Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/744eeb-e064-4fef-9e90-5686d4313595/1/XFn6x2DmqIcyB1z4FK3RWnVYUaI.roa
File: XFn6x2DmqIcyB1z4FK3RWnVYUaI.roa (raw, json)
Hash identifier: v+ka5vmy/zjTex8jbyuuvAyriI7zJjBDQf16e3fZglM=
Subject key identifier: 5C:59:FA:C7:60:E6:A8:87:32:07:5C:F8:14:AD:D1:5A:75:58:51:A2
Certificate issuer: /CN=69e01cc8f8e6e5ec750960d9a704510dff9572f7
Certificate serial: 0185BF0D0487A0909300C8DA79C7120B5DB2
Authority key identifier: 69:E0:1C:C8:F8:E6:E5:EC:75:09:60:D9:A7:04:51:0D:FF:95:72:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aeAcyPjm5ex1CWDZpwRRDf-Vcvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/744eeb-e064-4fef-9e90-5686d4313595/1/XFn6x2DmqIcyB1z4FK3RWnVYUaI.roa
Signing time: Tue 17 Jan 2023 09:26:19 +0000
ROA not before: Tue 17 Jan 2023 09:26:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207231
IP address blocks: 185.25.95.0/24 maxlen: 24
2a0c:85c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:0d:04:87:a0:90:93:00:c8:da:79:c7:12:0b:5d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69e01cc8f8e6e5ec750960d9a704510dff9572f7
Validity
Not Before: Jan 17 09:26:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c59fac760e6a88732075cf814add15a755851a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ec:4f:f6:ae:d5:f9:dd:46:8d:9e:1f:7d:d5:
f1:81:a9:80:1e:42:d3:f1:a7:fe:5a:e6:97:7e:db:
e8:ee:d2:7f:07:5e:1e:5f:b5:81:d0:0c:55:9e:3f:
39:a8:3d:e2:d1:b1:8d:b6:01:a7:85:f9:e8:8e:15:
4d:71:5c:52:e5:08:75:21:3d:f3:af:49:0f:47:83:
1a:20:4c:bc:6a:d7:7e:cc:83:62:78:fd:b3:6d:c1:
fc:d7:de:48:e0:34:0a:80:c2:67:b0:d4:4e:9d:05:
64:82:f6:33:d7:a1:ec:1a:f0:35:4e:f2:5f:61:6f:
02:e9:27:4f:a2:c7:14:6b:08:6c:8e:42:a9:5b:46:
c4:5f:ff:0d:64:43:b2:fb:a6:56:fe:10:f9:ed:e9:
01:93:dc:e6:a4:58:e0:d0:7e:dd:99:6c:70:7b:c8:
ed:d6:b1:67:58:f2:5a:4f:d3:24:12:1a:fa:bd:ca:
7a:c6:2d:be:69:cd:ef:c4:3d:e0:29:94:67:19:6f:
59:29:b2:fb:4c:65:d7:49:1c:5f:d1:3e:02:f9:d9:
2e:3b:af:d7:44:fa:eb:05:01:7e:69:4f:f5:eb:2b:
bd:50:19:36:e4:74:6f:17:33:5b:d7:6c:30:20:b4:
8b:af:5e:7a:a6:35:56:a0:86:80:b3:64:95:e5:07:
44:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:59:FA:C7:60:E6:A8:87:32:07:5C:F8:14:AD:D1:5A:75:58:51:A2
X509v3 Authority Key Identifier:
keyid:69:E0:1C:C8:F8:E6:E5:EC:75:09:60:D9:A7:04:51:0D:FF:95:72:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aeAcyPjm5ex1CWDZpwRRDf-Vcvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/744eeb-e064-4fef-9e90-5686d4313595/1/XFn6x2DmqIcyB1z4FK3RWnVYUaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/744eeb-e064-4fef-9e90-5686d4313595/1/aeAcyPjm5ex1CWDZpwRRDf-Vcvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.95.0/24
IPv6:
2a0c:85c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:4d:10:a8:6b:dd:37:07:ed:71:9d:63:60:dd:d5:6b:00:0c:
d8:ac:91:87:dd:96:1e:24:ed:65:f9:a3:34:39:20:f5:5f:5e:
49:01:8f:2b:e0:4a:10:20:a6:37:86:75:45:85:fd:d2:99:aa:
9e:d8:f2:cc:12:9b:a8:0d:5c:a8:d8:4b:37:7a:bb:97:b9:60:
86:f4:3f:95:af:ee:22:1f:29:7e:b4:70:cf:ec:3d:84:24:a4:
dc:07:2f:26:a6:f3:ad:d9:00:d4:56:9b:c0:bc:1b:af:8a:05:
c6:d3:b5:6a:4c:06:57:cd:77:cb:56:c4:18:4c:e3:a6:3b:6a:
eb:5d:76:99:39:91:cd:a3:74:8c:69:b6:7a:93:a1:b5:80:5a:
ae:be:af:94:58:1e:bf:8a:94:13:d3:66:62:e3:fe:f5:5a:f9:
e0:79:f2:e0:11:bd:01:0d:a7:4c:5f:c7:f7:06:b8:e1:32:09:
7d:ed:b3:b6:44:20:46:ba:2f:96:e8:26:a0:ab:5d:e6:a5:2b:
30:db:7b:9f:77:3b:62:6b:71:02:5f:25:14:0a:0e:60:84:69:
49:c1:9d:bd:48:ea:ab:14:65:a0:8d:1b:4b:29:88:97:fb:30:
67:ae:ae:af:54:3f:a8:26:45:ac:83:71:c9:25:2c:f6:3a:1b:
30:80:95:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYW/DQSHoJCTAMjaeccSC12yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZTAxY2M4ZjhlNmU1ZWM3NTA5NjBkOWE3MDQ1MTBkZmY5
NTcyZjcwHhcNMjMwMTE3MDkyNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU5ZmFjNzYwZTZhODg3MzIwNzVjZjgxNGFkZDE1YTc1NTg1MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+xP9q7V+d1GjZ4ffdXxgamAHkLT
8af+WuaXftvo7tJ/B14eX7WB0AxVnj85qD3i0bGNtgGnhfnojhVNcVxS5Qh1IT3z
r0kPR4MaIEy8atd+zINieP2zbcH8195I4DQKgMJnsNROnQVkgvYz16HsGvA1TvJf
YW8C6SdPoscUawhsjkKpW0bEX/8NZEOy+6ZW/hD57ekBk9zmpFjg0H7dmWxwe8jt
1rFnWPJaT9MkEhr6vcp6xi2+ac3vxD3gKZRnGW9ZKbL7TGXXSRxf0T4C+dkuO6/X
RPrrBQF+aU/16yu9UBk25HRvFzNb12wwILSLr156pjVWoIaAs2SV5QdE4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFxZ+sdg5qiHMgdc+BSt0Vp1WFGiMB8GA1UdIwQY
MBaAFGngHMj45uXsdQlg2acEUQ3/lXL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVBY3lQam01ZXgxQ1dEWnB3UlJEZi1WY3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83NDRlZWItZTA2NC00ZmVmLTllOTAt
NTY4NmQ0MzEzNTk1LzEvWEZuNngyRG1xSWN5QjF6NEZLM1JXblZZVWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC83NDRlZWItZTA2NC00ZmVmLTllOTAtNTY4NmQ0MzEzNTk1
LzEvYWVBY3lQam01ZXgxQ1dEWnB3UlJEZi1WY3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRlfMA0E
AgACMAcDBQMqDIXAMA0GCSqGSIb3DQEBCwUAA4IBAQB8TRCoa903B+1xnWNg3dVr
AAzYrJGH3ZYeJO1l+aM0OSD1X15JAY8r4EoQIKY3hnVFhf3Smaqe2PLMEpuoDVyo
2Es3eruXuWCG9D+Vr+4iHyl+tHDP7D2EJKTcBy8mpvOt2QDUVpvAvBuvigXG07Vq
TAZXzXfLVsQYTOOmO2rrXXaZOZHNo3SMabZ6k6G1gFquvq+UWB6/ipQT02Zi4/71
WvngefLgEb0BDadMX8f3BrjhMgl97bO2RCBGui+W6Cagq13mpSsw23ufdztia3EC
XyUUCg5ghGlJwZ29SOqrFGWgjRtLKYiX+zBnrq6vVD+oJkWsg3HJJSz2OhswgJWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:59 2024 by rpki-client on console-fra.rpki-client.org