Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IJ0QGMGdRGFbVZkEUfsHSoybHC0.roa
File: IJ0QGMGdRGFbVZkEUfsHSoybHC0.roa (raw, json)
Hash identifier: xc4+0cPkQaVqfjoal2LQ2QJ8oOs0oAyC5uscSvWWoEI=
Subject key identifier: 20:9D:10:18:C1:9D:44:61:5B:55:99:04:51:FB:07:4A:8C:9B:1C:2D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01913770EC8B3821DE27649DA18F61DF3CFE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IJ0QGMGdRGFbVZkEUfsHSoybHC0.roa
Signing time: Fri 09 Aug 2024 14:00:33 +0000
ROA not before: Fri 09 Aug 2024 14:00:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 194.31.222.0/24 maxlen: 24
194.31.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 10:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:70:ec:8b:38:21:de:27:64:9d:a1:8f:61:df:3c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 9 14:00:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=209d1018c19d44615b55990451fb074a8c9b1c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:85:bb:cb:db:e2:2f:22:a5:30:c8:24:c9:71:
43:11:65:b7:6d:8a:6a:87:54:f8:94:a5:48:b6:29:
3a:fd:62:c6:23:f3:90:ed:5c:39:47:24:53:06:a5:
df:88:27:31:24:39:de:6c:b7:f5:a2:99:c6:51:ef:
d8:61:96:e2:38:14:a4:0f:60:9d:52:ac:fe:2a:3a:
b0:7e:e6:3e:07:a1:ad:c8:25:e0:38:da:f9:65:bb:
00:19:c1:b9:f3:fc:b2:56:4c:ce:75:b9:40:fe:77:
63:d4:78:f8:ba:67:16:3c:87:61:1d:57:1b:50:0d:
4c:5b:2a:78:b1:a2:09:ca:cd:0d:e0:4c:d1:37:8b:
03:2d:96:fe:57:a7:01:b4:e3:60:ea:70:1e:27:1b:
29:0f:c6:08:e8:cf:41:3d:a8:ef:08:0d:06:fe:af:
b7:c3:84:dc:c2:35:9d:8e:7e:5b:d1:ee:42:9f:46:
a2:83:15:be:43:e4:e0:a8:71:dd:17:bb:f5:7c:94:
f3:3f:c4:2c:42:a8:d1:50:a1:4a:2b:9a:54:b4:cc:
29:ba:19:7a:d0:ee:e4:65:cc:b5:5b:72:0e:e4:62:
64:6d:98:ab:34:48:a0:06:11:c0:ca:a9:79:dc:9a:
51:46:a6:87:90:d4:8a:c2:1b:48:33:4a:2c:31:57:
d9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9D:10:18:C1:9D:44:61:5B:55:99:04:51:FB:07:4A:8C:9B:1C:2D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IJ0QGMGdRGFbVZkEUfsHSoybHC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.222.0/23
Signature Algorithm: sha256WithRSAEncryption
32:1b:cb:2f:bd:67:88:fc:39:aa:bb:b2:23:5a:58:ba:5b:5b:
eb:bb:ac:58:fd:3b:de:81:8f:a6:63:14:54:8e:b7:8d:ce:00:
8f:39:73:3f:95:1a:56:44:bf:96:96:a1:bb:36:2b:85:8d:ac:
ab:34:04:76:fa:d9:f1:e1:d6:e7:06:f4:c9:24:d4:af:d0:6f:
05:ec:16:8b:0b:79:c2:03:d2:95:4c:12:be:91:a6:fd:bb:71:
49:1a:28:12:91:45:ce:7d:79:d6:1c:4f:db:78:1a:16:6b:a2:
af:f4:65:06:78:b1:8b:c0:fa:ea:7d:36:4c:a0:ed:1a:0d:8b:
11:ee:78:c3:a8:74:fd:d0:7a:a1:dc:ce:4d:59:22:f9:0c:9c:
98:c9:e9:5e:19:3a:ff:70:6b:c6:ce:03:6c:0f:8f:8f:aa:34:
fb:5a:68:d3:8c:15:7f:06:e9:ba:84:a2:05:69:49:a1:50:21:
1f:1a:64:a0:28:e3:ca:70:0b:b5:45:af:fb:9c:bd:b2:b7:da:
ac:a7:63:e3:cb:92:ac:0f:3f:76:3b:c1:46:fc:f8:a3:aa:8f:
29:46:00:55:70:7c:75:29:b8:bd:7f:4a:d1:ee:43:59:0b:05:
2c:77:84:38:d3:49:72:a5:10:16:b1:ca:0c:c2:9a:cf:a2:1c:
42:57:c9:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZE3cOyLOCHeJ2SdoY9h3zz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA5MTQwMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDlkMTAxOGMxOWQ0NDYxNWI1NTk5MDQ1MWZiMDc0YThjOWIxYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4W7y9viLyKlMMgkyXFDEWW3bYpq
h1T4lKVItik6/WLGI/OQ7Vw5RyRTBqXfiCcxJDnebLf1opnGUe/YYZbiOBSkD2Cd
Uqz+KjqwfuY+B6GtyCXgONr5ZbsAGcG58/yyVkzOdblA/ndj1Hj4umcWPIdhHVcb
UA1MWyp4saIJys0N4EzRN4sDLZb+V6cBtONg6nAeJxspD8YI6M9BPajvCA0G/q+3
w4TcwjWdjn5b0e5Cn0aigxW+Q+TgqHHdF7v1fJTzP8QsQqjRUKFKK5pUtMwpuhl6
0O7kZcy1W3IO5GJkbZirNEigBhHAyql53JpRRqaHkNSKwhtIM0osMVfZEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCdEBjBnURhW1WZBFH7B0qMmxwtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSUowUUdNR2RSR0ZiVlprRVVmc0hTb3liSEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwh/eMA0G
CSqGSIb3DQEBCwUAA4IBAQAyG8svvWeI/Dmqu7IjWli6W1vru6xY/TvegY+mYxRU
jreNzgCPOXM/lRpWRL+WlqG7NiuFjayrNAR2+tnx4dbnBvTJJNSv0G8F7BaLC3nC
A9KVTBK+kab9u3FJGigSkUXOfXnWHE/beBoWa6Kv9GUGeLGLwPrqfTZMoO0aDYsR
7njDqHT90Hqh3M5NWSL5DJyYyeleGTr/cGvGzgNsD4+PqjT7WmjTjBV/Bum6hKIF
aUmhUCEfGmSgKOPKcAu1Ra/7nL2yt9qsp2Pjy5KsDz92O8FG/Pijqo8pRgBVcHx1
Kbi9f0rR7kNZCwUsd4Q400lypRAWscoMwprPohxCV8n/
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:05 2025 by rpki-client