Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/iFNj-YnTiFLE8Eu38tMlKyitaic.roa
File: iFNj-YnTiFLE8Eu38tMlKyitaic.roa (raw, json)
Hash identifier: FxFYkb1FrG8qXBMOC4f1wDIeTQ1MT8+TsTEAVhngRIg=
Subject key identifier: 88:53:63:F9:89:D3:88:52:C4:F0:4B:B7:F2:D3:25:2B:28:AD:6A:27
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0193DAF84582B2C7069D354E5B5DB5243A2D
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/iFNj-YnTiFLE8Eu38tMlKyitaic.roa
Signing time: Wed 18 Dec 2024 18:12:03 +0000
ROA not before: Wed 18 Dec 2024 18:12:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52052
IP address blocks: 185.166.72.0/22 maxlen: 22
194.247.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 14:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:f8:45:82:b2:c7:06:9d:35:4e:5b:5d:b5:24:3a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Dec 18 18:12:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=885363f989d38852c4f04bb7f2d3252b28ad6a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:1d:1f:d2:14:2f:00:59:09:52:cf:fe:ce:28:
dc:d3:70:24:20:bd:c1:2c:ac:87:38:3f:fb:1d:51:
58:69:ae:17:46:11:7d:6d:b0:5a:1e:da:8c:98:8a:
72:d4:39:1b:b2:78:52:95:65:5f:6d:0f:70:f2:78:
e3:34:d4:c2:a9:b5:1e:1e:f2:af:f9:d2:55:cc:cd:
23:f0:b1:69:78:cf:7c:b8:4d:6b:9f:ce:c2:97:24:
61:5a:cb:81:db:b4:9f:f5:6f:0a:c6:4e:d4:8e:8b:
8e:fa:c9:5f:da:0b:48:8e:98:d3:b9:5a:d5:7d:d6:
47:44:27:9a:36:17:69:40:ee:5c:c8:dd:fb:ff:2a:
d6:1c:4f:c9:28:cb:9a:0e:56:9e:a1:48:96:ba:bc:
3a:00:48:7d:ae:f2:07:b4:64:18:54:13:37:cd:dd:
03:f8:63:72:c6:c4:73:c1:52:16:9b:1f:91:d2:38:
33:ef:f0:3b:ae:7c:45:c8:67:30:2a:c6:2e:1d:a6:
8c:89:64:f0:81:9b:9f:f0:31:a8:d9:d6:7e:17:2f:
db:26:ae:72:48:54:20:47:b4:83:7d:9c:17:2e:77:
97:e2:c1:cd:1c:cd:81:3e:ce:b3:9d:1e:11:2d:32:
bb:d6:20:4b:db:23:e8:7f:0a:7b:31:0e:f9:ad:75:
eb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:53:63:F9:89:D3:88:52:C4:F0:4B:B7:F2:D3:25:2B:28:AD:6A:27
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/iFNj-YnTiFLE8Eu38tMlKyitaic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
194.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
13:25:7d:f0:1a:db:46:67:25:96:e3:d2:3a:a0:14:e8:dd:13:
96:d2:00:ca:45:f3:d0:e2:1d:a8:33:4d:c4:34:35:5b:14:1a:
9d:b1:e9:98:86:0f:14:fa:9f:08:a2:f5:3f:7b:ff:f3:6e:37:
e7:bb:ba:e0:0c:58:ad:d0:61:f1:d0:8a:39:6c:38:c2:01:ba:
ec:f6:11:ce:82:ec:df:c8:c1:2e:40:db:11:9a:6f:3d:f4:2f:
5c:72:ae:8c:8f:08:6b:39:48:2f:80:4b:aa:c8:3c:64:e1:7b:
d1:c6:61:2d:32:d4:28:6c:25:3b:6b:9c:4c:c4:6f:3d:2b:1d:
77:f5:9a:cf:1e:0a:d0:ed:f7:96:20:64:59:15:ad:1a:c7:82:
7e:9a:64:51:d7:58:e1:cf:71:2f:df:1d:6f:88:24:d9:97:e4:
07:e4:46:98:61:df:49:5c:b4:df:d5:10:2f:67:a1:a7:df:95:
b6:c1:e5:ef:f4:f4:ef:2a:c8:7b:07:90:99:39:bb:df:d2:2a:
8e:e2:73:8d:af:86:87:8a:48:81:fe:ef:05:49:96:1d:74:69:
44:60:e9:a5:c7:4f:53:d0:5b:fb:ba:f4:dc:ae:6a:8c:2d:22:
a4:83:89:e3:bb:4a:38:4e:cc:03:33:94:e7:41:31:9a:7f:89:
04:f6:3b:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPa+EWCsscGnTVOW121JDotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjQxMjE4MTgxMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUzNjNmOTg5ZDM4ODUyYzRmMDRiYjdmMmQzMjUyYjI4YWQ2YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7h0f0hQvAFkJUs/+zijc03AkIL3B
LKyHOD/7HVFYaa4XRhF9bbBaHtqMmIpy1DkbsnhSlWVfbQ9w8njjNNTCqbUeHvKv
+dJVzM0j8LFpeM98uE1rn87ClyRhWsuB27Sf9W8Kxk7UjouO+slf2gtIjpjTuVrV
fdZHRCeaNhdpQO5cyN37/yrWHE/JKMuaDlaeoUiWurw6AEh9rvIHtGQYVBM3zd0D
+GNyxsRzwVIWmx+R0jgz7/A7rnxFyGcwKsYuHaaMiWTwgZuf8DGo2dZ+Fy/bJq5y
SFQgR7SDfZwXLneX4sHNHM2BPs6znR4RLTK71iBL2yPofwp7MQ75rXXrSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhTY/mJ04hSxPBLt/LTJSsorWonMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvaUZOai1ZblRpRkxFOEV1Mzh0TWxLeWl0YWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaZIAwQA
wvchMA0GCSqGSIb3DQEBCwUAA4IBAQATJX3wGttGZyWW49I6oBTo3ROW0gDKRfPQ
4h2oM03ENDVbFBqdsemYhg8U+p8IovU/e//zbjfnu7rgDFit0GHx0Io5bDjCAbrs
9hHOguzfyMEuQNsRmm899C9ccq6MjwhrOUgvgEuqyDxk4XvRxmEtMtQobCU7a5xM
xG89Kx139ZrPHgrQ7feWIGRZFa0ax4J+mmRR11jhz3Ev3x1viCTZl+QH5EaYYd9J
XLTf1RAvZ6Gn35W2weXv9PTvKsh7B5CZObvf0iqO4nONr4aHikiB/u8FSZYddGlE
YOmlx09T0Fv7uvTcrmqMLSKkg4nju0o4TswDM5TnQTGaf4kE9jtl
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:01:07 2025 by rpki-client