Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/x_U88OgzG_fcfA4DOcXwhKUTVtU.roa
File: x_U88OgzG_fcfA4DOcXwhKUTVtU.roa (raw, json)
Hash identifier: q/laUfiJ7ttEMbK3X8jZZTctkcHxS9hKJflwSoFSrUE=
Subject key identifier: C7:F5:3C:F0:E8:33:1B:F7:DC:7C:0E:03:39:C5:F0:84:A5:13:56:D5
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 018CC34925134827F7FBC84AFD5C95C9401C
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/x_U88OgzG_fcfA4DOcXwhKUTVtU.roa
Signing time: Mon 01 Jan 2024 04:29:59 +0000
ROA not before: Mon 01 Jan 2024 04:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60267
IP address blocks: 185.87.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:25:13:48:27:f7:fb:c8:4a:fd:5c:95:c9:40:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Jan 1 04:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7f53cf0e8331bf7dc7c0e0339c5f084a51356d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:87:de:7f:a9:c5:2a:98:36:4f:db:5a:7f:75:
f8:8f:9a:3e:f0:43:31:59:d7:52:60:37:0f:d6:26:
2d:48:d1:a3:d5:9e:1f:6a:a3:b8:9d:3b:c5:7c:26:
75:a6:31:a5:09:a6:ff:58:5c:6b:99:d5:d1:bb:98:
62:a9:8c:55:5d:3e:1a:17:6b:91:fd:7e:ea:34:ea:
f1:48:32:2a:3e:1e:0f:34:5d:ea:cf:5e:71:17:8d:
44:33:3e:3e:f9:a3:5f:da:27:c8:9c:0d:86:99:4c:
60:e1:73:99:6b:aa:fc:b0:91:c7:5d:52:fe:f5:c9:
39:e0:48:4e:e1:db:f3:ca:c6:fa:d6:9b:7d:fa:94:
a6:94:6f:5a:27:47:16:96:e1:f9:96:76:d4:56:4a:
d9:61:e9:2b:2b:e2:af:a3:c5:b2:09:6c:49:d6:87:
fa:07:92:57:6a:f5:1d:91:6c:4f:77:80:0b:c3:24:
1d:e9:ef:85:51:26:3d:b6:8b:6b:52:46:c8:68:50:
d9:ea:d8:da:8a:1a:4f:5e:2c:64:0c:47:d4:83:53:
af:2c:27:bd:cd:2f:a8:c5:09:7c:fd:37:63:c7:86:
31:2a:98:f9:b2:05:19:a3:c7:b9:bb:8d:96:5a:4a:
c6:9e:9a:1f:e7:42:91:d7:58:92:86:e1:10:f8:04:
ee:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F5:3C:F0:E8:33:1B:F7:DC:7C:0E:03:39:C5:F0:84:A5:13:56:D5
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/x_U88OgzG_fcfA4DOcXwhKUTVtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.96.0/22
Signature Algorithm: sha256WithRSAEncryption
47:a1:ed:ef:63:19:11:09:1a:96:85:0c:d9:7f:e4:33:4f:fd:
ad:64:95:c8:1e:a7:67:19:46:50:66:20:1d:ac:61:d9:d8:c7:
aa:aa:26:98:b7:99:f4:b2:f4:2b:c3:f0:8b:16:5a:3b:ba:19:
63:cf:0f:52:5c:d5:98:54:48:60:7d:6c:c5:1c:1e:4c:3c:1c:
58:83:ad:9d:87:fb:1e:74:ac:a9:4d:22:c5:ef:24:c6:0b:97:
53:2c:1a:be:ef:09:6f:54:7e:03:3e:55:ca:15:58:7b:fe:10:
00:63:15:08:a0:bc:37:25:4a:ef:08:11:e6:47:5f:cc:90:6a:
fa:f7:5d:b1:d3:b3:f3:86:40:65:6d:da:50:58:9d:65:f4:59:
84:e5:97:ea:0d:6e:62:cb:87:31:e5:ab:0e:7e:5b:eb:92:f9:
24:52:1b:11:32:50:d1:c0:9e:fa:79:26:21:23:a1:98:b9:64:
87:80:da:a9:a7:e0:0c:9e:1b:ee:0f:97:b4:55:73:71:e9:d1:
da:90:7b:f3:7c:e6:48:91:73:64:40:08:99:33:14:6d:f7:20:
5c:98:14:17:38:2c:3e:a5:53:c1:fb:77:d9:21:d9:92:c0:8d:
eb:b4:8f:1e:18:21:cd:ef:c4:5d:33:76:59:03:83:cb:81:65:
cc:a9:45:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSSUTSCf3+8hK/VyVyUAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZDZmZjEzNGJkNjU2ZjBjZTE0ZDQxMGIwMmJlYzU1MWVi
NjlhMmMwHhcNMjQwMTAxMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y1M2NmMGU4MzMxYmY3ZGM3YzBlMDMzOWM1ZjA4NGE1MTM1NmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYfef6nFKpg2T9taf3X4j5o+8EMx
WddSYDcP1iYtSNGj1Z4faqO4nTvFfCZ1pjGlCab/WFxrmdXRu5hiqYxVXT4aF2uR
/X7qNOrxSDIqPh4PNF3qz15xF41EMz4++aNf2ifInA2GmUxg4XOZa6r8sJHHXVL+
9ck54EhO4dvzysb61pt9+pSmlG9aJ0cWluH5lnbUVkrZYekrK+Kvo8WyCWxJ1of6
B5JXavUdkWxPd4ALwyQd6e+FUSY9totrUkbIaFDZ6tjaihpPXixkDEfUg1OvLCe9
zS+oxQl8/Tdjx4YxKpj5sgUZo8e5u42WWkrGnpof50KR11iShuEQ+ATuSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMf1PPDoMxv33HwOAznF8ISlE1bVMB8GA1UdIwQY
MBaAFFTW/xNL1lbwzhTUELAr7FUetposMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDIt
NjQyNzhjMGQ4ZWJmLzEveF9VODhPZ3pHX2ZjZkE0RE9jWHdoS1VUVnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDItNjQyNzhjMGQ4ZWJm
LzEvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVdgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHoe3vYxkRCRqWhQzZf+QzT/2tZJXIHqdnGUZQZiAd
rGHZ2MeqqiaYt5n0svQrw/CLFlo7uhljzw9SXNWYVEhgfWzFHB5MPBxYg62dh/se
dKypTSLF7yTGC5dTLBq+7wlvVH4DPlXKFVh7/hAAYxUIoLw3JUrvCBHmR1/MkGr6
912x07PzhkBlbdpQWJ1l9FmE5ZfqDW5iy4cx5asOflvrkvkkUhsRMlDRwJ76eSYh
I6GYuWSHgNqpp+AMnhvuD5e0VXNx6dHakHvzfOZIkXNkQAiZMxRt9yBcmBQXOCw+
pVPB+3fZIdmSwI3rtI8eGCHN78RdM3ZZA4PLgWXMqUW5
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:21:50 2025 by rpki-client