Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ce0edd-80d4-4af6-baec-baf2572e8093/1/IJIp3BqyH5oBA5-a43wXM6qgocc.roa
File: IJIp3BqyH5oBA5-a43wXM6qgocc.roa (raw, json)
Hash identifier: sAyfPqjMpamGu6EyaeKsKbZD96yqFqbnTBaN7Y+ctE8=
Subject key identifier: 20:92:29:DC:1A:B2:1F:9A:01:03:9F:9A:E3:7C:17:33:AA:A0:A1:C7
Certificate issuer: /CN=25e8277d1feab52387eab26f8dcca9260c258a3d
Certificate serial: 018CC425583B7F23ACCF760E7A9C9120C186
Authority key identifier: 25:E8:27:7D:1F:EA:B5:23:87:EA:B2:6F:8D:CC:A9:26:0C:25:8A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JegnfR_qtSOH6rJvjcypJgwlij0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/ce0edd-80d4-4af6-baec-baf2572e8093/1/IJIp3BqyH5oBA5-a43wXM6qgocc.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50239
IP address blocks: 109.196.0.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:58:3b:7f:23:ac:cf:76:0e:7a:9c:91:20:c1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e8277d1feab52387eab26f8dcca9260c258a3d
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=209229dc1ab21f9a01039f9ae37c1733aaa0a1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e6:8f:73:bd:26:45:02:17:22:0d:a2:6c:54:
8c:e6:e5:ae:34:89:7e:75:3a:d3:34:4b:df:51:9a:
f3:1d:cf:fd:0f:56:26:cc:85:62:d4:bb:28:18:c1:
a7:c7:65:e1:56:b1:44:6b:93:0c:ad:06:08:57:6a:
67:68:f4:6f:0e:1c:17:6e:d2:4f:34:28:27:16:9b:
e5:fa:73:b5:ae:cb:fc:0b:a8:93:3a:7f:66:e3:d0:
bc:33:74:1a:ba:b5:d1:03:b9:6b:a3:c5:35:76:ac:
61:e1:4d:1e:ec:08:6e:a4:b0:70:91:ab:99:97:de:
2d:7a:5b:5b:cd:c4:a0:3b:af:4d:15:86:0e:a8:5a:
6f:25:3b:e9:8f:bc:80:12:3b:d4:f6:42:3a:b3:12:
49:21:27:d7:e3:53:22:72:1b:31:d7:ed:1b:93:e4:
c2:60:89:8d:88:40:fb:11:96:ff:46:92:6d:eb:7d:
44:2e:05:fe:ab:40:89:b2:1e:27:1d:72:e8:89:02:
8a:05:10:f1:fb:2d:7d:f9:fe:35:5e:7a:78:b0:9a:
40:d9:0c:45:30:fb:49:64:0d:81:30:dc:2f:7e:04:
5f:38:6b:d9:f3:6a:86:e4:35:53:dc:67:30:1f:ca:
d4:5c:4d:f6:61:bb:5d:73:82:5a:f4:97:99:9e:4c:
cb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:92:29:DC:1A:B2:1F:9A:01:03:9F:9A:E3:7C:17:33:AA:A0:A1:C7
X509v3 Authority Key Identifier:
keyid:25:E8:27:7D:1F:EA:B5:23:87:EA:B2:6F:8D:CC:A9:26:0C:25:8A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JegnfR_qtSOH6rJvjcypJgwlij0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ce0edd-80d4-4af6-baec-baf2572e8093/1/IJIp3BqyH5oBA5-a43wXM6qgocc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ce0edd-80d4-4af6-baec-baf2572e8093/1/JegnfR_qtSOH6rJvjcypJgwlij0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.0.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:ff:f4:02:bb:f0:d8:f8:2e:d2:8f:b0:8c:31:dc:3b:36:45:
90:2b:9a:60:4d:4b:f6:2d:ff:a8:2d:18:68:96:43:02:46:59:
16:f8:af:f3:60:7d:f8:59:fb:3c:c4:67:dd:e2:57:28:4c:85:
a1:bb:2f:5a:d8:0b:0c:f0:88:a8:78:64:a7:40:da:63:19:4e:
31:64:eb:df:eb:1a:82:24:f1:a2:1a:4e:9a:20:58:fa:7e:42:
31:b0:3e:13:73:5c:2e:92:b5:b3:71:c0:ce:11:02:db:1d:e5:
5c:bf:e5:ee:b7:06:c6:3c:84:31:50:d1:75:7a:2b:3a:85:b6:
7a:52:b7:a9:e3:b8:3a:94:12:49:82:6a:32:c2:d5:e4:0a:71:
c2:90:7c:04:c9:81:ef:ff:88:29:bc:42:b3:28:c4:0a:1e:a7:
46:b6:25:71:94:91:a2:62:68:98:83:ab:54:ed:ed:e3:6a:3e:
5f:d3:14:96:4a:86:66:ab:26:66:ac:5b:4f:2c:ab:dc:b4:bc:
51:a4:1d:37:8b:ce:78:55:be:d8:1b:d0:b8:46:9d:c2:d0:d1:
d3:9d:0b:77:63:5e:17:06:b8:2d:85:3d:e1:d4:16:c8:aa:dc:
f5:db:e3:7b:bb:db:99:3a:35:ae:b9:86:a1:3c:cb:bf:db:9e:
ce:0e:55:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJVg7fyOsz3YOepyRIMGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTgyNzdkMWZlYWI1MjM4N2VhYjI2ZjhkY2NhOTI2MGMy
NThhM2QwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDkyMjlkYzFhYjIxZjlhMDEwMzlmOWFlMzdjMTczM2FhYTBhMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOaPc70mRQIXIg2ibFSM5uWuNIl+
dTrTNEvfUZrzHc/9D1YmzIVi1LsoGMGnx2XhVrFEa5MMrQYIV2pnaPRvDhwXbtJP
NCgnFpvl+nO1rsv8C6iTOn9m49C8M3QaurXRA7lro8U1dqxh4U0e7AhupLBwkauZ
l94teltbzcSgO69NFYYOqFpvJTvpj7yAEjvU9kI6sxJJISfX41Michsx1+0bk+TC
YImNiED7EZb/RpJt631ELgX+q0CJsh4nHXLoiQKKBRDx+y19+f41Xnp4sJpA2QxF
MPtJZA2BMNwvfgRfOGvZ82qG5DVT3GcwH8rUXE32Ybtdc4Ja9JeZnkzL9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCSKdwash+aAQOfmuN8FzOqoKHHMB8GA1UdIwQY
MBaAFCXoJ30f6rUjh+qyb43MqSYMJYo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVnbmZSX3F0U09INnJKdmpjeXBKZ3dsaWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZTBlZGQtODBkNC00YWY2LWJhZWMt
YmFmMjU3MmU4MDkzLzEvSUpJcDNCcXlINW9CQTUtYTQzd1hNNnFnb2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZTBlZGQtODBkNC00YWY2LWJhZWMtYmFmMjU3MmU4MDkz
LzEvSmVnbmZSX3F0U09INnJKdmpjeXBKZ3dsaWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbcQAMA0G
CSqGSIb3DQEBCwUAA4IBAQAu//QCu/DY+C7Sj7CMMdw7NkWQK5pgTUv2Lf+oLRho
lkMCRlkW+K/zYH34Wfs8xGfd4lcoTIWhuy9a2AsM8IioeGSnQNpjGU4xZOvf6xqC
JPGiGk6aIFj6fkIxsD4Tc1wukrWzccDOEQLbHeVcv+XutwbGPIQxUNF1eis6hbZ6
Urep47g6lBJJgmoywtXkCnHCkHwEyYHv/4gpvEKzKMQKHqdGtiVxlJGiYmiYg6tU
7e3jaj5f0xSWSoZmqyZmrFtPLKvctLxRpB03i854Vb7YG9C4Rp3C0NHTnQt3Y14X
BrgthT3h1BbIqtz12+N7u9uZOjWuuYahPMu/257ODlUc
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:10:58 2025 by rpki-client