Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/Xgqe-EiF0XYVA14WGfwM9CBwgQ4.roa
File: Xgqe-EiF0XYVA14WGfwM9CBwgQ4.roa (raw, json)
Hash identifier: Hpb9GaQNEm+idF3Mz+vluttWnoP6l1RHrtZp9FLwflE=
Subject key identifier: 5E:0A:9E:F8:48:85:D1:76:15:03:5E:16:19:FC:0C:F4:20:70:81:0E
Certificate issuer: /CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Certificate serial: 018CC794335C12BE301F1C242C7B89CBD983
Authority key identifier: 23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/Xgqe-EiF0XYVA14WGfwM9CBwgQ4.roa
Signing time: Tue 02 Jan 2024 00:30:27 +0000
ROA not before: Tue 02 Jan 2024 00:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3292
IP address blocks: 185.203.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 19:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:33:5c:12:be:30:1f:1c:24:2c:7b:89:cb:d9:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Validity
Not Before: Jan 2 00:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e0a9ef84885d17615035e1619fc0cf42070810e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f4:94:d9:f9:53:15:ac:d1:69:1e:65:f3:ec:
a3:69:e5:60:c2:b8:06:23:d9:77:77:a7:93:9e:1a:
f2:8e:80:b1:bc:6e:de:5c:83:c7:fb:35:07:ac:0e:
86:9c:b7:66:ad:aa:19:aa:0a:cc:ef:eb:8f:35:d5:
0c:90:40:05:c1:11:f2:f5:b0:c7:c6:8f:b5:66:16:
b1:5c:44:a0:23:36:4f:81:2b:94:0c:7c:22:30:fe:
bf:94:09:04:cd:3a:53:89:6d:74:28:24:25:76:e2:
59:0a:d4:46:07:86:dd:2f:f0:34:5f:8c:75:e1:c7:
a0:4b:fe:c7:a8:e3:f2:4b:cb:ee:08:8d:74:1c:a3:
7a:37:b8:ed:3b:70:68:65:4d:af:0b:0a:63:d8:44:
bf:c7:43:8e:39:b3:f2:e5:d0:1a:a9:de:98:11:db:
56:83:e5:85:76:52:57:82:ff:07:21:98:8d:3a:cc:
8e:93:b3:0b:a9:6b:87:72:13:32:0b:fe:ee:63:1c:
39:a1:b1:47:ea:83:ea:08:88:34:5a:4b:90:7d:ef:
41:2a:35:a2:5b:00:61:05:9f:a9:99:32:b5:99:fb:
e9:19:0a:cc:be:2d:e0:cd:b0:77:89:cc:02:d2:71:
dd:9f:2a:c1:39:a0:9d:4c:f1:42:d2:42:e2:8d:d2:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:0A:9E:F8:48:85:D1:76:15:03:5E:16:19:FC:0C:F4:20:70:81:0E
X509v3 Authority Key Identifier:
keyid:23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/Xgqe-EiF0XYVA14WGfwM9CBwgQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.232.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:b4:06:76:7c:02:ca:ef:32:40:61:4c:bc:41:8a:c1:62:07:
42:0b:51:1c:46:76:e2:12:f8:58:59:12:7c:8b:c9:cc:b8:14:
88:c8:a3:0d:6e:7a:ce:62:d7:d8:c3:89:26:ef:49:a0:88:be:
ca:c5:36:52:f8:5b:f5:a6:11:2c:41:57:45:dc:8b:89:78:3b:
dc:a0:3d:01:09:b4:81:df:20:00:09:d4:a7:f5:f5:55:97:06:
df:6b:55:9a:5a:db:9d:b5:09:17:03:db:eb:47:0a:7e:ee:7d:
dd:3e:77:c7:7b:3f:43:44:d4:83:dc:f5:b2:cb:51:ba:c9:46:
d2:de:39:50:bc:32:3f:90:ef:6a:af:83:77:25:7c:aa:a8:33:
3f:e6:d0:f9:f5:4a:c3:11:ee:be:05:4b:10:32:b2:49:33:fe:
87:04:bd:74:d3:80:36:86:be:55:7f:68:24:73:f4:66:e6:4e:
e4:3b:a2:c6:41:d8:03:f8:4c:6d:fd:a2:e3:eb:64:bd:7f:94:
fb:2e:7e:2d:84:71:1d:6e:ee:73:cc:8c:9c:f2:b5:61:c2:dc:
a3:f9:81:78:a5:f7:a6:f4:14:50:15:e7:f8:04:5d:c0:57:84:
a1:35:26:f1:3d:d6:bc:01:d2:44:1e:0d:8f:93:04:5c:7b:18:
7f:a8:25:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlDNcEr4wHxwkLHuJy9mDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzBlMjYwNjA5MTNjNzU4MTM3NDg4YmZkN2FiMWJmZTll
MTBhZTIwHhcNMjQwMTAyMDAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTBhOWVmODQ4ODVkMTc2MTUwMzVlMTYxOWZjMGNmNDIwNzA4MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfSU2flTFazRaR5l8+yjaeVgwrgG
I9l3d6eTnhryjoCxvG7eXIPH+zUHrA6GnLdmraoZqgrM7+uPNdUMkEAFwRHy9bDH
xo+1ZhaxXESgIzZPgSuUDHwiMP6/lAkEzTpTiW10KCQlduJZCtRGB4bdL/A0X4x1
4cegS/7HqOPyS8vuCI10HKN6N7jtO3BoZU2vCwpj2ES/x0OOObPy5dAaqd6YEdtW
g+WFdlJXgv8HIZiNOsyOk7MLqWuHchMyC/7uYxw5obFH6oPqCIg0WkuQfe9BKjWi
WwBhBZ+pmTK1mfvpGQrMvi3gzbB3icwC0nHdnyrBOaCdTPFC0kLijdJSIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4KnvhIhdF2FQNeFhn8DPQgcIEOMB8GA1UdIwQY
MBaAFCMw4mBgkTx1gTdIi/16sb/p4QriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0Yjkt
NzA2NzgyY2ZhMDNiLzEvWGdxZS1FaUYwWFlWQTE0V0dmd005Q0J3Z1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0YjktNzA2NzgyY2ZhMDNi
LzEvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucvoMA0G
CSqGSIb3DQEBCwUAA4IBAQCctAZ2fALK7zJAYUy8QYrBYgdCC1EcRnbiEvhYWRJ8
i8nMuBSIyKMNbnrOYtfYw4km70mgiL7KxTZS+Fv1phEsQVdF3IuJeDvcoD0BCbSB
3yAACdSn9fVVlwbfa1WaWtudtQkXA9vrRwp+7n3dPnfHez9DRNSD3PWyy1G6yUbS
3jlQvDI/kO9qr4N3JXyqqDM/5tD59UrDEe6+BUsQMrJJM/6HBL1004A2hr5Vf2gk
c/Rm5k7kO6LGQdgD+Ext/aLj62S9f5T7Ln4thHEdbu5zzIyc8rVhwtyj+YF4pfem
9BRQFef4BF3AV4ShNSbxPda8AdJEHg2PkwRcexh/qCUD
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:19 2025 by rpki-client