Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/iVGXX_wfpabMONGBT1dtb1xLEoA.roa
File: iVGXX_wfpabMONGBT1dtb1xLEoA.roa (raw, json)
Hash identifier: yPhyG7md01vP7fJcQSngK4JIq7DISMFLJ39Y6Fr9Wzs=
Subject key identifier: 89:51:97:5F:FC:1F:A5:A6:CC:38:D1:81:4F:57:6D:6F:5C:4B:12:80
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01942826A1C55BAE09BCB01868E51815F10C
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/iVGXX_wfpabMONGBT1dtb1xLEoA.roa
Signing time: Thu 02 Jan 2025 17:53:27 +0000
ROA not before: Thu 02 Jan 2025 17:53:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205552
IP address blocks: 194.40.240.0/24 maxlen: 24
194.40.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 13:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:a1:c5:5b:ae:09:bc:b0:18:68:e5:18:15:f1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 2 17:53:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8951975ffc1fa5a6cc38d1814f576d6f5c4b1280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:fe:8d:ac:69:60:f7:25:65:91:98:77:20:
49:72:90:35:c5:d2:65:12:e2:d9:42:51:43:b7:aa:
9e:69:03:12:fd:8f:8d:46:83:a9:01:8a:a6:e1:73:
8d:15:ed:70:74:8e:eb:67:60:9b:bb:89:6d:3e:31:
7c:05:06:03:df:4c:39:d6:23:9f:90:f7:c0:2f:fc:
da:8c:29:0c:42:0e:2a:ae:69:a0:f7:f2:d5:79:4f:
1e:a0:02:b8:47:98:ee:fd:ce:f3:8c:7a:93:8c:8c:
83:b5:46:79:68:3d:4b:8d:08:ba:58:97:ab:bc:80:
9a:7f:8a:f1:27:74:36:c0:16:fc:d5:78:13:2b:93:
5c:8c:70:3f:ec:28:63:3e:a5:9f:31:54:31:94:f8:
ac:1a:9b:2c:6a:71:4c:d6:fb:18:93:5c:ee:0f:70:
89:7f:2c:fe:80:b3:d9:f7:9e:27:dd:5a:4d:70:e5:
95:c1:cd:eb:bd:a8:4f:f8:ae:78:1b:4c:91:91:61:
bf:12:02:cf:0b:ea:23:d8:34:62:aa:51:72:d6:3c:
bb:f2:b0:61:e0:06:a7:43:c6:14:9d:4a:92:f5:22:
e4:47:03:b6:e1:90:e3:23:44:76:8f:5f:e4:d2:99:
8f:ef:b4:bf:ab:4b:2c:db:20:61:b6:fb:a8:37:c9:
5a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:51:97:5F:FC:1F:A5:A6:CC:38:D1:81:4F:57:6D:6F:5C:4B:12:80
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/iVGXX_wfpabMONGBT1dtb1xLEoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.40.240.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:d0:41:cd:87:19:9b:61:83:37:d1:32:95:da:79:85:5e:1b:
e9:36:e4:0f:4a:25:6e:f1:36:14:fe:53:1f:02:bc:b2:91:8c:
d8:5c:6d:8a:0f:c2:85:d4:b8:cf:97:2d:45:c9:b9:e0:67:b0:
59:b1:91:9a:f5:de:19:b7:5c:0b:ba:78:77:f4:03:db:32:0e:
7f:ba:dd:5e:ca:62:b0:c0:87:63:9f:b2:f4:4e:9e:9b:2e:2d:
55:18:9a:28:a8:ae:ff:d7:a7:3e:f0:2e:b1:52:cb:fd:d4:b0:
a9:6e:f4:53:06:57:e3:bd:e1:1c:63:46:dd:bb:9e:bb:3a:b4:
59:ba:1b:f0:31:0d:03:b8:00:64:0d:d2:7c:e8:b3:37:4d:51:
1c:06:6c:d5:90:7f:52:dd:18:c8:44:0d:1d:36:97:08:6e:1d:
45:cd:7c:ec:ad:8c:4c:ee:61:1c:af:0d:65:25:6d:4b:81:e5:
2c:5f:f3:78:4e:93:25:06:44:a6:25:82:69:d7:62:c8:ac:90:
29:33:7d:3b:7d:db:26:4e:c8:d9:db:b4:0a:45:3c:33:db:c9:
49:aa:ca:72:91:4c:58:8c:54:06:a2:84:bf:dd:f2:9d:e8:c4:
96:19:59:24:3e:0c:c2:26:96:35:71:bd:fb:00:ee:72:df:fd:
89:95:f1:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJqHFW64JvLAYaOUYFfEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMTAyMTc1MzI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTUxOTc1ZmZjMWZhNWE2Y2MzOGQxODE0ZjU3NmQ2ZjVjNGIxMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxX+jaxpYPclZZGYdyBJcpA1xdJl
EuLZQlFDt6qeaQMS/Y+NRoOpAYqm4XONFe1wdI7rZ2Cbu4ltPjF8BQYD30w51iOf
kPfAL/zajCkMQg4qrmmg9/LVeU8eoAK4R5ju/c7zjHqTjIyDtUZ5aD1LjQi6WJer
vICaf4rxJ3Q2wBb81XgTK5NcjHA/7ChjPqWfMVQxlPisGpssanFM1vsYk1zuD3CJ
fyz+gLPZ954n3VpNcOWVwc3rvahP+K54G0yRkWG/EgLPC+oj2DRiqlFy1jy78rBh
4AanQ8YUnUqS9SLkRwO24ZDjI0R2j1/k0pmP77S/q0ss2yBhtvuoN8lafwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlRl1/8H6WmzDjRgU9XbW9cSxKAMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvaVZHWFhfd2ZwYWJNT05HQlQxZHRiMXhMRW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwijwMA0G
CSqGSIb3DQEBCwUAA4IBAQCL0EHNhxmbYYM30TKV2nmFXhvpNuQPSiVu8TYU/lMf
AryykYzYXG2KD8KF1LjPly1FybngZ7BZsZGa9d4Zt1wLunh39APbMg5/ut1eymKw
wIdjn7L0Tp6bLi1VGJooqK7/16c+8C6xUsv91LCpbvRTBlfjveEcY0bdu567OrRZ
uhvwMQ0DuABkDdJ86LM3TVEcBmzVkH9S3RjIRA0dNpcIbh1FzXzsrYxM7mEcrw1l
JW1LgeUsX/N4TpMlBkSmJYJp12LIrJApM307fdsmTsjZ27QKRTwz28lJqspykUxY
jFQGooS/3fKd6MSWGVkkPgzCJpY1cb37AO5y3/2JlfHv
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:30:22 2025 by rpki-client