Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/IcrbELT2HBlgryRkOoA0E2U_CEo.roa
File: IcrbELT2HBlgryRkOoA0E2U_CEo.roa (raw, json)
Hash identifier: I/4BlL2roz5aDl/wQ6PXn9iwnRP4lLeAFMjL5uruZ5o=
Subject key identifier: 21:CA:DB:10:B4:F6:1C:19:60:AF:24:64:3A:80:34:13:65:3F:08:4A
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0191E6D38A25BFC104C810EAD7E32737BF49
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/IcrbELT2HBlgryRkOoA0E2U_CEo.roa
Signing time: Thu 12 Sep 2024 15:21:48 +0000
ROA not before: Thu 12 Sep 2024 15:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215362
IP address blocks: 147.185.196.0/24 maxlen: 24
147.185.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Oct 2024 17:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:d3:8a:25:bf:c1:04:c8:10:ea:d7:e3:27:37:bf:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Sep 12 15:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21cadb10b4f61c1960af24643a803413653f084a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e2:29:59:04:1b:40:f8:cb:94:fb:48:25:f9:
2a:70:ee:e0:63:ff:e9:14:99:91:5e:10:60:3c:93:
c5:bb:e4:ee:e7:6b:c5:e4:e0:9e:21:e4:1f:d1:05:
f2:02:8c:89:11:94:1a:e3:f9:a7:4b:4f:31:5d:78:
45:fa:87:5d:c5:eb:74:1a:c3:bd:09:7f:4f:c2:ed:
ae:15:7c:d1:52:af:3e:86:93:0e:bc:4b:ce:02:bb:
b9:f8:d2:c1:0d:1f:e3:11:85:6a:32:70:13:a6:c9:
18:df:3f:d0:b0:1b:c9:88:f4:40:6e:ec:5c:79:c5:
20:06:33:99:10:80:43:53:7f:96:94:f2:27:b6:a4:
9c:78:fb:f3:c7:b2:4e:cb:f0:67:cc:4f:ac:ad:83:
7e:e9:29:c7:75:bd:72:e3:76:b8:9f:f6:54:7e:59:
e6:61:73:7a:ed:36:e1:7b:7d:01:97:18:c8:38:37:
13:87:48:1d:24:d5:e6:02:12:5d:c7:1c:38:d2:13:
35:ae:27:e3:04:53:e8:82:9c:46:ff:21:c6:41:89:
dc:3a:a4:24:25:7a:01:b4:6a:c9:4d:33:9c:ef:30:
b0:8e:a7:9f:d1:b2:1a:f0:07:5a:2e:da:bd:8e:24:
54:a3:cb:bb:a8:01:75:7e:81:c2:68:b9:10:ee:68:
b7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CA:DB:10:B4:F6:1C:19:60:AF:24:64:3A:80:34:13:65:3F:08:4A
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/IcrbELT2HBlgryRkOoA0E2U_CEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.196.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:ef:b9:cb:b5:dd:75:fd:55:e5:dc:24:bf:14:87:03:5f:ca:
6a:9f:f1:03:c4:f0:66:da:f0:a3:6f:c2:3a:c1:70:62:92:00:
29:36:1e:62:ac:45:35:e1:c3:61:69:9b:28:94:ca:9a:e3:cc:
63:f0:9c:ba:bc:2a:4a:ca:ce:aa:87:ad:a8:34:22:58:5e:c9:
eb:67:04:8b:12:9d:29:f4:33:b1:b2:a7:b4:f4:e8:f8:85:ff:
8d:43:e3:f6:c1:ea:0f:bc:a1:a1:ab:f2:22:e9:00:60:b7:16:
af:b7:2c:76:8f:7a:17:86:71:de:39:e1:0d:a3:e7:53:85:cf:
3a:27:ee:4f:33:d8:fa:95:84:cd:f7:46:11:f1:ab:e0:4d:e6:
74:aa:ae:1a:f7:16:cf:1e:9a:0b:9d:70:99:6b:04:ea:94:0c:
49:ca:97:43:56:66:49:ce:ba:b4:08:45:39:98:32:f2:40:f5:
5c:da:e6:b3:f4:35:58:92:85:bf:d4:d9:73:c5:c9:84:88:c3:
98:e8:9d:93:9a:34:46:42:6f:66:21:40:56:06:62:df:07:bb:
6a:e2:01:59:c4:95:bb:3b:36:45:fe:d9:bf:d5:30:36:09:98:
8d:4c:c4:ff:96:81:cb:0e:f0:42:63:3a:5d:c9:6c:d7:87:c4:
1b:b3:e2:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHm04olv8EEyBDq1+MnN79JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQwOTEyMTUyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWNhZGIxMGI0ZjYxYzE5NjBhZjI0NjQzYTgwMzQxMzY1M2YwODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuIpWQQbQPjLlPtIJfkqcO7gY//p
FJmRXhBgPJPFu+Tu52vF5OCeIeQf0QXyAoyJEZQa4/mnS08xXXhF+oddxet0GsO9
CX9Pwu2uFXzRUq8+hpMOvEvOAru5+NLBDR/jEYVqMnATpskY3z/QsBvJiPRAbuxc
ecUgBjOZEIBDU3+WlPIntqScePvzx7JOy/BnzE+srYN+6SnHdb1y43a4n/ZUflnm
YXN67Tbhe30BlxjIODcTh0gdJNXmAhJdxxw40hM1rifjBFPogpxG/yHGQYncOqQk
JXoBtGrJTTOc7zCwjqef0bIa8AdaLtq9jiRUo8u7qAF1foHCaLkQ7mi33wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHK2xC09hwZYK8kZDqANBNlPwhKMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvSWNyYkVMVDJIQmxncnlSa09vQTBFMlVfQ0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk7nEMA0G
CSqGSIb3DQEBCwUAA4IBAQAb77nLtd11/VXl3CS/FIcDX8pqn/EDxPBm2vCjb8I6
wXBikgApNh5irEU14cNhaZsolMqa48xj8Jy6vCpKys6qh62oNCJYXsnrZwSLEp0p
9DOxsqe09Oj4hf+NQ+P2weoPvKGhq/Ii6QBgtxavtyx2j3oXhnHeOeENo+dThc86
J+5PM9j6lYTN90YR8avgTeZ0qq4a9xbPHpoLnXCZawTqlAxJypdDVmZJzrq0CEU5
mDLyQPVc2uaz9DVYkoW/1NlzxcmEiMOY6J2TmjRGQm9mIUBWBmLfB7tq4gFZxJW7
OzZF/tm/1TA2CZiNTMT/loHLDvBCYzpdyWzXh8Qbs+Jz
-----END CERTIFICATE-----
Generated at Sat Oct 12 21:07:17 2024 by rpki-client on console-ams.rpki-client.org