Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/XJqfq6K2uImNrjb01RXEWdEzY6M.roa
File: XJqfq6K2uImNrjb01RXEWdEzY6M.roa (raw, json)
Hash identifier: tLoXx1mR5J/wVIejesG05ZSmpwCcbskWxtWX7P+5AL8=
Subject key identifier: 5C:9A:9F:AB:A2:B6:B8:89:8D:AE:36:F4:D5:15:C4:59:D1:33:63:A3
Certificate issuer: /CN=ad2cdf27d9de65eb24e5cfc9d310e4c8a0301460
Certificate serial: 018CC94E61161E44A90CEF835CDB3AEAF354
Authority key identifier: AD:2C:DF:27:D9:DE:65:EB:24:E5:CF:C9:D3:10:E4:C8:A0:30:14:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzfJ9neZesk5c_J0xDkyKAwFGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/XJqfq6K2uImNrjb01RXEWdEzY6M.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202526
IP address blocks: 185.161.152.0/22 maxlen: 22
2a07:c5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:61:16:1e:44:a9:0c:ef:83:5c:db:3a:ea:f3:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cdf27d9de65eb24e5cfc9d310e4c8a0301460
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c9a9faba2b6b8898dae36f4d515c459d13363a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:54:dc:49:3f:86:34:37:fa:4f:d2:13:f3:8b:
8c:4d:0c:da:26:63:2e:0f:49:5f:c8:90:27:36:e9:
96:b1:65:1b:76:fe:db:fe:32:ec:68:16:6b:03:7f:
b3:45:15:45:f4:e5:8e:d6:a8:dc:16:13:cf:42:a2:
94:00:76:cd:77:8a:81:01:89:a5:b4:9d:ee:ab:86:
87:e0:e6:2c:f4:b0:8e:5e:24:65:f2:1f:5c:44:3e:
05:3a:ec:d1:06:96:a4:1e:3b:e0:27:bb:d0:a2:0f:
79:51:f0:ce:c3:08:df:35:45:7f:58:85:d3:96:cf:
29:3a:77:bb:61:73:87:eb:79:43:79:2b:97:96:25:
b2:11:65:a3:53:8b:26:06:0e:34:2e:23:6c:63:94:
ac:7b:4b:9e:a3:d4:5e:72:1a:5b:99:3c:dd:e8:81:
c5:cf:60:fb:02:bd:39:da:d3:57:cc:c3:a7:16:e4:
b6:f5:f4:32:94:78:a8:66:07:8c:3f:cb:81:55:e3:
a7:6f:34:1a:b3:bb:93:3f:97:64:c9:86:6d:1e:6d:
13:31:71:ec:86:a7:91:db:1a:1a:ac:c6:2b:d8:b5:
d5:65:b2:78:e0:ee:ce:55:83:09:c3:d7:2c:68:7c:
4c:3f:16:7a:c7:e5:d3:28:03:1c:98:c3:d9:15:0b:
55:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9A:9F:AB:A2:B6:B8:89:8D:AE:36:F4:D5:15:C4:59:D1:33:63:A3
X509v3 Authority Key Identifier:
keyid:AD:2C:DF:27:D9:DE:65:EB:24:E5:CF:C9:D3:10:E4:C8:A0:30:14:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzfJ9neZesk5c_J0xDkyKAwFGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/XJqfq6K2uImNrjb01RXEWdEzY6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/rSzfJ9neZesk5c_J0xDkyKAwFGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.152.0/22
IPv6:
2a07:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:d4:42:6f:83:bf:d9:b5:a5:a7:62:00:3f:25:2f:7f:2c:a9:
11:ee:d5:ff:76:2f:db:08:7a:65:51:3f:7d:38:26:94:7f:73:
02:46:39:bb:69:0e:61:78:65:25:8c:37:ec:b6:dd:ab:f9:6a:
49:b5:a1:d6:7a:76:c9:10:2a:a5:34:40:0e:1a:70:ba:23:a7:
22:db:06:ca:88:a0:93:a2:76:a1:e2:03:41:6b:53:53:24:1c:
14:25:a4:2a:49:db:cc:f7:e7:71:2f:f5:6d:72:ae:97:26:73:
a3:6e:a0:d2:9a:fc:25:3b:d1:a0:93:79:31:22:23:08:d2:bd:
21:f3:3c:84:9a:29:3d:4a:44:d4:d8:79:97:93:ff:26:e5:9c:
e5:43:56:64:ac:c2:77:bc:6a:c1:02:65:91:14:b9:40:61:5b:
4e:8c:71:e4:79:22:8d:bf:45:74:8b:92:ae:99:e8:d8:eb:15:
36:fa:5b:74:99:19:e6:b7:bf:02:54:a2:ff:0e:6e:22:87:4c:
7e:6e:4f:b5:d9:cf:ff:a2:a5:9e:0d:c1:98:88:a8:f5:f6:04:
8a:75:81:7a:d2:4a:7f:2c:05:fa:2f:3d:be:a2:fd:88:80:90:
35:36:ad:e0:c1:01:7b:04:60:11:4a:46:65:76:48:1a:68:72:
53:ea:09:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTmEWHkSpDO+DXNs66vNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNkZjI3ZDlkZTY1ZWIyNGU1Y2ZjOWQzMTBlNGM4YTAz
MDE0NjAwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzlhOWZhYmEyYjZiODg5OGRhZTM2ZjRkNTE1YzQ1OWQxMzM2M2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1TcST+GNDf6T9IT84uMTQzaJmMu
D0lfyJAnNumWsWUbdv7b/jLsaBZrA3+zRRVF9OWO1qjcFhPPQqKUAHbNd4qBAYml
tJ3uq4aH4OYs9LCOXiRl8h9cRD4FOuzRBpakHjvgJ7vQog95UfDOwwjfNUV/WIXT
ls8pOne7YXOH63lDeSuXliWyEWWjU4smBg40LiNsY5Sse0ueo9RechpbmTzd6IHF
z2D7Ar052tNXzMOnFuS29fQylHioZgeMP8uBVeOnbzQas7uTP5dkyYZtHm0TMXHs
hqeR2xoarMYr2LXVZbJ44O7OVYMJw9csaHxMPxZ6x+XTKAMcmMPZFQtVowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFyan6uitriJja429NUVxFnRM2OjMB8GA1UdIwQY
MBaAFK0s3yfZ3mXrJOXPydMQ5MigMBRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6Zko5bmVaZXNrNWNfSjB4RGt5S0F3RkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lZDYzNGItMzlmNy00YjljLTg2ZTQt
MWU5MjM4Y2YwMjhjLzEvWEpxZnE2SzJ1SW1OcmpiMDFSWEVXZEV6WTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lZDYzNGItMzlmNy00YjljLTg2ZTQtMWU5MjM4Y2YwMjhj
LzEvclN6Zko5bmVaZXNrNWNfSjB4RGt5S0F3RkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGYMA0E
AgACMAcDBQMqB8XAMA0GCSqGSIb3DQEBCwUAA4IBAQCO1EJvg7/ZtaWnYgA/JS9/
LKkR7tX/di/bCHplUT99OCaUf3MCRjm7aQ5heGUljDfstt2r+WpJtaHWenbJECql
NEAOGnC6I6ci2wbKiKCTonah4gNBa1NTJBwUJaQqSdvM9+dxL/Vtcq6XJnOjbqDS
mvwlO9Ggk3kxIiMI0r0h8zyEmik9SkTU2HmXk/8m5ZzlQ1ZkrMJ3vGrBAmWRFLlA
YVtOjHHkeSKNv0V0i5KumejY6xU2+lt0mRnmt78CVKL/Dm4ih0x+bk+12c//oqWe
DcGYiKj19gSKdYF60kp/LAX6Lz2+ov2IgJA1Nq3gwQF7BGARSkZldkgaaHJT6gnL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:06 2025 by rpki-client