Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/xgFXDUT81GhKsQa8wh7OrzSQqgQ.roa
File: xgFXDUT81GhKsQa8wh7OrzSQqgQ.roa (raw, json)
Hash identifier: pemLAxtPSOtBI88dSQHk1MFgrlp6UGfq/SouZXw1wBg=
Subject key identifier: C6:01:57:0D:44:FC:D4:68:4A:B1:06:BC:C2:1E:CE:AF:34:90:AA:04
Certificate issuer: /CN=9202036a43dad06b6c2cc64bde767870676f87b3
Certificate serial: 018CC56EE4A01AF21551200EC1734EF0D536
Authority key identifier: 92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/xgFXDUT81GhKsQa8wh7OrzSQqgQ.roa
Signing time: Mon 01 Jan 2024 14:30:28 +0000
ROA not before: Mon 01 Jan 2024 14:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29027
IP address blocks: 185.103.88.0/24 maxlen: 24
185.103.89.0/24 maxlen: 24
185.103.90.0/24 maxlen: 24
185.103.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e4:a0:1a:f2:15:51:20:0e:c1:73:4e:f0:d5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9202036a43dad06b6c2cc64bde767870676f87b3
Validity
Not Before: Jan 1 14:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c601570d44fcd4684ab106bcc21eceaf3490aa04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3b:ca:e4:99:3b:61:b2:9d:0d:80:b9:89:c5:
8b:4a:9a:a0:ad:3a:be:29:92:d9:9f:79:ec:da:41:
4b:8e:21:46:97:4d:9f:83:fd:c3:f5:c0:41:db:8a:
a0:65:3b:aa:20:fa:a9:59:5e:d8:65:e4:63:dd:a1:
eb:c0:71:f6:a9:86:92:6b:a5:4d:70:cf:64:22:ee:
e9:da:1f:2a:30:2f:98:94:74:be:c7:2e:f4:52:4b:
c9:7c:4e:8d:00:1f:0d:a0:6f:e9:c9:7b:4a:05:74:
37:f6:0c:f0:14:c1:49:c8:8b:26:8e:78:79:50:01:
4e:c4:d2:f9:98:3d:f9:fe:21:ed:6e:85:da:6a:30:
52:cd:8c:d5:62:1b:b5:c8:90:f1:4a:fb:17:ec:5c:
68:a5:81:40:17:fa:1c:a1:2d:41:a2:28:53:4f:7c:
8d:22:db:42:eb:ef:f1:cf:5e:46:2c:fb:88:aa:6c:
df:76:04:3b:9e:d7:44:65:72:e0:7d:fc:bd:f6:20:
53:b3:eb:a9:c1:9b:6b:f1:d7:15:ff:e7:29:9a:18:
23:94:ab:36:fa:fa:3c:ef:cf:b4:1f:0b:a3:6e:f1:
47:de:70:b6:d0:48:08:af:af:c4:d2:f2:53:bf:e7:
6f:98:5f:70:51:90:94:86:dd:7a:8c:3f:ab:4b:f7:
e1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:01:57:0D:44:FC:D4:68:4A:B1:06:BC:C2:1E:CE:AF:34:90:AA:04
X509v3 Authority Key Identifier:
keyid:92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/xgFXDUT81GhKsQa8wh7OrzSQqgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.88.0/22
Signature Algorithm: sha256WithRSAEncryption
26:6f:d5:2d:be:0e:58:e4:fe:da:03:b8:d6:92:75:07:60:61:
98:0b:83:bf:3c:e6:6f:14:0f:b8:05:3b:ad:e4:96:fe:9a:1a:
56:ef:20:21:e2:af:e3:8b:38:e1:46:85:69:71:d3:0c:6b:08:
6f:51:02:64:bc:e9:58:8f:31:8a:51:3d:61:3f:cb:b5:a4:fe:
a3:3b:ef:f1:5d:64:37:24:b3:8f:99:50:1a:3f:48:c9:66:61:
34:66:6f:16:f1:c7:da:77:88:1e:55:25:53:80:24:40:a7:75:
19:c5:60:9d:0d:95:42:b7:c3:2b:f7:fc:4a:3b:67:a2:f2:72:
f5:67:87:d5:74:3a:82:ee:f8:73:e2:6f:de:d0:92:bd:36:14:
68:62:26:22:01:35:53:31:61:2c:34:60:b5:26:88:a5:45:8c:
d8:c3:3d:d9:76:90:d6:98:1f:a5:2c:b8:44:0e:63:0f:ee:27:
f4:01:22:3a:56:4a:c3:be:83:5e:3f:13:16:cf:f7:e2:75:24:
93:c5:54:73:3c:09:8a:13:ec:d7:05:4b:c9:68:22:3a:08:8b:
5f:d0:7e:42:1d:ba:40:c4:6b:97:82:b8:82:10:aa:b4:fc:4b:
09:1e:05:2a:74:6b:23:33:b0:50:06:e9:6f:4d:64:41:e8:fe:
06:86:a9:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbuSgGvIVUSAOwXNO8NU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMDIwMzZhNDNkYWQwNmI2YzJjYzY0YmRlNzY3ODcwNjc2
Zjg3YjMwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjAxNTcwZDQ0ZmNkNDY4NGFiMTA2YmNjMjFlY2VhZjM0OTBhYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzvK5Jk7YbKdDYC5icWLSpqgrTq+
KZLZn3ns2kFLjiFGl02fg/3D9cBB24qgZTuqIPqpWV7YZeRj3aHrwHH2qYaSa6VN
cM9kIu7p2h8qMC+YlHS+xy70UkvJfE6NAB8NoG/pyXtKBXQ39gzwFMFJyIsmjnh5
UAFOxNL5mD35/iHtboXaajBSzYzVYhu1yJDxSvsX7FxopYFAF/ocoS1BoihTT3yN
IttC6+/xz15GLPuIqmzfdgQ7ntdEZXLgffy99iBTs+upwZtr8dcV/+cpmhgjlKs2
+vo878+0HwujbvFH3nC20EgIr6/E0vJTv+dvmF9wUZCUht16jD+rS/fhaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYBVw1E/NRoSrEGvMIezq80kKoEMB8GA1UdIwQY
MBaAFJICA2pD2tBrbCzGS952eHBnb4ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAt
NzNkY2VkMzk3MDdmLzEveGdGWERVVDgxR2hLc1FhOHdoN09yelNRcWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAtNzNkY2VkMzk3MDdm
LzEva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWdYMA0G
CSqGSIb3DQEBCwUAA4IBAQAmb9Utvg5Y5P7aA7jWknUHYGGYC4O/POZvFA+4BTut
5Jb+mhpW7yAh4q/jizjhRoVpcdMMawhvUQJkvOlYjzGKUT1hP8u1pP6jO+/xXWQ3
JLOPmVAaP0jJZmE0Zm8W8cfad4geVSVTgCRAp3UZxWCdDZVCt8Mr9/xKO2ei8nL1
Z4fVdDqC7vhz4m/e0JK9NhRoYiYiATVTMWEsNGC1JoilRYzYwz3ZdpDWmB+lLLhE
DmMP7if0ASI6VkrDvoNePxMWz/fidSSTxVRzPAmKE+zXBUvJaCI6CItf0H5CHbpA
xGuXgriCEKq0/EsJHgUqdGsjM7BQBulvTWRB6P4GhqlV
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:27:50 2025 by rpki-client