Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/i5m0_9VRpMw3juBk3T5Pq_dc-Pg.roa
File: i5m0_9VRpMw3juBk3T5Pq_dc-Pg.roa (raw, json)
Hash identifier: LF3d2u7DW7Bue9rCJmo4eoV5xtr5xfJUHN8pQjd6O/Q=
Subject key identifier: 8B:99:B4:FF:D5:51:A4:CC:37:8E:E0:64:DD:3E:4F:AB:F7:5C:F8:F8
Certificate issuer: /CN=1bcee40405aefb6da17a340eef159ce9c4d18322
Certificate serial: 018CC9BCC6F1835A51650560DBF88EBB5BEC
Authority key identifier: 1B:CE:E4:04:05:AE:FB:6D:A1:7A:34:0E:EF:15:9C:E9:C4:D1:83:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G87kBAWu-22hejQO7xWc6cTRgyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/i5m0_9VRpMw3juBk3T5Pq_dc-Pg.roa
Signing time: Tue 02 Jan 2024 10:34:01 +0000
ROA not before: Tue 02 Jan 2024 10:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62105
IP address blocks: 82.163.40.0/21 maxlen: 21
185.47.132.0/22 maxlen: 22
2a01:90a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c6:f1:83:5a:51:65:05:60:db:f8:8e:bb:5b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bcee40405aefb6da17a340eef159ce9c4d18322
Validity
Not Before: Jan 2 10:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b99b4ffd551a4cc378ee064dd3e4fabf75cf8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:c2:2c:2a:3e:89:b5:31:3e:53:92:89:af:
77:74:a5:61:62:56:49:5d:45:72:8f:62:a1:72:1c:
d3:b5:61:e9:de:1e:83:c3:75:46:4f:80:f0:83:ca:
e5:18:de:b8:36:2b:cc:4d:5f:59:b8:53:65:1e:39:
95:3c:30:71:1b:38:bf:a2:17:5b:50:de:8a:48:72:
ea:b3:7a:b9:0a:32:5c:5a:3f:c0:4f:60:da:9c:6a:
d1:d9:ed:23:5f:e7:17:09:4a:64:bf:bd:d1:dd:83:
84:6a:7a:11:c6:54:bb:c7:63:76:0f:0c:3a:9b:1a:
d8:e6:6a:95:72:99:40:d2:5d:9e:16:00:59:de:6a:
b9:11:32:6b:17:33:00:22:83:af:c5:98:de:94:80:
3d:55:35:b2:a3:eb:6d:39:ca:9c:5f:ef:9a:74:d8:
b7:60:8f:01:9a:77:36:af:68:b7:a3:41:8a:fc:93:
db:7f:c2:b0:7b:97:b4:56:8c:99:63:ca:67:c2:87:
bd:57:ca:d0:fc:1b:4d:b6:93:3e:f0:3f:2f:0e:e5:
87:2f:26:84:af:2e:2b:48:b9:f8:dd:e6:cc:32:02:
f8:82:0b:c1:7c:71:ec:d4:55:c8:cc:6a:bf:5e:6a:
fc:41:8e:fe:95:7a:85:05:4f:c9:6f:86:d1:aa:ca:
0f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:99:B4:FF:D5:51:A4:CC:37:8E:E0:64:DD:3E:4F:AB:F7:5C:F8:F8
X509v3 Authority Key Identifier:
keyid:1B:CE:E4:04:05:AE:FB:6D:A1:7A:34:0E:EF:15:9C:E9:C4:D1:83:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G87kBAWu-22hejQO7xWc6cTRgyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/i5m0_9VRpMw3juBk3T5Pq_dc-Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/G87kBAWu-22hejQO7xWc6cTRgyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.40.0/21
185.47.132.0/22
IPv6:
2a01:90a0::/32
Signature Algorithm: sha256WithRSAEncryption
68:02:2b:94:ea:e5:55:f0:cd:76:07:69:f6:e0:70:60:c3:df:
cb:b6:3e:c5:85:17:ae:5d:3d:0e:4b:74:ed:38:40:ef:f5:15:
7d:ec:50:0b:72:00:f2:d9:ee:80:e3:d1:07:46:d7:a3:32:cd:
b9:da:9e:4a:80:83:8b:47:44:cf:97:a0:b1:f9:f7:ec:f4:ab:
a5:76:28:68:a8:ec:da:42:30:6f:aa:31:83:41:3b:33:d2:ec:
36:ca:66:99:64:99:8d:4c:a8:72:e7:ec:a4:65:c4:4a:ac:90:
06:85:8b:20:00:0b:74:9e:4c:5e:f0:fd:6f:a0:3d:ec:41:19:
b1:c5:40:8d:57:6d:3a:a9:18:77:e8:db:47:e9:a9:b9:a9:b3:
46:30:03:46:e2:28:03:53:ac:28:2f:c9:bf:ba:e5:72:c8:a7:
f3:10:6a:2f:b0:7d:23:17:c8:8c:c1:5f:c8:de:a7:0e:d0:3c:
41:26:47:25:e0:24:b0:71:c4:57:1d:76:06:a4:b3:f9:cf:49:
41:b0:62:c9:9f:4a:17:1a:56:4b:71:32:85:55:02:3f:a6:e7:
9b:01:04:2d:95:c0:7f:e8:26:fe:0e:5c:af:4e:1d:e9:83:62:
61:ac:45:a2:ea:17:46:05:cf:40:e8:fa:cf:a4:10:2d:ab:b2:
62:35:12:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvMbxg1pRZQVg2/iOu1vsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiY2VlNDA0MDVhZWZiNmRhMTdhMzQwZWVmMTU5Y2U5YzRk
MTgzMjIwHhcNMjQwMTAyMTAzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk5YjRmZmQ1NTFhNGNjMzc4ZWUwNjRkZDNlNGZhYmY3NWNmOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCrCLCo+ibUxPlOSia93dKVhYlZJ
XUVyj2KhchzTtWHp3h6Dw3VGT4Dwg8rlGN64NivMTV9ZuFNlHjmVPDBxGzi/ohdb
UN6KSHLqs3q5CjJcWj/AT2DanGrR2e0jX+cXCUpkv73R3YOEanoRxlS7x2N2Dww6
mxrY5mqVcplA0l2eFgBZ3mq5ETJrFzMAIoOvxZjelIA9VTWyo+ttOcqcX++adNi3
YI8Bmnc2r2i3o0GK/JPbf8Kwe5e0VoyZY8pnwoe9V8rQ/BtNtpM+8D8vDuWHLyaE
ry4rSLn43ebMMgL4ggvBfHHs1FXIzGq/Xmr8QY7+lXqFBU/Jb4bRqsoPGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIuZtP/VUaTMN47gZN0+T6v3XPj4MB8GA1UdIwQY
MBaAFBvO5AQFrvttoXo0Du8VnOnE0YMiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzg3a0JBV3UtMjJoZWpRTzd4V2M2Y1RSZ3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hZjg5ZDgtOGMzNS00YzhjLWIxNWQt
N2U0NmFkNzQ4NDg0LzEvaTVtMF85VlJwTXczanVCazNUNVBxX2RjLVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hZjg5ZDgtOGMzNS00YzhjLWIxNWQtN2U0NmFkNzQ4NDg0
LzEvRzg3a0JBV3UtMjJoZWpRTzd4V2M2Y1RSZ3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDUqMoAwQC
uS+EMA0EAgACMAcDBQAqAZCgMA0GCSqGSIb3DQEBCwUAA4IBAQBoAiuU6uVV8M12
B2n24HBgw9/Ltj7FhReuXT0OS3TtOEDv9RV97FALcgDy2e6A49EHRtejMs252p5K
gIOLR0TPl6Cx+ffs9KuldihoqOzaQjBvqjGDQTsz0uw2ymaZZJmNTKhy5+ykZcRK
rJAGhYsgAAt0nkxe8P1voD3sQRmxxUCNV206qRh36NtH6am5qbNGMANG4igDU6wo
L8m/uuVyyKfzEGovsH0jF8iMwV/I3qcO0DxBJkcl4CSwccRXHXYGpLP5z0lBsGLJ
n0oXGlZLcTKFVQI/puebAQQtlcB/6Cb+DlyvTh3pg2JhrEWi6hdGBc9A6PrPpBAt
q7JiNRLC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:01 2025 by rpki-client