Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/RxKiubCIZMzdaBZt5vERjOoyA4E.roa
File: RxKiubCIZMzdaBZt5vERjOoyA4E.roa (raw, json)
Hash identifier: d4JpJXeazamCIXadQxp5wIhIxyZIqrlaZBt83W9Cf44=
Subject key identifier: 47:12:A2:B9:B0:88:64:CC:DD:68:16:6D:E6:F1:11:8C:EA:32:03:81
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192C01900CFB431146F49386EDE24343858
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/RxKiubCIZMzdaBZt5vERjOoyA4E.roa
Signing time: Thu 24 Oct 2024 19:55:16 +0000
ROA not before: Thu 24 Oct 2024 19:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205059
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 20:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c0:19:00:cf:b4:31:14:6f:49:38:6e:de:24:34:38:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 19:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4712a2b9b08864ccdd68166de6f1118cea320381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:57:cd:7d:47:39:0f:90:4f:da:52:68:c0:
43:37:f5:80:d6:9b:f3:62:0b:25:29:f7:2b:b0:5e:
7d:dc:60:3e:ef:e7:75:14:d0:53:3a:e9:f9:21:1d:
70:b7:2e:c3:9d:7d:6c:bc:c6:d2:f8:90:ec:ff:ff:
39:ee:75:3c:5f:01:a3:56:a7:93:73:7d:ab:58:15:
1e:3b:28:9a:1b:e0:27:07:0f:be:ce:67:de:1d:75:
71:28:ed:6e:a8:69:8a:3d:8f:82:5b:43:72:40:19:
1a:36:74:06:3e:bc:df:72:83:15:55:58:7d:c3:8a:
9b:a3:19:7c:4f:d9:e6:1c:34:77:a4:b0:da:ff:37:
63:f2:13:81:cc:b0:44:92:5e:88:e3:81:fa:45:fa:
fa:4a:70:58:46:8a:8b:04:b2:bd:33:03:f5:b0:55:
28:71:75:2b:11:c1:32:95:07:26:3e:0e:44:cb:d4:
82:30:3a:b5:05:ec:fd:8e:36:8b:d0:0c:d1:93:93:
de:36:e8:cc:29:1a:d5:b4:2b:2c:28:a5:54:b7:1d:
e5:49:4b:7a:4c:af:57:6b:38:97:e6:fb:db:06:dd:
39:43:80:63:0b:27:a7:53:09:d9:6a:25:2e:36:57:
f8:c4:97:62:4b:19:2f:86:d9:14:df:79:1a:97:79:
4a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:12:A2:B9:B0:88:64:CC:DD:68:16:6D:E6:F1:11:8C:EA:32:03:81
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/RxKiubCIZMzdaBZt5vERjOoyA4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/23
IPv6:
2a0f:aac0::/47
Signature Algorithm: sha256WithRSAEncryption
78:6c:53:5e:cf:4a:81:6d:d2:70:8f:2d:97:55:67:bf:a9:c1:
5a:11:d0:a8:9e:4c:02:11:0b:9f:13:03:0c:24:75:97:74:1d:
72:e6:bf:a7:2b:75:de:24:7b:87:2b:a4:29:2f:de:58:27:a5:
92:40:cc:ec:13:2c:b6:28:6d:8f:df:72:62:aa:df:a1:cb:43:
d2:c4:26:4b:09:16:89:43:a3:a5:65:59:30:09:ce:6d:31:49:
60:e3:19:e5:18:dc:a7:b5:42:8a:73:15:1a:c2:00:62:c1:7d:
19:c2:66:88:13:3a:84:ea:79:c7:66:85:59:e2:80:fe:2b:18:
40:c1:1d:38:06:21:c1:9f:93:4a:18:8f:c0:e3:9d:db:2e:9d:
3d:15:e0:64:56:8f:da:f5:97:c7:98:bd:63:27:49:bf:90:79:
21:76:e4:8e:cf:dd:15:c8:3f:ff:3c:84:b7:c9:2c:8d:45:f0:
75:5c:cf:31:f7:e0:0c:45:c9:09:38:3d:e1:ae:c1:ee:9d:8f:
98:44:02:8f:d1:1f:f0:87:89:12:4f:28:7d:72:55:8b:20:5c:
e6:8e:74:99:cb:2d:38:5f:5a:89:a3:fa:e3:13:7d:29:39:9f:
bb:05:5a:08:f6:33:a0:e4:f5:91:be:2e:a0:06:c3:5e:cb:0d:
35:d2:26:c3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZLAGQDPtDEUb0k4bt4kNDhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MTk1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzEyYTJiOWIwODg2NGNjZGQ2ODE2NmRlNmYxMTE4Y2VhMzIwMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQNXzX1HOQ+QT9pSaMBDN/WA1pvz
YgslKfcrsF593GA+7+d1FNBTOun5IR1wty7DnX1svMbS+JDs//857nU8XwGjVqeT
c32rWBUeOyiaG+AnBw++zmfeHXVxKO1uqGmKPY+CW0NyQBkaNnQGPrzfcoMVVVh9
w4qboxl8T9nmHDR3pLDa/zdj8hOBzLBEkl6I44H6Rfr6SnBYRoqLBLK9MwP1sFUo
cXUrEcEylQcmPg5Ey9SCMDq1Bez9jjaL0AzRk5PeNujMKRrVtCssKKVUtx3lSUt6
TK9XaziX5vvbBt05Q4BjCyenUwnZaiUuNlf4xJdiSxkvhtkU33kal3lKtwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEcSormwiGTM3WgWbebxEYzqMgOBMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvUnhLaXViQ0laTXpkYUJadDV2RVJqT295QTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuYEQAwQB
uedsMA8EAgACMAkDBwEqD6rAAAAwDQYJKoZIhvcNAQELBQADggEBAHhsU17PSoFt
0nCPLZdVZ7+pwVoR0KieTAIRC58TAwwkdZd0HXLmv6crdd4ke4crpCkv3lgnpZJA
zOwTLLYobY/fcmKq36HLQ9LEJksJFolDo6VlWTAJzm0xSWDjGeUY3Ke1QopzFRrC
AGLBfRnCZogTOoTqecdmhVnigP4rGEDBHTgGIcGfk0oYj8DjndsunT0V4GRWj9r1
l8eYvWMnSb+QeSF25I7P3RXIP/88hLfJLI1F8HVczzH34AxFyQk4PeGuwe6dj5hE
Ao/RH/CHiRJPKH1yVYsgXOaOdJnLLThfWomj+uMTfSk5n7sFWgj2M6Dk9ZG+LqAG
w17LDTXSJsM=
-----END CERTIFICATE-----
Generated at Thu Oct 24 23:48:13 2024 by rpki-client on console-ams.rpki-client.org