Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/011132-eae3-4e9d-b6f0-46f004a19591/1/Ik9F5B5f7DcuZlagDdErTVXStRQ.roa
File: Ik9F5B5f7DcuZlagDdErTVXStRQ.roa (raw, json)
Hash identifier: yp447/W8L5L9hOk3hcD+xjpyr8Ze52QYEjbq6bofKac=
Subject key identifier: 22:4F:45:E4:1E:5F:EC:37:2E:66:56:A0:0D:D1:2B:4D:55:D2:B5:14
Certificate issuer: /CN=d03c73b60f2103ee3b2a2c3cbe920e212a92ee65
Certificate serial: 0194221FF209675FC6917639F8A0703FB97E
Authority key identifier: D0:3C:73:B6:0F:21:03:EE:3B:2A:2C:3C:BE:92:0E:21:2A:92:EE:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Dxztg8hA-47Kiw8vpIOISqS7mU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/011132-eae3-4e9d-b6f0-46f004a19591/1/Ik9F5B5f7DcuZlagDdErTVXStRQ.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214967
IP address blocks: 193.200.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 21:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f2:09:67:5f:c6:91:76:39:f8:a0:70:3f:b9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03c73b60f2103ee3b2a2c3cbe920e212a92ee65
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=224f45e41e5fec372e6656a00dd12b4d55d2b514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:78:35:d2:f1:b6:69:01:db:ad:16:ab:a2:
6f:6f:a5:65:05:ac:bc:dc:71:19:49:ba:59:1f:40:
0d:1c:c4:fa:22:59:60:42:05:79:cf:15:b0:c6:3f:
7b:a5:4c:f4:1c:c0:1d:b9:4c:b0:e5:4d:4b:73:41:
54:04:26:03:9a:dc:1d:1b:0f:6a:c7:94:1d:32:ac:
aa:9e:75:b7:5d:ac:91:ba:3f:dc:0c:a8:e6:39:7d:
fb:25:ef:eb:03:99:7c:12:f6:09:e5:a4:ce:07:9f:
e2:86:0e:28:46:10:d5:0f:6b:af:c3:62:d6:d3:73:
8e:75:44:32:1d:dc:cf:b7:46:10:66:53:79:72:d3:
fc:e4:0c:4a:e1:f1:f9:c3:5d:ae:2a:21:16:df:b2:
e6:9c:37:0b:7c:ed:85:28:03:e5:61:ff:a0:41:3e:
95:fd:fc:04:6e:f1:62:e8:4b:a1:23:a0:2f:73:55:
2e:cc:f2:37:05:da:33:7e:7a:99:9c:08:1e:d6:3b:
4c:a0:9e:aa:d4:1c:0f:99:8c:5e:a5:27:ae:cb:ea:
c6:78:26:40:87:b2:13:a4:d7:c2:3f:24:9f:a0:d5:
e4:90:21:0e:16:bb:2b:14:28:52:fc:37:00:e6:f6:
1a:68:47:22:f2:32:ec:29:2e:6b:2d:15:d7:a3:d4:
14:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:4F:45:E4:1E:5F:EC:37:2E:66:56:A0:0D:D1:2B:4D:55:D2:B5:14
X509v3 Authority Key Identifier:
keyid:D0:3C:73:B6:0F:21:03:EE:3B:2A:2C:3C:BE:92:0E:21:2A:92:EE:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Dxztg8hA-47Kiw8vpIOISqS7mU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/011132-eae3-4e9d-b6f0-46f004a19591/1/Ik9F5B5f7DcuZlagDdErTVXStRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/011132-eae3-4e9d-b6f0-46f004a19591/1/0Dxztg8hA-47Kiw8vpIOISqS7mU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.78.0/24
Signature Algorithm: sha256WithRSAEncryption
19:21:40:27:b7:15:0d:8b:e3:7c:e5:d7:3f:12:02:9b:25:4e:
87:d9:0c:1f:2b:ae:e0:e4:e0:c2:6d:30:78:aa:68:46:ad:ca:
17:6d:18:cf:83:e0:4b:bc:d6:e6:9c:a5:7e:20:a3:08:4b:67:
55:a2:02:ff:67:e0:6c:f8:66:6f:9b:87:fb:86:a3:dd:ca:2b:
b6:82:70:a9:46:7e:70:b2:3f:22:de:4a:8a:77:7b:60:69:b0:
27:9c:4c:f6:e7:de:7b:a5:d9:eb:4b:05:3b:86:b7:6e:b7:5d:
c8:55:9b:a9:37:fa:45:5d:0a:71:79:d7:61:06:e3:dc:55:69:
1b:03:31:01:ce:ae:54:51:20:a8:3b:16:79:b9:32:46:39:7e:
30:ea:37:f5:d5:36:cd:e4:9c:d7:8b:84:70:34:a5:bc:91:93:
ce:14:8b:9f:a7:16:96:d5:2b:69:51:4f:4a:03:ea:94:8d:7d:
13:cf:e7:a9:d2:eb:f3:e1:8b:3a:b7:11:13:0b:25:8d:74:aa:
c2:a8:e2:70:30:9d:4d:97:e7:6b:5f:3e:71:5d:11:55:62:22:
fc:cb:20:e8:35:12:ce:ab:d3:6f:ff:b1:82:da:74:65:5e:67:
d1:51:7d:7a:c0:92:fb:e2:a5:8f:87:08:de:01:9f:16:c1:c8:
98:99:87:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/IJZ1/GkXY5+KBwP7l+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2M3M2I2MGYyMTAzZWUzYjJhMmMzY2JlOTIwZTIxMmE5
MmVlNjUwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjRmNDVlNDFlNWZlYzM3MmU2NjU2YTAwZGQxMmI0ZDU1ZDJiNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzZ4NdLxtmkB260Wq6Jvb6VlBay8
3HEZSbpZH0ANHMT6IllgQgV5zxWwxj97pUz0HMAduUyw5U1Lc0FUBCYDmtwdGw9q
x5QdMqyqnnW3XayRuj/cDKjmOX37Je/rA5l8EvYJ5aTOB5/ihg4oRhDVD2uvw2LW
03OOdUQyHdzPt0YQZlN5ctP85AxK4fH5w12uKiEW37LmnDcLfO2FKAPlYf+gQT6V
/fwEbvFi6EuhI6Avc1UuzPI3BdozfnqZnAge1jtMoJ6q1BwPmYxepSeuy+rGeCZA
h7ITpNfCPySfoNXkkCEOFrsrFChS/DcA5vYaaEci8jLsKS5rLRXXo9QUdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJPReQeX+w3LmZWoA3RK01V0rUUMB8GA1UdIwQY
MBaAFNA8c7YPIQPuOyosPL6SDiEqku5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMER4enRnOGhBLTQ3S2l3OHZwSU9JU3FTN21VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wMTExMzItZWFlMy00ZTlkLWI2ZjAt
NDZmMDA0YTE5NTkxLzEvSWs5RjVCNWY3RGN1WmxhZ0RkRXJUVlhTdFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wMTExMzItZWFlMy00ZTlkLWI2ZjAtNDZmMDA0YTE5NTkx
LzEvMER4enRnOGhBLTQ3S2l3OHZwSU9JU3FTN21VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwchOMA0G
CSqGSIb3DQEBCwUAA4IBAQAZIUAntxUNi+N85dc/EgKbJU6H2QwfK67g5ODCbTB4
qmhGrcoXbRjPg+BLvNbmnKV+IKMIS2dVogL/Z+Bs+GZvm4f7hqPdyiu2gnCpRn5w
sj8i3kqKd3tgabAnnEz25957pdnrSwU7hrdut13IVZupN/pFXQpxeddhBuPcVWkb
AzEBzq5UUSCoOxZ5uTJGOX4w6jf11TbN5JzXi4RwNKW8kZPOFIufpxaW1StpUU9K
A+qUjX0Tz+ep0uvz4Ys6txETCyWNdKrCqOJwMJ1Nl+drXz5xXRFVYiL8yyDoNRLO
q9Nv/7GC2nRlXmfRUX16wJL74qWPhwjeAZ8WwciYmYd2
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:37 2025 by rpki-client