Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/IuLHZEARlNwvCta29_ecVyPVqOA.roa
File: IuLHZEARlNwvCta29_ecVyPVqOA.roa (raw, json)
Hash identifier: 9mRVbQLUxe9T5sjrKbF4LXP7tz4xnhW1/P4Bcws+yCA=
Subject key identifier: 22:E2:C7:64:40:11:94:DC:2F:0A:D6:B6:F7:F7:9C:57:23:D5:A8:E0
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018CD64DBE503C0E42411FE43ADF7167EEF4
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/IuLHZEARlNwvCta29_ecVyPVqOA.roa
Signing time: Thu 04 Jan 2024 21:07:48 +0000
ROA not before: Thu 04 Jan 2024 21:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215787
IP address blocks: 185.236.9.0/24 maxlen: 24
194.156.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 19:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:4d:be:50:3c:0e:42:41:1f:e4:3a:df:71:67:ee:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 4 21:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22e2c764401194dc2f0ad6b6f7f79c5723d5a8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:2f:62:ba:f6:66:49:0f:24:33:1c:ff:7d:
c3:fe:97:2c:66:21:e1:5c:04:f1:40:5a:66:b6:35:
74:9e:74:f1:25:02:86:85:b3:24:52:45:ac:88:8b:
0d:ef:9e:76:28:1f:f2:14:97:b7:26:db:d2:de:b6:
9e:80:da:81:6a:df:7b:36:ef:58:d8:1a:d3:cf:6e:
6e:6e:ae:34:58:68:b8:0e:5a:70:2f:63:6b:3a:0d:
bf:1f:d4:15:f8:43:e0:9e:0f:fc:6b:de:b2:a2:a8:
66:cd:da:58:f0:15:ba:bf:d0:dc:0d:92:8e:41:0a:
b6:de:72:ea:74:60:85:fc:05:2a:da:ab:31:7f:ce:
2a:7e:43:5c:bc:6a:5d:9e:c7:29:28:67:82:00:89:
2e:c7:d8:30:ac:e5:38:a8:00:d4:92:6e:f4:0c:6c:
b0:1d:e9:81:34:09:b7:35:65:44:cf:fe:94:1a:54:
1a:d4:00:da:89:38:81:dc:b7:1e:a5:00:dd:c9:58:
8f:82:2b:41:a5:6f:6e:ae:b7:2f:43:97:c1:79:aa:
52:65:cc:50:0b:e1:4f:90:e6:89:f6:33:82:12:65:
b3:e0:57:95:bf:17:d5:83:40:b0:10:43:cb:16:ea:
15:fb:c3:df:95:b8:9e:19:69:ab:2b:0c:55:0a:66:
dc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E2:C7:64:40:11:94:DC:2F:0A:D6:B6:F7:F7:9C:57:23:D5:A8:E0
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/IuLHZEARlNwvCta29_ecVyPVqOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.9.0/24
194.156.79.0/24
Signature Algorithm: sha256WithRSAEncryption
46:52:44:b4:c7:9c:70:be:9b:f0:7a:af:e1:68:09:42:ee:94:
bc:71:75:9b:95:fb:23:c2:b8:42:49:67:cc:d6:f4:a8:8e:ca:
fe:2e:7b:79:e4:eb:c9:e8:36:14:bb:39:69:74:8b:c5:6f:64:
5b:ee:f0:fb:b0:e9:26:3e:ad:c1:80:9f:e3:3d:06:bc:fc:a1:
64:cf:5a:28:fe:cb:9a:b9:c5:4f:20:f6:81:01:6d:40:40:64:
7e:39:1b:80:4f:a7:00:fb:2b:a5:bc:7b:8c:2d:94:77:fc:19:
fe:10:18:f3:ed:dd:59:96:e7:e7:1b:0f:ec:c0:16:49:66:19:
b0:d3:27:16:b6:b4:bc:ec:a5:61:eb:b9:cd:a1:e0:fa:df:49:
ea:03:cb:3b:e5:0d:5e:7c:da:ce:93:a7:e2:63:51:c4:00:7f:
88:f6:56:ee:36:d6:ff:d6:86:b7:bf:52:7c:1d:cd:26:7a:79:
52:c1:c7:d1:3a:bd:f0:75:16:60:af:31:ce:6f:bc:66:6a:e8:
c3:4f:de:43:2a:99:d2:c5:ab:59:b0:e2:c5:85:84:a8:63:72:
40:3c:16:9e:76:95:7b:da:28:b5:d0:bc:98:b5:65:27:3b:18:
b5:61:36:a9:d3:a1:b8:ed:d2:91:10:cb:25:65:cb:83:f0:cf:
e2:1e:96:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzWTb5QPA5CQR/kOt9xZ+70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTA0MjEwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmUyYzc2NDQwMTE5NGRjMmYwYWQ2YjZmN2Y3OWM1NzIzZDVhOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+MvYrr2ZkkPJDMc/33D/pcsZiHh
XATxQFpmtjV0nnTxJQKGhbMkUkWsiIsN7552KB/yFJe3JtvS3raegNqBat97Nu9Y
2BrTz25ubq40WGi4DlpwL2NrOg2/H9QV+EPgng/8a96yoqhmzdpY8BW6v9DcDZKO
QQq23nLqdGCF/AUq2qsxf84qfkNcvGpdnscpKGeCAIkux9gwrOU4qADUkm70DGyw
HemBNAm3NWVEz/6UGlQa1ADaiTiB3LcepQDdyViPgitBpW9urrcvQ5fBeapSZcxQ
C+FPkOaJ9jOCEmWz4FeVvxfVg0CwEEPLFuoV+8PflbieGWmrKwxVCmbccwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLix2RAEZTcLwrWtvf3nFcj1ajgMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvSXVMSFpFQVJsTnd2Q3RhMjlfZWNWeVBWcU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuewJAwQA
wpxPMA0GCSqGSIb3DQEBCwUAA4IBAQBGUkS0x5xwvpvweq/haAlC7pS8cXWblfsj
wrhCSWfM1vSojsr+Lnt55OvJ6DYUuzlpdIvFb2Rb7vD7sOkmPq3BgJ/jPQa8/KFk
z1oo/suaucVPIPaBAW1AQGR+ORuAT6cA+yulvHuMLZR3/Bn+EBjz7d1ZlufnGw/s
wBZJZhmw0ycWtrS87KVh67nNoeD630nqA8s75Q1efNrOk6fiY1HEAH+I9lbuNtb/
1oa3v1J8Hc0menlSwcfROr3wdRZgrzHOb7xmaujDT95DKpnSxatZsOLFhYSoY3JA
PBaedpV72ii10LyYtWUnOxi1YTap06G47dKREMslZcuD8M/iHpb7
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org