Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/AXz6xKY93k0FvdwfGVzfSpt7mK8.roa
File: AXz6xKY93k0FvdwfGVzfSpt7mK8.roa (raw, json)
Hash identifier: OiobNo1hNA27hv9XJo728hdwuvlBk/22m8M/XVSRxB4=
Subject key identifier: 01:7C:FA:C4:A6:3D:DE:4D:05:BD:DC:1F:19:5C:DF:4A:9B:7B:98:AF
Certificate issuer: /CN=49e305d79cacdbefbf1e832b34d7c06bbb5f627a
Certificate serial: 018CC94E0D8672C8A6E4148538AC9B016F72
Authority key identifier: 49:E3:05:D7:9C:AC:DB:EF:BF:1E:83:2B:34:D7:C0:6B:BB:5F:62:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeMF15ys2--_HoMrNNfAa7tfYno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/AXz6xKY93k0FvdwfGVzfSpt7mK8.roa
Signing time: Tue 02 Jan 2024 08:33:04 +0000
ROA not before: Tue 02 Jan 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60868
IP address blocks: 185.25.32.0/22 maxlen: 24
2a00:77e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:0d:86:72:c8:a6:e4:14:85:38:ac:9b:01:6f:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e305d79cacdbefbf1e832b34d7c06bbb5f627a
Validity
Not Before: Jan 2 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=017cfac4a63dde4d05bddc1f195cdf4a9b7b98af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:70:e7:9a:49:de:a7:ff:de:14:b5:a3:43:12:
2f:34:0d:04:ee:2a:df:05:1c:78:65:b9:0a:a5:1b:
43:37:a8:49:d8:6a:d0:05:2a:9d:1e:03:94:c9:60:
35:fe:a9:d5:21:de:7d:eb:8f:b2:43:35:78:ec:c9:
c9:5b:11:55:a7:f0:88:ff:87:81:c4:17:9c:3e:76:
03:9e:ee:59:38:13:42:06:b8:53:31:f6:2d:70:7a:
b9:53:b3:7b:e5:6c:47:9c:5a:80:53:4a:ab:19:70:
8e:61:7f:2d:44:79:83:d5:15:4e:91:12:eb:ae:87:
b4:53:9b:68:5f:fd:66:b6:c3:e5:62:5a:a8:50:c2:
d2:7a:36:e4:bf:b4:11:e1:88:14:a9:21:28:5d:88:
6d:2f:5d:6a:c9:4a:ae:63:af:b5:85:68:b5:e7:85:
02:9e:00:9c:39:b4:a4:e3:9e:0b:1a:1f:08:dc:b6:
fb:0d:f5:e6:61:28:22:00:fd:44:30:20:ca:12:f8:
18:b0:f8:d2:a9:85:aa:b1:a8:06:76:31:39:1d:93:
78:09:17:c6:2e:61:a1:83:77:55:29:a7:f0:09:e2:
55:ad:cc:26:2d:4a:32:fb:3a:7a:d3:d9:a6:bf:94:
a6:2b:a2:0e:31:63:0c:6b:20:a9:61:3c:9e:c4:f5:
e4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7C:FA:C4:A6:3D:DE:4D:05:BD:DC:1F:19:5C:DF:4A:9B:7B:98:AF
X509v3 Authority Key Identifier:
keyid:49:E3:05:D7:9C:AC:DB:EF:BF:1E:83:2B:34:D7:C0:6B:BB:5F:62:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeMF15ys2--_HoMrNNfAa7tfYno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/AXz6xKY93k0FvdwfGVzfSpt7mK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/SeMF15ys2--_HoMrNNfAa7tfYno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.32.0/22
IPv6:
2a00:77e0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:59:12:c7:7f:01:b1:40:7b:ff:d4:1b:c3:0a:82:6f:be:17:
06:a8:d0:f5:6d:ca:bc:45:93:3c:68:5c:23:fa:0f:fc:5d:e3:
ed:4b:88:07:c0:1d:30:b5:1e:ea:b4:50:c4:64:5a:1c:fe:69:
79:8b:f2:a0:02:9a:f3:e5:12:15:70:fa:a7:7c:59:3b:e3:d5:
4e:76:fa:eb:2f:2e:99:1b:bc:97:62:eb:6a:d7:60:56:b4:ef:
d5:c3:14:6a:16:28:ad:d2:ac:97:fb:77:62:0d:a5:4e:a0:bb:
83:13:45:e9:a3:e7:85:83:17:dd:ad:3b:b4:10:3a:78:64:62:
a2:70:07:5a:7d:69:10:31:64:22:f1:9b:67:e5:cd:cf:d1:2f:
3e:30:a3:ab:92:88:8e:95:6b:0e:c4:59:46:e1:ab:25:a0:b1:
42:8e:b0:8b:52:d6:da:13:1f:2c:a7:83:ce:ea:69:e5:a7:63:
cc:b7:b6:df:fa:8b:f7:ee:f7:b5:48:a5:60:cb:96:32:07:ed:
e0:73:9c:75:89:df:09:2a:af:86:11:a9:e5:3b:02:66:01:4a:
37:5e:62:c4:d8:4d:f4:38:74:be:8a:11:21:a9:cc:f8:0d:03:
9a:6a:91:ac:5c:5a:2a:b7:fb:bb:06:d1:cc:41:25:52:d9:32:
0d:90:6e:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTg2Gcsim5BSFOKybAW9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTMwNWQ3OWNhY2RiZWZiZjFlODMyYjM0ZDdjMDZiYmI1
ZjYyN2EwHhcNMjQwMTAyMDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdjZmFjNGE2M2RkZTRkMDViZGRjMWYxOTVjZGY0YTliN2I5OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHDnmknep//eFLWjQxIvNA0E7irf
BRx4ZbkKpRtDN6hJ2GrQBSqdHgOUyWA1/qnVId5964+yQzV47MnJWxFVp/CI/4eB
xBecPnYDnu5ZOBNCBrhTMfYtcHq5U7N75WxHnFqAU0qrGXCOYX8tRHmD1RVOkRLr
roe0U5toX/1mtsPlYlqoUMLSejbkv7QR4YgUqSEoXYhtL11qyUquY6+1hWi154UC
ngCcObSk454LGh8I3Lb7DfXmYSgiAP1EMCDKEvgYsPjSqYWqsagGdjE5HZN4CRfG
LmGhg3dVKafwCeJVrcwmLUoy+zp609mmv5SmK6IOMWMMayCpYTyexPXkmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAF8+sSmPd5NBb3cHxlc30qbe5ivMB8GA1UdIwQY
MBaAFEnjBdecrNvvvx6DKzTXwGu7X2J6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VNRjE1eXMyLS1fSG9Nck5OZkFhN3RmWW5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYmY5OTctY2RiYS00OTMwLTg1NTMt
ZmQwOTg5NDg3YjE2LzEvQVh6NnhLWTkzazBGdmR3ZkdWemZTcHQ3bUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYmY5OTctY2RiYS00OTMwLTg1NTMtZmQwOTg5NDg3YjE2
LzEvU2VNRjE1eXMyLS1fSG9Nck5OZkFhN3RmWW5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRkgMA0E
AgACMAcDBQAqAHfgMA0GCSqGSIb3DQEBCwUAA4IBAQAcWRLHfwGxQHv/1BvDCoJv
vhcGqND1bcq8RZM8aFwj+g/8XePtS4gHwB0wtR7qtFDEZFoc/ml5i/KgAprz5RIV
cPqnfFk749VOdvrrLy6ZG7yXYutq12BWtO/VwxRqFiit0qyX+3diDaVOoLuDE0Xp
o+eFgxfdrTu0EDp4ZGKicAdafWkQMWQi8Ztn5c3P0S8+MKOrkoiOlWsOxFlG4asl
oLFCjrCLUtbaEx8sp4PO6mnlp2PMt7bf+ov37ve1SKVgy5YyB+3gc5x1id8JKq+G
EanlOwJmAUo3XmLE2E30OHS+ihEhqcz4DQOaapGsXFoqt/u7BtHMQSVS2TINkG6x
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:02:17 2025 by rpki-client