Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/2f908b-eef9-4a1a-8f80-5fc44fd6bafc/1/X8KR-Y6wgTdG8-oReC8EJLoWgJg.roa
File: X8KR-Y6wgTdG8-oReC8EJLoWgJg.roa (raw, json)
Hash identifier: MCQ3hFS3R47pOspirMOuN0LJCmv1jDuZrTbZByNIUMA=
Subject key identifier: 5F:C2:91:F9:8E:B0:81:37:46:F3:EA:11:78:2F:04:24:BA:16:80:98
Certificate issuer: /CN=0e916c2ca36b50096ee2fe44b94529c2da3c3ec2
Certificate serial: 01917E17EC034521CD1786A3ED7AE0581EEE
Authority key identifier: 0E:91:6C:2C:A3:6B:50:09:6E:E2:FE:44:B9:45:29:C2:DA:3C:3E:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DpFsLKNrUAlu4v5EuUUpwto8PsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/2f908b-eef9-4a1a-8f80-5fc44fd6bafc/1/X8KR-Y6wgTdG8-oReC8EJLoWgJg.roa
Signing time: Fri 23 Aug 2024 07:16:22 +0000
ROA not before: Fri 23 Aug 2024 07:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214484
IP address blocks: 185.188.17.0/24 maxlen: 24
2a01:e800::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:17:ec:03:45:21:cd:17:86:a3:ed:7a:e0:58:1e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e916c2ca36b50096ee2fe44b94529c2da3c3ec2
Validity
Not Before: Aug 23 07:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fc291f98eb0813746f3ea11782f0424ba168098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:23:52:1d:fa:4f:7a:6f:fd:4f:00:34:78:dd:
12:71:97:72:d1:33:00:25:eb:f6:54:5c:4d:63:f1:
9f:83:9e:f0:21:35:c0:d3:26:b6:15:34:c7:5a:fa:
73:7e:41:1d:c9:43:4f:de:ba:c1:73:2b:49:16:37:
5c:3e:e9:57:e9:48:77:50:69:0c:a7:91:0b:5b:4a:
4d:cd:2a:6f:77:10:dc:9c:1f:13:9f:de:82:95:a3:
49:8b:5c:01:ca:23:9a:70:4e:4c:b0:2e:65:4e:a9:
39:a0:c6:bb:8f:7e:53:36:02:a1:f3:bc:8f:e6:e5:
1a:71:e7:60:02:09:42:61:4c:af:b4:46:62:d7:f5:
06:a1:33:94:75:db:d8:e6:70:5f:ce:b0:8b:2b:1f:
c0:f3:49:e5:11:78:40:f6:68:2d:eb:c8:a6:65:e6:
5d:6a:a9:57:d2:61:f4:6c:67:e4:2e:8f:60:60:89:
2b:36:fd:5b:e0:92:68:00:bd:f5:7b:c1:e5:6d:d1:
fa:9e:70:97:d7:b5:83:c6:1b:d1:63:03:a2:af:18:
1e:21:b8:61:a1:62:c2:1a:7a:6f:1b:69:20:a5:71:
09:d1:d8:b3:0a:bc:80:1c:0f:5a:d9:da:ac:a7:e0:
96:70:5a:ae:bc:5e:b4:96:32:ac:1c:19:93:d2:6d:
1f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C2:91:F9:8E:B0:81:37:46:F3:EA:11:78:2F:04:24:BA:16:80:98
X509v3 Authority Key Identifier:
keyid:0E:91:6C:2C:A3:6B:50:09:6E:E2:FE:44:B9:45:29:C2:DA:3C:3E:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DpFsLKNrUAlu4v5EuUUpwto8PsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2f908b-eef9-4a1a-8f80-5fc44fd6bafc/1/X8KR-Y6wgTdG8-oReC8EJLoWgJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2f908b-eef9-4a1a-8f80-5fc44fd6bafc/1/DpFsLKNrUAlu4v5EuUUpwto8PsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.17.0/24
IPv6:
2a01:e800::/29
Signature Algorithm: sha256WithRSAEncryption
22:d0:51:7b:c4:4c:67:97:ef:af:50:2f:b2:df:25:57:94:f7:
33:49:31:08:74:9e:93:f2:94:b6:49:cd:45:67:dc:17:eb:88:
fc:c6:e1:9a:0f:0a:ee:dc:ca:e9:24:d9:66:94:7e:93:cb:ba:
46:d8:eb:ca:3f:53:0a:27:88:b3:a6:9c:0a:9d:0e:40:85:4e:
64:4a:09:19:e8:a7:e8:bb:9c:81:2b:34:47:eb:a7:70:af:26:
3d:91:18:c7:1b:7d:79:a6:b1:25:78:58:b6:58:17:40:d6:f4:
2f:4a:fa:11:3a:13:6f:a7:4a:e0:50:b7:7b:8f:5c:02:6e:48:
7f:40:f1:67:87:31:2a:f6:81:cf:83:2d:90:cf:b7:a3:ef:97:
96:76:c5:81:51:e3:61:dc:57:4d:b7:3f:8b:e3:dd:da:7c:1c:
25:82:5b:ef:db:2a:92:dc:fa:c7:74:04:f2:4a:fc:f2:1d:7c:
3d:b5:b6:00:1f:e1:98:31:d1:0f:be:af:5b:f8:76:bd:f5:83:
05:6b:1b:b9:70:d0:b5:41:b0:3e:2e:01:79:66:64:b7:12:3e:
fb:c2:90:db:6b:bf:dc:fe:6e:1c:7c:df:ef:b6:3d:1a:79:cd:
fa:b0:5b:73:94:95:14:28:2a:f2:93:10:a5:a9:ea:01:61:d3:
02:c1:1e:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZF+F+wDRSHNF4aj7XrgWB7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOTE2YzJjYTM2YjUwMDk2ZWUyZmU0NGI5NDUyOWMyZGEz
YzNlYzIwHhcNMjQwODIzMDcxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMyOTFmOThlYjA4MTM3NDZmM2VhMTE3ODJmMDQyNGJhMTY4MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiNSHfpPem/9TwA0eN0ScZdy0TMA
Jev2VFxNY/Gfg57wITXA0ya2FTTHWvpzfkEdyUNP3rrBcytJFjdcPulX6Uh3UGkM
p5ELW0pNzSpvdxDcnB8Tn96ClaNJi1wByiOacE5MsC5lTqk5oMa7j35TNgKh87yP
5uUacedgAglCYUyvtEZi1/UGoTOUddvY5nBfzrCLKx/A80nlEXhA9mgt68imZeZd
aqlX0mH0bGfkLo9gYIkrNv1b4JJoAL31e8HlbdH6nnCX17WDxhvRYwOirxgeIbhh
oWLCGnpvG2kgpXEJ0dizCryAHA9a2dqsp+CWcFquvF60ljKsHBmT0m0fgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF/CkfmOsIE3RvPqEXgvBCS6FoCYMB8GA1UdIwQY
MBaAFA6RbCyja1AJbuL+RLlFKcLaPD7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHBGc0xLTnJVQWx1NHY1RXVVVXB3dG84UHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yZjkwOGItZWVmOS00YTFhLThmODAt
NWZjNDRmZDZiYWZjLzEvWDhLUi1ZNndnVGRHOC1vUmVDOEVKTG9XZ0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yZjkwOGItZWVmOS00YTFhLThmODAtNWZjNDRmZDZiYWZj
LzEvRHBGc0xLTnJVQWx1NHY1RXVVVXB3dG84UHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwRMA0E
AgACMAcDBQMqAegAMA0GCSqGSIb3DQEBCwUAA4IBAQAi0FF7xExnl++vUC+y3yVX
lPczSTEIdJ6T8pS2Sc1FZ9wX64j8xuGaDwru3MrpJNlmlH6Ty7pG2OvKP1MKJ4iz
ppwKnQ5AhU5kSgkZ6Kfou5yBKzRH66dwryY9kRjHG315prEleFi2WBdA1vQvSvoR
OhNvp0rgULd7j1wCbkh/QPFnhzEq9oHPgy2Qz7ej75eWdsWBUeNh3FdNtz+L493a
fBwlglvv2yqS3PrHdATySvzyHXw9tbYAH+GYMdEPvq9b+Ha99YMFaxu5cNC1QbA+
LgF5ZmS3Ej77wpDba7/c/m4cfN/vtj0aec36sFtzlJUUKCrykxClqeoBYdMCwR7W
-----END CERTIFICATE-----
Generated at Sat May 10 05:36:32 2025 by rpki-client