Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/x_0msdPnv86-IETJQWM9BOYi3ww.roa
File: x_0msdPnv86-IETJQWM9BOYi3ww.roa (raw, json)
Hash identifier: /vvHwYNaX6gYiKWpRDS5XZRLiOlmJWXtzIkmoi2l0bQ=
Subject key identifier: C7:FD:26:B1:D3:E7:BF:CE:BE:20:44:C9:41:63:3D:04:E6:22:DF:0C
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 018CC5DBE8070878998F9DB77EB5A376BDF8
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/x_0msdPnv86-IETJQWM9BOYi3ww.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50633
IP address blocks: 185.249.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e8:07:08:78:99:8f:9d:b7:7e:b5:a3:76:bd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7fd26b1d3e7bfcebe2044c941633d04e622df0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2f:4a:4e:8f:1a:e8:02:79:86:a4:5c:71:8e:
78:d7:15:1e:4e:54:9b:bb:42:d2:f7:57:f8:f7:22:
d4:d4:34:0e:6f:53:1f:11:70:14:e8:d0:3e:c4:60:
bf:ce:e8:4b:f0:2e:ac:68:27:5f:4a:f2:f8:b5:a3:
1a:05:a9:80:40:a8:fd:94:49:a1:49:c9:b4:50:7c:
3f:ba:89:df:e8:49:c9:f5:02:5e:9f:b1:f8:8a:b4:
41:b9:f7:66:28:cc:3d:26:11:f8:16:52:bc:80:f1:
07:d5:be:6c:e6:ee:56:cf:39:1a:3d:51:d4:63:02:
0f:a3:87:9d:95:06:3b:39:61:a9:ad:0e:fa:85:41:
dd:33:00:4e:01:c4:cd:66:84:24:1b:1a:55:20:3c:
8d:2c:51:14:be:4b:60:72:10:0a:60:34:d7:d8:0d:
da:68:37:fd:c3:07:d7:f9:c2:73:cf:08:ef:dc:6f:
14:0e:15:ab:6d:73:c8:ca:00:7e:e1:98:3f:08:eb:
c0:7c:53:f8:f8:c2:c2:31:c6:53:95:a4:17:31:27:
43:c8:2d:06:64:a3:33:3b:32:dd:df:67:8a:c7:1c:
16:dd:e0:3a:08:e3:ec:d0:51:15:30:66:e7:1c:78:
25:75:15:d3:8a:60:ec:15:9d:d2:ff:f9:f0:88:9f:
e0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FD:26:B1:D3:E7:BF:CE:BE:20:44:C9:41:63:3D:04:E6:22:DF:0C
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/x_0msdPnv86-IETJQWM9BOYi3ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.161.0/24
Signature Algorithm: sha256WithRSAEncryption
70:80:33:eb:0b:9e:51:34:c9:88:af:0f:e1:d9:ba:c3:2b:ad:
84:38:d0:f2:b0:4a:d5:a2:e6:b2:02:40:ff:d7:4c:bb:57:c8:
94:01:9a:2a:d2:a0:dd:2e:39:f2:ec:69:ab:19:68:de:d3:49:
ca:f6:77:a3:55:8f:f8:d2:02:f1:55:a2:d0:6e:13:b8:c9:84:
77:53:a2:b3:1a:8f:50:61:2f:b8:bb:8b:1c:fc:7a:ca:1c:1e:
85:98:84:ef:2b:01:01:aa:41:e8:69:e6:7b:a7:ec:c3:e0:e2:
61:32:9a:35:19:88:ae:6d:82:81:01:d4:36:53:aa:72:bf:3d:
64:19:09:8e:fa:ab:26:43:16:00:62:43:e6:6c:56:44:90:53:
1e:1f:ad:40:6e:d0:05:49:c7:33:04:51:03:05:70:0d:70:b3:
c2:32:84:d4:2f:6c:e1:b0:ba:e1:1a:d1:69:b5:3e:e9:de:69:
25:1a:44:5b:ee:e2:71:59:8b:72:95:62:b4:1f:ee:bb:79:1c:
ec:3b:88:2c:03:1b:ea:1a:be:cc:e9:81:28:6c:40:20:82:bd:
14:86:62:6a:a1:98:76:12:e7:5e:cd:c5:1b:1f:98:07:95:d2:
40:4c:28:35:31:aa:36:72:52:e2:b1:2f:79:d6:89:31:1b:0d:
05:77:13:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2+gHCHiZj523frWjdr34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTJiMDNlMWIwMTcwOTYzODk0MGQ5NTkyOTgzY2RlNzdl
Y2FiNzcwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZkMjZiMWQzZTdiZmNlYmUyMDQ0Yzk0MTYzM2QwNGU2MjJkZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS9KTo8a6AJ5hqRccY541xUeTlSb
u0LS91f49yLU1DQOb1MfEXAU6NA+xGC/zuhL8C6saCdfSvL4taMaBamAQKj9lEmh
Scm0UHw/uonf6EnJ9QJen7H4irRBufdmKMw9JhH4FlK8gPEH1b5s5u5WzzkaPVHU
YwIPo4edlQY7OWGprQ76hUHdMwBOAcTNZoQkGxpVIDyNLFEUvktgchAKYDTX2A3a
aDf9wwfX+cJzzwjv3G8UDhWrbXPIygB+4Zg/COvAfFP4+MLCMcZTlaQXMSdDyC0G
ZKMzOzLd32eKxxwW3eA6COPs0FEVMGbnHHgldRXTimDsFZ3S//nwiJ/gVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMf9JrHT57/OviBEyUFjPQTmIt8MMB8GA1UdIwQY
MBaAFIRSsD4bAXCWOJQNlZKYPN537Kt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQt
MjAwZmMyNzRjYjAxLzEveF8wbXNkUG52ODYtSUVUSlFXTTlCT1lpM3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQtMjAwZmMyNzRjYjAx
LzEvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufmhMA0G
CSqGSIb3DQEBCwUAA4IBAQBwgDPrC55RNMmIrw/h2brDK62EONDysErVouayAkD/
10y7V8iUAZoq0qDdLjny7GmrGWje00nK9nejVY/40gLxVaLQbhO4yYR3U6KzGo9Q
YS+4u4sc/HrKHB6FmITvKwEBqkHoaeZ7p+zD4OJhMpo1GYiubYKBAdQ2U6pyvz1k
GQmO+qsmQxYAYkPmbFZEkFMeH61AbtAFScczBFEDBXANcLPCMoTUL2zhsLrhGtFp
tT7p3mklGkRb7uJxWYtylWK0H+67eRzsO4gsAxvqGr7M6YEobEAggr0UhmJqoZh2
EudezcUbH5gHldJATCg1Mao2clLisS951okxGw0FdxOg
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:41:48 2025 by rpki-client