Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/xQ6aA0kwk1w-YewR4EN3EbYZfgU.roa
File: xQ6aA0kwk1w-YewR4EN3EbYZfgU.roa (raw, json)
Hash identifier: 5QdR9XnoCgalpVtzmnlsKhqqYX+IDXieTBv/GGr1W5k=
Subject key identifier: C5:0E:9A:03:49:30:93:5C:3E:61:EC:11:E0:43:77:11:B6:19:7E:05
Certificate issuer: /CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Certificate serial: 01856FDDCC59B6452E0F48E0209AE9A28F88
Authority key identifier: 70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/xQ6aA0kwk1w-YewR4EN3EbYZfgU.roa
Signing time: Mon 02 Jan 2023 00:24:44 +0000
ROA not before: Mon 02 Jan 2023 00:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60785
IP address blocks: 185.25.224.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:cc:59:b6:45:2e:0f:48:e0:20:9a:e9:a2:8f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Validity
Not Before: Jan 2 00:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c50e9a034930935c3e61ec11e0437711b6197e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e6:0b:b7:99:dd:ce:9f:38:2c:31:61:f7:62:
ef:07:ea:f2:89:97:a0:1e:c3:14:85:13:ea:3b:d5:
36:9a:2a:b6:31:d6:32:5c:1b:76:c2:d7:ff:29:ef:
a5:79:12:33:69:f0:ed:a0:cd:ce:33:62:8d:dd:31:
a3:e9:41:d8:04:c5:72:81:25:d4:c8:b9:62:b8:c7:
9c:d1:20:f4:9a:15:9b:21:fb:cb:3e:af:72:ee:cb:
11:38:1c:90:0a:a8:27:6c:6d:39:8c:e9:49:43:54:
ee:67:bd:c9:8d:76:a9:55:55:20:81:c6:b7:ec:3e:
e8:e7:3c:f2:29:ce:95:66:1f:80:74:45:50:67:ba:
a1:de:28:49:fe:a3:b1:d6:dd:93:2f:28:32:bd:9e:
d7:35:8c:72:3e:cf:e2:1c:de:79:c2:ea:d9:ce:74:
9f:44:21:f7:1a:1f:2b:42:4d:7e:6f:ca:75:05:30:
10:55:50:03:0f:87:0e:fa:64:aa:05:da:73:66:e2:
13:0d:5d:e5:b6:b8:88:b1:e4:2d:62:ac:17:99:b7:
44:63:c9:62:f0:3b:e1:a9:3f:2e:b9:a9:f1:35:7d:
88:f7:08:6f:7f:f6:72:be:9f:7e:2b:02:94:19:95:
eb:43:ad:63:9a:e9:73:c3:cf:8e:c6:65:35:3e:62:
cd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0E:9A:03:49:30:93:5C:3E:61:EC:11:E0:43:77:11:B6:19:7E:05
X509v3 Authority Key Identifier:
keyid:70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/xQ6aA0kwk1w-YewR4EN3EbYZfgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.224.0/22
Signature Algorithm: sha256WithRSAEncryption
40:4d:54:2a:a2:40:dd:e9:53:2c:c3:f6:55:89:71:97:10:01:
08:d5:e0:db:6f:d7:49:62:53:dc:d4:0d:a9:45:5a:7f:de:c6:
58:43:8e:39:00:d0:55:7b:69:63:95:f1:a6:98:6b:48:d9:7b:
fd:95:41:95:44:64:ae:f6:65:64:06:a5:37:08:cd:7d:e0:52:
f4:9a:dc:d5:6e:06:a8:10:52:27:86:f6:e9:9c:56:b2:56:7e:
b4:7c:b8:7d:86:22:c6:a7:0e:3f:10:a3:29:fa:bf:1c:e2:8e:
a2:7e:db:ae:01:5e:43:77:b1:37:3a:e7:18:e8:65:6a:9b:da:
40:82:37:a6:45:03:4a:14:3e:6f:70:dd:14:ca:34:3c:70:3a:
10:63:d9:c8:b0:8c:f6:91:37:b7:21:61:97:9d:42:13:f2:65:
14:3f:14:97:b3:8b:d5:a2:85:9e:a7:c5:bd:cd:20:67:61:31:
14:ae:41:ef:5c:96:b2:8f:3b:8b:28:dd:b7:66:b2:bb:12:19:
73:a1:c3:85:e4:3d:30:27:6d:84:fa:65:f2:67:30:0c:6f:dd:
4b:4b:63:3e:7c:e1:cd:48:c3:f9:f6:0a:f6:4f:87:5a:14:61:
64:6d:2e:f7:c4:c1:ec:2a:c6:97:08:e3:a6:ff:13:a0:f1:13:
6a:4e:d9:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv3cxZtkUuD0jgIJrpoo+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYTc2OTI5Y2JlMjFjZWRkOTRjMDEyYmE1OGJiMGI2ZjEy
OTcyMmUwHhcNMjMwMTAyMDAyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTBlOWEwMzQ5MzA5MzVjM2U2MWVjMTFlMDQzNzcxMWI2MTk3ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+YLt5ndzp84LDFh92LvB+ryiZeg
HsMUhRPqO9U2miq2MdYyXBt2wtf/Ke+leRIzafDtoM3OM2KN3TGj6UHYBMVygSXU
yLliuMec0SD0mhWbIfvLPq9y7ssROByQCqgnbG05jOlJQ1TuZ73JjXapVVUggca3
7D7o5zzyKc6VZh+AdEVQZ7qh3ihJ/qOx1t2TLygyvZ7XNYxyPs/iHN55wurZznSf
RCH3Gh8rQk1+b8p1BTAQVVADD4cO+mSqBdpzZuITDV3ltriIseQtYqwXmbdEY8li
8DvhqT8uuanxNX2I9whvf/Zyvp9+KwKUGZXrQ61jmulzw8+OxmU1PmLNOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUOmgNJMJNcPmHsEeBDdxG2GX4FMB8GA1UdIwQY
MBaAFHCnaSnL4hzt2UwBK6WLsLbxKXIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQt
YTQwOWUyMmEyNDNlLzEveFE2YUEwa3drMXctWWV3UjRFTjNFYllaZmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQtYTQwOWUyMmEyNDNl
LzEvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRngMA0G
CSqGSIb3DQEBCwUAA4IBAQBATVQqokDd6VMsw/ZViXGXEAEI1eDbb9dJYlPc1A2p
RVp/3sZYQ445ANBVe2ljlfGmmGtI2Xv9lUGVRGSu9mVkBqU3CM194FL0mtzVbgao
EFInhvbpnFayVn60fLh9hiLGpw4/EKMp+r8c4o6iftuuAV5Dd7E3OucY6GVqm9pA
gjemRQNKFD5vcN0UyjQ8cDoQY9nIsIz2kTe3IWGXnUIT8mUUPxSXs4vVooWep8W9
zSBnYTEUrkHvXJayjzuLKN23ZrK7EhlzocOF5D0wJ22E+mXyZzAMb91LS2M+fOHN
SMP59gr2T4daFGFkbS73xMHsKsaXCOOm/xOg8RNqTtnK
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:45 2024 by rpki-client on console-ams.rpki-client.org