Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/STrQR7BL2DdUIi9e7eHYXN3k5C0.roa
File: STrQR7BL2DdUIi9e7eHYXN3k5C0.roa (raw, json)
Hash identifier: 4VWOj8ykdfZtEaW3PLRsc2/34D/WZpbJdY6OyT4CklA=
Subject key identifier: 49:3A:D0:47:B0:4B:D8:37:54:22:2F:5E:ED:E1:D8:5C:DD:E4:E4:2D
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 01904A240BACCFCDA30B75664F04FC3974F1
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/STrQR7BL2DdUIi9e7eHYXN3k5C0.roa
Signing time: Mon 24 Jun 2024 12:06:34 +0000
ROA not before: Mon 24 Jun 2024 12:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 176.117.64.0/22 maxlen: 22
176.117.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:24:0b:ac:cf:cd:a3:0b:75:66:4f:04:fc:39:74:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jun 24 12:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=493ad047b04bd83754222f5eede1d85cdde4e42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:ae:73:70:b2:b7:dd:74:c0:38:7b:39:fd:
aa:c2:13:d9:1a:fe:67:21:81:d9:c5:95:91:30:aa:
c8:af:30:9b:fc:2c:18:96:1f:63:04:7c:32:1b:fc:
a0:c2:73:23:95:96:c7:c8:14:12:03:d0:1e:df:fd:
50:34:37:98:6f:88:32:12:94:b5:f7:2f:82:ef:bc:
08:e5:c8:4d:1d:40:64:87:d2:d5:e7:62:dd:db:67:
fb:38:9b:9b:24:bc:e1:a7:57:9c:74:dc:71:f7:2c:
a5:75:72:52:78:e7:31:51:10:f4:55:bd:de:28:49:
0a:8f:c6:cd:ed:8c:d8:bf:5b:47:fc:00:75:62:63:
7e:50:73:f0:37:4a:07:7e:82:4d:30:43:eb:d2:3d:
2f:c4:9d:6a:52:f1:96:ae:04:28:eb:e1:a3:57:24:
cd:a7:a3:21:b6:5c:74:7a:c5:31:73:ee:21:2e:24:
a7:c0:6c:e2:0e:88:8c:39:b3:a8:60:66:68:77:f7:
a9:ca:71:bc:54:26:60:94:19:b0:03:d1:a4:30:b9:
3e:48:9b:f5:5e:5c:5b:8e:fe:1b:64:c1:3f:db:e6:
2c:5e:dc:09:12:4c:7d:75:8c:ce:87:73:aa:67:5f:
61:b6:d2:2d:d9:80:2e:9d:a4:42:48:62:ad:d6:13:
99:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3A:D0:47:B0:4B:D8:37:54:22:2F:5E:ED:E1:D8:5C:DD:E4:E4:2D
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/STrQR7BL2DdUIi9e7eHYXN3k5C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/22
176.117.80.0/22
Signature Algorithm: sha256WithRSAEncryption
08:de:82:f7:ac:b7:bb:c5:63:32:38:29:b2:9b:4b:d3:36:98:
8f:06:52:09:8c:7d:68:ff:f2:5d:89:8e:cf:ef:37:de:aa:df:
e1:ea:87:d5:b0:dd:33:93:91:45:e9:b9:dd:97:a7:c7:f7:85:
ed:56:f8:9f:8d:cf:f0:ed:61:ed:fb:76:6e:2b:6e:b6:dc:8a:
50:d8:b1:9d:08:34:67:54:13:a0:78:b9:8f:e5:7b:df:ae:17:
5d:de:64:4c:3c:8d:b1:ac:4d:ad:38:0d:86:ef:5b:77:6b:fd:
da:bb:9b:3b:ca:3a:32:ae:d2:8d:00:59:dc:cb:c7:58:17:d6:
43:d4:14:07:a3:f5:7b:79:cc:10:da:8d:73:55:75:a8:7c:d6:
06:8f:be:1d:f8:aa:43:c9:8e:f8:d8:d5:47:77:5c:5e:b1:4f:
27:a5:37:75:88:bd:36:78:fd:ac:50:ff:fb:86:02:f5:ac:4a:
a0:5d:8e:a5:1c:0d:2a:b3:86:90:e7:69:ef:3f:44:30:6e:a1:
af:12:39:70:67:63:bc:52:35:46:b9:e9:45:0e:0e:ff:bc:11:
0e:f0:61:56:ba:43:18:94:38:2d:5e:c2:23:f9:79:f7:dd:00:
fe:32:1d:bf:9d:c0:e1:68:27:e9:4d:4d:8a:b3:fc:d6:39:1b:
38:f3:fc:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBKJAusz82jC3VmTwT8OXTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwNjI0MTIwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNhZDA0N2IwNGJkODM3NTQyMjJmNWVlZGUxZDg1Y2RkZTRlNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLGuc3Cyt910wDh7Of2qwhPZGv5n
IYHZxZWRMKrIrzCb/CwYlh9jBHwyG/ygwnMjlZbHyBQSA9Ae3/1QNDeYb4gyEpS1
9y+C77wI5chNHUBkh9LV52Ld22f7OJubJLzhp1ecdNxx9yyldXJSeOcxURD0Vb3e
KEkKj8bN7YzYv1tH/AB1YmN+UHPwN0oHfoJNMEPr0j0vxJ1qUvGWrgQo6+GjVyTN
p6Mhtlx0esUxc+4hLiSnwGziDoiMObOoYGZod/epynG8VCZglBmwA9GkMLk+SJv1
Xlxbjv4bZME/2+YsXtwJEkx9dYzOh3OqZ19httIt2YAunaRCSGKt1hOZlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEk60EewS9g3VCIvXu3h2Fzd5OQtMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvU1RyUVI3QkwyRGRVSWk5ZTdlSFlYTjNrNUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHVAAwQC
sHVQMA0GCSqGSIb3DQEBCwUAA4IBAQAI3oL3rLe7xWMyOCmym0vTNpiPBlIJjH1o
//JdiY7P7zfeqt/h6ofVsN0zk5FF6bndl6fH94XtVvifjc/w7WHt+3ZuK2623IpQ
2LGdCDRnVBOgeLmP5Xvfrhdd3mRMPI2xrE2tOA2G71t3a/3au5s7yjoyrtKNAFnc
y8dYF9ZD1BQHo/V7ecwQ2o1zVXWofNYGj74d+KpDyY742NVHd1xesU8npTd1iL02
eP2sUP/7hgL1rEqgXY6lHA0qs4aQ52nvP0QwbqGvEjlwZ2O8UjVGuelFDg7/vBEO
8GFWukMYlDgtXsIj+Xn33QD+Mh2/ncDhaCfpTU2Ks/zWORs48/w1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:00 2025 by rpki-client