Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/XrDLd8RO79pBt0gBr0LGdw-iWmE.roa
File: XrDLd8RO79pBt0gBr0LGdw-iWmE.roa (raw, json)
Hash identifier: i1U+QbUD/+voVDZ5u+B/fIWrhky9f60R+qWR9OzQPZA=
Subject key identifier: 5E:B0:CB:77:C4:4E:EF:DA:41:B7:48:01:AF:42:C6:77:0F:A2:5A:61
Certificate issuer: /CN=9d75cf6c6019f059e465e4deb204cd242bd4b465
Certificate serial: 019427B689E0BC9BF6EC9279DAD723C2C725
Authority key identifier: 9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/XrDLd8RO79pBt0gBr0LGdw-iWmE.roa
Signing time: Thu 02 Jan 2025 15:51:01 +0000
ROA not before: Thu 02 Jan 2025 15:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 185.110.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 10:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:89:e0:bc:9b:f6:ec:92:79:da:d7:23:c2:c7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d75cf6c6019f059e465e4deb204cd242bd4b465
Validity
Not Before: Jan 2 15:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eb0cb77c44eefda41b74801af42c6770fa25a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1a:88:c3:cd:ac:df:66:ae:1b:92:58:ed:6e:
60:f4:f6:cc:65:a9:da:17:a8:41:99:83:b6:e1:c8:
7b:2a:71:a4:cd:47:e4:42:4a:42:ec:61:34:ff:a5:
bb:2b:b6:b8:9d:dc:e4:5d:ca:cc:ea:34:9b:b4:54:
f1:ce:f1:2d:c4:b8:90:52:24:63:b5:14:d0:3d:51:
ae:e3:73:10:98:bd:bd:d0:5a:09:7e:39:ad:60:b9:
03:76:fc:a3:19:dc:07:26:91:43:cd:eb:48:6f:13:
38:01:48:5f:63:d2:34:6d:e3:40:b6:0a:c2:ef:77:
2b:22:7e:52:7e:d3:42:1b:fd:cf:03:42:f0:7c:88:
58:c0:e7:58:05:7f:e0:a3:57:70:ec:5f:99:dc:4c:
1e:cb:f3:5f:1f:2a:3d:74:28:9e:51:1b:80:15:f7:
77:7f:f4:de:04:3d:cd:13:2d:72:df:a5:18:f1:95:
8f:21:9a:08:c7:c2:dc:a7:61:19:f0:21:30:c8:9b:
28:6d:8e:65:e1:21:df:3d:41:40:65:6a:34:fe:8c:
75:ec:61:7d:45:3c:8e:bb:78:01:ee:18:5b:1b:b6:
fa:e6:07:de:61:f9:31:42:b9:fd:42:75:de:d0:75:
01:e2:7b:51:61:b0:35:bb:7e:40:3b:f0:6e:22:03:
f4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B0:CB:77:C4:4E:EF:DA:41:B7:48:01:AF:42:C6:77:0F:A2:5A:61
X509v3 Authority Key Identifier:
keyid:9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/XrDLd8RO79pBt0gBr0LGdw-iWmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.218.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:2b:b0:11:68:0c:87:19:aa:f9:62:dd:21:5b:dd:a8:08:cd:
8a:de:d5:c5:b7:0e:30:d0:73:27:c3:e5:6d:42:5d:ff:b2:60:
b1:4b:77:54:48:be:58:99:4b:5c:ba:77:41:2a:eb:91:9c:82:
f3:ba:92:ad:7e:19:aa:4b:fc:6b:15:8a:71:d2:ab:44:81:f0:
12:84:08:e4:94:42:68:9d:49:2c:5f:08:a9:bf:25:7e:e7:a3:
bb:29:08:33:1e:62:7d:e4:9b:77:3c:d6:39:f5:50:97:5e:8b:
58:df:78:2a:b3:f8:b2:e4:3f:2f:b6:37:1f:43:e1:62:bd:c5:
24:64:8d:54:51:e0:e2:4f:ff:a9:46:26:f3:b8:f3:90:b5:70:
9a:a8:fb:38:78:2f:a6:7f:83:90:94:1f:ef:88:8f:77:76:40:
79:cc:da:aa:f9:97:66:98:ce:be:11:e5:27:24:a9:6e:cc:85:
a5:e2:d0:bc:49:fc:31:e4:90:94:92:a1:b2:d8:c4:d2:e8:b1:
61:78:d2:00:b4:67:3b:57:c0:1a:0f:d7:f2:eb:de:9a:b0:e3:
5d:dc:d3:88:61:1d:f0:66:9e:99:3f:c2:27:ba:3f:1e:b1:47:
1f:e9:be:87:df:fa:c1:31:fc:a2:ea:7d:3e:46:ab:6f:61:49:
11:a3:c8:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntongvJv27JJ52tcjwsclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNzVjZjZjNjAxOWYwNTllNDY1ZTRkZWIyMDRjZDI0MmJk
NGI0NjUwHhcNMjUwMTAyMTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWIwY2I3N2M0NGVlZmRhNDFiNzQ4MDFhZjQyYzY3NzBmYTI1YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBqIw82s32auG5JY7W5g9PbMZana
F6hBmYO24ch7KnGkzUfkQkpC7GE0/6W7K7a4ndzkXcrM6jSbtFTxzvEtxLiQUiRj
tRTQPVGu43MQmL290FoJfjmtYLkDdvyjGdwHJpFDzetIbxM4AUhfY9I0beNAtgrC
73crIn5SftNCG/3PA0LwfIhYwOdYBX/go1dw7F+Z3Ewey/NfHyo9dCieURuAFfd3
f/TeBD3NEy1y36UY8ZWPIZoIx8Lcp2EZ8CEwyJsobY5l4SHfPUFAZWo0/ox17GF9
RTyOu3gB7hhbG7b65gfeYfkxQrn9QnXe0HUB4ntRYbA1u35AO/BuIgP0dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6wy3fETu/aQbdIAa9CxncPolphMB8GA1UdIwQY
MBaAFJ11z2xgGfBZ5GXk3rIEzSQr1LRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEt
NzZiMWFlNjJmMDcyLzEvWHJETGQ4Uk83OXBCdDBnQnIwTEdkdy1pV21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEtNzZiMWFlNjJmMDcy
LzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW7aMA0G
CSqGSIb3DQEBCwUAA4IBAQA/K7ARaAyHGar5Yt0hW92oCM2K3tXFtw4w0HMnw+Vt
Ql3/smCxS3dUSL5YmUtcundBKuuRnILzupKtfhmqS/xrFYpx0qtEgfAShAjklEJo
nUksXwipvyV+56O7KQgzHmJ95Jt3PNY59VCXXotY33gqs/iy5D8vtjcfQ+FivcUk
ZI1UUeDiT/+pRibzuPOQtXCaqPs4eC+mf4OQlB/viI93dkB5zNqq+ZdmmM6+EeUn
JKluzIWl4tC8Sfwx5JCUkqGy2MTS6LFheNIAtGc7V8AaD9fy696asONd3NOIYR3w
Zp6ZP8Inuj8esUcf6b6H3/rBMfyi6n0+RqtvYUkRo8gO
-----END CERTIFICATE-----
Generated at Thu May 8 04:54:29 2025 by rpki-client