Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/kXdwGJ-V6y7XWQlnUvpRfuvKrLg.roa
File: kXdwGJ-V6y7XWQlnUvpRfuvKrLg.roa (raw, json)
Hash identifier: eY8ea4rr5ZrLn8ytRL0HXOYXZPuywxKI+T96d88i1VI=
Subject key identifier: 91:77:70:18:9F:95:EB:2E:D7:59:09:67:52:FA:51:7E:EB:CA:AC:B8
Certificate issuer: /CN=975e5f48f53a8db9ca60fa8f1837d07f3191104f
Certificate serial: 0193ABF333B309FB05CA9C81AFC7C0B16FE4
Authority key identifier: 97:5E:5F:48:F5:3A:8D:B9:CA:60:FA:8F:18:37:D0:7F:31:91:10:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l15fSPU6jbnKYPqPGDfQfzGREE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/kXdwGJ-V6y7XWQlnUvpRfuvKrLg.roa
Signing time: Mon 09 Dec 2024 15:04:22 +0000
ROA not before: Mon 09 Dec 2024 15:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 185.162.148.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 10 Dec 2024 09:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:f3:33:b3:09:fb:05:ca:9c:81:af:c7:c0:b1:6f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=975e5f48f53a8db9ca60fa8f1837d07f3191104f
Validity
Not Before: Dec 9 15:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=917770189f95eb2ed759096752fa517eebcaacb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f5:34:38:28:af:85:0d:c5:d8:8c:09:bb:1d:
95:82:2c:e3:1a:2d:ca:3b:82:67:70:7c:24:fa:7d:
cb:d3:96:37:b5:38:ed:db:60:ec:a6:ce:dd:92:cc:
e8:f2:fd:4c:5a:a5:48:d1:ed:8e:70:09:f4:d5:e4:
b5:1a:bc:7d:14:d5:ba:01:70:df:bf:16:0b:7f:b8:
34:f1:fd:57:bf:d1:05:90:04:d7:e8:82:23:bd:d1:
0a:73:4f:4e:2f:2d:87:3b:f7:e7:e2:f4:ff:41:7c:
8e:4a:61:9e:5c:b5:c9:b9:c5:5f:88:79:52:a2:01:
99:e9:75:c1:06:d4:2f:51:5a:86:d5:dc:5b:6b:ef:
b1:c7:bc:00:9e:21:51:d7:8f:fa:fb:1b:73:8e:59:
93:1f:bb:22:3c:13:af:77:8b:a3:41:0f:71:70:a7:
1c:00:4d:8f:ab:08:20:d8:d4:9b:57:c4:28:51:0e:
de:91:52:8d:b6:49:4c:e4:85:37:d7:ff:33:28:a7:
f6:51:44:6d:a8:fd:82:df:fe:9b:a4:64:fd:e2:65:
36:0e:db:9f:46:ba:fc:01:00:25:64:a7:30:06:55:
d5:ee:e0:5b:40:85:2e:01:b0:f5:5e:78:17:e2:a2:
1e:76:d2:c0:fd:9b:86:da:fe:11:b1:a4:d4:ee:dc:
17:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:77:70:18:9F:95:EB:2E:D7:59:09:67:52:FA:51:7E:EB:CA:AC:B8
X509v3 Authority Key Identifier:
keyid:97:5E:5F:48:F5:3A:8D:B9:CA:60:FA:8F:18:37:D0:7F:31:91:10:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l15fSPU6jbnKYPqPGDfQfzGREE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/kXdwGJ-V6y7XWQlnUvpRfuvKrLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/l15fSPU6jbnKYPqPGDfQfzGREE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.148.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e7:95:65:27:7f:21:7f:a3:4c:5e:52:fe:b1:b2:2b:e3:4c:
2e:4e:0d:24:fb:5f:4d:27:5d:c5:b9:b8:64:13:a8:22:03:ae:
af:08:53:77:6d:db:1d:11:32:74:30:79:56:14:17:b2:ef:75:
70:aa:8f:54:bf:30:e4:6c:ca:dd:9d:45:8d:98:a3:3d:a2:b5:
4c:ff:92:3b:63:99:43:b2:f5:f9:02:db:5c:e0:b4:52:80:db:
92:4d:65:37:3e:10:03:d5:f1:cc:6b:48:5d:74:24:e8:ae:b8:
31:d5:b1:7c:74:ef:27:92:e8:fb:ba:de:8d:4c:66:86:1d:d1:
67:69:f6:bd:de:48:4c:7b:f2:98:ce:bf:83:2c:8a:7c:6f:b9:
79:60:6f:77:4e:9d:84:c0:39:df:48:7e:81:4d:d3:ec:9b:b5:
1e:ba:6e:e2:a4:87:ae:25:9e:41:88:70:96:87:c4:83:dd:6c:
f5:a2:aa:5c:98:f8:32:1f:84:cd:62:2f:48:b5:b4:70:cf:db:
49:37:77:4a:5f:42:48:66:4f:3f:83:18:dd:bc:71:57:c0:63:
df:b5:47:17:57:07:1b:01:bb:8a:6f:8a:36:f5:52:34:23:ce:
db:ce:03:12:76:bb:81:d5:7a:82:43:63:fe:be:4b:d8:98:e7:
13:b6:dc:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOr8zOzCfsFypyBr8fAsW/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NWU1ZjQ4ZjUzYThkYjljYTYwZmE4ZjE4MzdkMDdmMzE5
MTEwNGYwHhcNMjQxMjA5MTUwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc3NzAxODlmOTVlYjJlZDc1OTA5Njc1MmZhNTE3ZWViY2FhY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvU0OCivhQ3F2IwJux2VgizjGi3K
O4JncHwk+n3L05Y3tTjt22Dsps7dkszo8v1MWqVI0e2OcAn01eS1Grx9FNW6AXDf
vxYLf7g08f1Xv9EFkATX6IIjvdEKc09OLy2HO/fn4vT/QXyOSmGeXLXJucVfiHlS
ogGZ6XXBBtQvUVqG1dxba++xx7wAniFR14/6+xtzjlmTH7siPBOvd4ujQQ9xcKcc
AE2Pqwgg2NSbV8QoUQ7ekVKNtklM5IU31/8zKKf2UURtqP2C3/6bpGT94mU2Dtuf
Rrr8AQAlZKcwBlXV7uBbQIUuAbD1XngX4qIedtLA/ZuG2v4RsaTU7twXZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJF3cBiflesu11kJZ1L6UX7ryqy4MB8GA1UdIwQY
MBaAFJdeX0j1Oo25ymD6jxg30H8xkRBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDE1ZlNQVTZqYm5LWVBxUEdEZlFmekdSRUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lMGIxYjUtZWRlZi00YWViLTgzNmIt
NjNmNTAzNWYzNDQ2LzEva1hkd0dKLVY2eTdYV1FsblV2cFJmdXZLckxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lMGIxYjUtZWRlZi00YWViLTgzNmItNjNmNTAzNWYzNDQ2
LzEvbDE1ZlNQVTZqYm5LWVBxUEdEZlFmekdSRUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaKUMA0G
CSqGSIb3DQEBCwUAA4IBAQCR55VlJ38hf6NMXlL+sbIr40wuTg0k+19NJ13Fubhk
E6giA66vCFN3bdsdETJ0MHlWFBey73Vwqo9UvzDkbMrdnUWNmKM9orVM/5I7Y5lD
svX5Attc4LRSgNuSTWU3PhAD1fHMa0hddCTorrgx1bF8dO8nkuj7ut6NTGaGHdFn
afa93khMe/KYzr+DLIp8b7l5YG93Tp2EwDnfSH6BTdPsm7Ueum7ipIeuJZ5BiHCW
h8SD3Wz1oqpcmPgyH4TNYi9ItbRwz9tJN3dKX0JIZk8/gxjdvHFXwGPftUcXVwcb
AbuKb4o29VI0I87bzgMSdruB1XqCQ2P+vkvYmOcTttwW
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:35:43 2025 by rpki-client