Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/xOm-HRSkPCMN-DLeMmDMntODCz0.roa
File: xOm-HRSkPCMN-DLeMmDMntODCz0.roa (raw, json)
Hash identifier: TpTrFlWsLOw7PFfSMBS2qbgHgHDjwjtqWd2LsSojMjU=
Subject key identifier: C4:E9:BE:1D:14:A4:3C:23:0D:F8:32:DE:32:60:CC:9E:D3:83:0B:3D
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 018CC64B0C85AB313D57878E72A878D50BC0
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/xOm-HRSkPCMN-DLeMmDMntODCz0.roa
Signing time: Mon 01 Jan 2024 18:30:56 +0000
ROA not before: Mon 01 Jan 2024 18:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15600
IP address blocks: 185.163.92.0/22 maxlen: 22
83.97.80.0/21 maxlen: 21
193.25.102.0/23 maxlen: 23
2a0b:7800::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 May 2024 13:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0c:85:ab:31:3d:57:87:8e:72:a8:78:d5:0b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Jan 1 18:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4e9be1d14a43c230df832de3260cc9ed3830b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:13:b0:48:ea:24:f6:b5:ab:fa:99:c1:7e:17:
99:0d:7b:0a:4a:39:30:05:b5:b3:96:1c:41:60:a1:
f8:a1:ed:ea:46:0b:e3:17:9b:51:93:e5:29:ec:2e:
6e:83:b7:81:53:3e:6c:2d:a8:ec:c1:58:9d:a3:fe:
ec:1e:8b:a6:c0:e0:12:76:b7:d5:5a:79:b5:66:84:
44:42:bd:a9:f1:88:c3:e8:65:8d:2c:9e:9b:06:c9:
99:b8:8d:22:52:2b:05:6c:9c:2f:a1:01:a6:56:64:
16:d5:b7:da:27:12:e5:88:84:1b:74:06:e4:d1:eb:
7d:f7:4c:41:a6:41:d7:31:1d:d6:21:3d:7b:4b:fe:
77:14:a4:ec:c9:28:5d:90:52:6b:8d:95:ad:81:bc:
cd:18:a1:31:fb:b7:a3:f4:00:cf:59:eb:9c:0c:86:
c5:4a:8a:75:c1:16:17:6a:f0:02:18:02:be:e1:e6:
c6:9c:4d:ca:a9:e4:e5:fe:97:f2:b6:d0:33:83:19:
4b:51:e9:6a:62:0b:ec:81:ca:ef:c5:eb:23:d6:0d:
01:ef:2f:c0:21:ed:e1:16:b9:2e:c7:60:0b:34:f7:
12:4d:ab:f5:3d:e7:bc:a6:ae:86:19:88:1a:60:fd:
24:3a:f6:56:50:59:3e:72:a6:0f:d5:2a:57:8f:00:
73:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E9:BE:1D:14:A4:3C:23:0D:F8:32:DE:32:60:CC:9E:D3:83:0B:3D
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/xOm-HRSkPCMN-DLeMmDMntODCz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.80.0/21
185.163.92.0/22
193.25.102.0/23
IPv6:
2a0b:7800::/29
Signature Algorithm: sha256WithRSAEncryption
5b:6b:07:b6:86:bd:21:d7:8c:10:76:67:d3:5f:ae:3b:d6:a2:
03:25:33:d9:64:fe:2b:8b:44:e4:86:12:6c:2e:21:67:fc:ad:
36:8b:45:35:bd:26:78:eb:ce:4d:8e:ba:1a:64:80:ea:c6:45:
16:40:12:f2:dc:ad:65:4c:90:13:28:b6:21:a2:03:22:ac:51:
d5:67:d6:0b:1d:a2:ea:7f:a1:01:45:23:70:54:59:42:d8:cb:
19:6c:9a:ec:92:1c:74:64:49:6a:9a:64:e5:67:93:6b:4e:01:
3b:fa:39:39:59:76:3a:e9:44:67:44:09:37:bd:09:37:58:b5:
94:9a:52:bd:cd:a3:bc:ee:75:3c:10:84:58:7c:a7:da:3d:a6:
cb:0a:46:3d:2f:86:86:b7:6f:72:2b:2e:d2:d3:6a:c3:2f:7e:
7a:1a:e6:06:99:2d:d2:81:21:a8:40:c7:6b:76:ac:a1:7a:fa:
bc:a4:9d:e9:b6:40:ef:93:62:c8:52:83:6d:88:01:fe:00:db:
fa:6b:fe:dc:81:14:b9:de:d4:dd:84:32:fc:40:29:20:d3:5c:
ea:9f:ef:64:93:16:19:09:23:ca:2f:db:d8:62:1e:fc:ca:63:
bd:aa:69:21:33:b1:fb:0c:18:3a:f9:d4:f5:07:f0:27:e4:eb:
dc:25:d2:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSwyFqzE9V4eOcqh41QvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjQwMTAxMTgzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU5YmUxZDE0YTQzYzIzMGRmODMyZGUzMjYwY2M5ZWQzODMwYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBOwSOok9rWr+pnBfheZDXsKSjkw
BbWzlhxBYKH4oe3qRgvjF5tRk+Up7C5ug7eBUz5sLajswVido/7sHoumwOASdrfV
Wnm1ZoREQr2p8YjD6GWNLJ6bBsmZuI0iUisFbJwvoQGmVmQW1bfaJxLliIQbdAbk
0et990xBpkHXMR3WIT17S/53FKTsyShdkFJrjZWtgbzNGKEx+7ej9ADPWeucDIbF
Sop1wRYXavACGAK+4ebGnE3KqeTl/pfyttAzgxlLUelqYgvsgcrvxesj1g0B7y/A
Ie3hFrkux2ALNPcSTav1Pee8pq6GGYgaYP0kOvZWUFk+cqYP1SpXjwBzTQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMTpvh0UpDwjDfgy3jJgzJ7Tgws9MB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEveE9tLUhSU2tQQ01OLURMZU1tRE1udE9EQ3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU2FQAwQC
uaNcAwQBwRlmMA0EAgACMAcDBQMqC3gAMA0GCSqGSIb3DQEBCwUAA4IBAQBbawe2
hr0h14wQdmfTX6471qIDJTPZZP4ri0TkhhJsLiFn/K02i0U1vSZ4685NjroaZIDq
xkUWQBLy3K1lTJATKLYhogMirFHVZ9YLHaLqf6EBRSNwVFlC2MsZbJrskhx0ZElq
mmTlZ5NrTgE7+jk5WXY66URnRAk3vQk3WLWUmlK9zaO87nU8EIRYfKfaPabLCkY9
L4aGt29yKy7S02rDL356GuYGmS3SgSGoQMdrdqyhevq8pJ3ptkDvk2LIUoNtiAH+
ANv6a/7cgRS53tTdhDL8QCkg01zqn+9kkxYZCSPKL9vYYh78ymO9qmkhM7H7DBg6
+dT1B/An5OvcJdLq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:04 2025 by rpki-client