Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ic79YYKlZHwsJmoqYwcdwR-L7T8.roa
File: ic79YYKlZHwsJmoqYwcdwR-L7T8.roa (raw, json)
Hash identifier: Q00iBpWWn7R95xueRcJSXcQolx3+vCLUNWpw1Hrr2CM=
Subject key identifier: 89:CE:FD:61:82:A5:64:7C:2C:26:6A:2A:63:07:1D:C1:1F:8B:ED:3F
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018CCA2BC274F2B2C347B0462C1610D5A986
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ic79YYKlZHwsJmoqYwcdwR-L7T8.roa
Signing time: Tue 02 Jan 2024 12:35:14 +0000
ROA not before: Tue 02 Jan 2024 12:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205419
IP address blocks: 206.252.242.0/24 maxlen: 24
195.167.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c2:74:f2:b2:c3:47:b0:46:2c:16:10:d5:a9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 12:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89cefd6182a5647c2c266a2a63071dc11f8bed3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:72:d7:bd:bb:cc:4c:4e:7b:ef:53:39:82:
19:21:bf:d0:17:c9:06:9b:fc:73:1d:ce:45:b9:1a:
74:45:f4:66:23:87:b1:d0:cc:cb:50:e9:38:7f:c8:
4d:77:53:9b:30:72:a9:dc:ea:65:82:74:47:d4:e0:
96:6f:6e:96:c0:b3:05:6a:26:46:4b:18:3d:87:78:
eb:3a:94:bd:1c:b0:be:84:23:a3:e0:dc:ac:6f:57:
45:2f:3e:4b:99:e6:2b:70:01:1f:eb:75:25:b4:14:
c3:00:b6:05:00:82:09:55:93:db:dd:dd:4b:c9:66:
b0:78:4c:95:04:a4:32:12:54:45:36:17:41:b2:5a:
40:0d:50:93:7b:7c:72:82:bf:ab:a9:85:fb:15:76:
75:94:8e:d6:03:9e:52:ac:01:66:88:ae:55:3f:24:
25:e2:cf:dd:cb:f4:0d:17:d0:0e:86:95:fb:88:91:
dd:eb:8b:9f:d4:8e:eb:1b:fa:94:ae:22:f9:ad:22:
cf:7c:04:80:b4:6c:d6:f1:96:0b:e9:82:a7:70:85:
a5:27:1c:6e:d3:c1:bc:39:e3:33:98:5c:c3:ad:61:
11:52:d9:1d:72:d1:ee:2d:f8:44:05:16:73:a6:1d:
6e:2f:79:3c:b0:9f:83:e0:07:90:2e:30:a0:e9:04:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CE:FD:61:82:A5:64:7C:2C:26:6A:2A:63:07:1D:C1:1F:8B:ED:3F
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ic79YYKlZHwsJmoqYwcdwR-L7T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.167.153.0/24
206.252.242.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ad:eb:ca:0b:37:a8:00:0d:b0:a7:fa:7e:1b:80:85:16:46:
39:c0:58:68:e4:55:59:2b:4a:6d:c2:fc:90:93:28:14:b9:a2:
9c:a1:2d:11:1a:72:08:d8:b0:ab:84:3a:7f:20:da:a2:8f:44:
84:57:15:24:24:97:fd:bf:fb:f9:bc:63:99:85:a5:32:9a:0b:
2b:2a:69:06:0a:be:96:da:c2:76:fe:bb:53:88:8d:15:59:3c:
20:9f:6b:37:e9:84:67:f9:cc:c0:a0:f7:ff:2e:2c:97:93:fd:
0e:19:c2:2e:1a:8f:a5:96:44:43:56:33:18:a5:ec:09:b0:09:
a8:32:04:8c:f6:2f:9e:a1:9d:d9:7e:15:3b:f2:e8:cf:07:b8:
c1:75:f4:f0:a9:ce:48:21:90:5b:3b:c9:b0:da:db:ab:06:09:
bf:80:2f:de:bc:ca:dc:60:43:36:ff:44:85:39:cb:1b:7a:3e:
17:11:21:6b:2c:0d:4f:7c:2b:68:98:7e:dd:56:28:cd:fb:07:
a9:c6:1b:38:70:05:07:56:09:3d:44:b1:1c:d0:35:01:14:bd:
13:d6:96:61:24:a0:be:f9:22:ff:88:e2:66:2b:98:7b:1c:5c:
cd:c2:75:c7:de:a3:71:ad:1d:61:db:0a:a6:bc:48:fd:7c:05:
c8:ad:09:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK8J08rLDR7BGLBYQ1amGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMTAyMTIzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNlZmQ2MTgyYTU2NDdjMmMyNjZhMmE2MzA3MWRjMTFmOGJlZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofJy1727zExOe+9TOYIZIb/QF8kG
m/xzHc5FuRp0RfRmI4ex0MzLUOk4f8hNd1ObMHKp3OplgnRH1OCWb26WwLMFaiZG
Sxg9h3jrOpS9HLC+hCOj4Nysb1dFLz5LmeYrcAEf63UltBTDALYFAIIJVZPb3d1L
yWaweEyVBKQyElRFNhdBslpADVCTe3xygr+rqYX7FXZ1lI7WA55SrAFmiK5VPyQl
4s/dy/QNF9AOhpX7iJHd64uf1I7rG/qUriL5rSLPfASAtGzW8ZYL6YKncIWlJxxu
08G8OeMzmFzDrWERUtkdctHuLfhEBRZzph1uL3k8sJ+D4AeQLjCg6QQqZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFInO/WGCpWR8LCZqKmMHHcEfi+0/MB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvaWM3OVlZS2xaSHdzSm1vcVl3Y2R3Ui1MN1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw6eZAwQA
zvzyMA0GCSqGSIb3DQEBCwUAA4IBAQBTrevKCzeoAA2wp/p+G4CFFkY5wFho5FVZ
K0ptwvyQkygUuaKcoS0RGnII2LCrhDp/INqij0SEVxUkJJf9v/v5vGOZhaUymgsr
KmkGCr6W2sJ2/rtTiI0VWTwgn2s36YRn+czAoPf/LiyXk/0OGcIuGo+llkRDVjMY
pewJsAmoMgSM9i+eoZ3ZfhU78ujPB7jBdfTwqc5IIZBbO8mw2turBgm/gC/evMrc
YEM2/0SFOcsbej4XESFrLA1PfCtomH7dVijN+wepxhs4cAUHVgk9RLEc0DUBFL0T
1pZhJKC++SL/iOJmK5h7HFzNwnXH3qNxrR1h2wqmvEj9fAXIrQmN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:06 2025 by rpki-client