zmYNWN
v5GtFTlT8oSixPK0gGNhejvyjX2x1A0wHIZvTKyoi8nDluNa4mQkfWcX+3YAOb6I
0nsZvWsiEI0B3q2uwMrI3ay3XhBLMZB43maGJVptqZVoL1R6zH0/EF2bGaC+UT7w
y6+RwOkv9OsbmE8wdU9grahFR7mSfDrofhNVszLufMfqODGxNPBgi8tSAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+KvsNqR6RFF3lU+FkYvClRjapiMB8GA1UdIwQY
MBaAFDuP4kZYQwMbd4u42Le9NaCU/M9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2Mt
N2MzNTAwNmUwN2ExLzEvWDRxLXcycEhwRVVYZVZUNFdSaThLVkdOcW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2MtN2MzNTAwNmUwN2Ex
LzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXU8MA0G
CSqGSIb3DQEBCwUAA4IBAQCITmFO/bFv1pOaXi8GVmO/kV8kCSAL4cmRdpV6SL+J
dJJDMIcwQZJc0FKqtfP9sifq6Kz4dxpmBY3ZyXFqWmH7uqA/i5Mcii7K4t+vD7oI
tnw0DVmtuEzXyHnZFP5uqAXhC1Cqwfma2AGiF+Z68BoBwhiJAO9aTuhLSCGWNJOP
d5jR0n0+bfrT1oND3N7U5sa8OIl4z/nGRjeVXOKOg7OIEgrInwWUV2/m5Bo59FiO
su6CTcfzKwSm+p9jt6VXuRdakizQwOBj/ZqK+B7Vm8+jsawwP+cTyitTmx9xTrxy
LqQ0XegEZw5AxEmX2jc+iIjsubTD4TFUKEBPv7wVCsZF
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:24:37 2025 by rpki-client