Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/iQgAbweNbz9MYWiyof7B2-p7UFY.roa
File: iQgAbweNbz9MYWiyof7B2-p7UFY.roa (raw, json)
Hash identifier: JS7R/y6Rxlez8z5OjCYW+1w/uICoKXnprfuDYvVeEzg=
Subject key identifier: 89:08:00:6F:07:8D:6F:3F:4C:61:68:B2:A1:FE:C1:DB:EA:7B:50:56
Certificate issuer: /CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Certificate serial: 0193F489B2D2DB8CC422393428F0CE4A9463
Authority key identifier: 4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/iQgAbweNbz9MYWiyof7B2-p7UFY.roa
Signing time: Mon 23 Dec 2024 17:21:25 +0000
ROA not before: Mon 23 Dec 2024 17:21:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205692
IP address blocks: 185.230.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:89:b2:d2:db:8c:c4:22:39:34:28:f0:ce:4a:94:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Validity
Not Before: Dec 23 17:21:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8908006f078d6f3f4c6168b2a1fec1dbea7b5056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9f:35:70:f9:17:f1:91:22:13:cd:41:d0:39:
4a:97:df:61:62:c5:b3:5a:c2:a5:28:d6:57:22:64:
02:17:4a:36:89:98:7d:02:84:d9:83:a5:fb:b0:aa:
8d:4b:74:a3:33:95:62:fc:9a:49:67:cb:e1:16:16:
86:81:80:40:6b:03:a3:bc:63:de:1d:5b:94:e2:b4:
5e:3e:5e:f0:37:c9:56:0c:1b:a4:bd:84:83:31:72:
3a:e7:83:ed:91:8a:89:f1:e2:20:96:fc:59:e3:d2:
c7:09:19:66:02:b9:c7:e3:bf:e9:da:e9:f9:b8:eb:
a5:42:3a:7d:a1:2c:1f:80:a0:24:ee:a2:f3:48:9b:
d5:ae:15:d8:b0:34:45:ef:55:c3:c3:0a:bb:83:6d:
76:49:ec:aa:c7:91:d1:8d:33:51:d3:4d:59:77:b1:
ec:da:e7:96:b0:48:22:0d:5f:9b:09:a5:ae:59:2f:
d0:66:99:84:ae:3f:c7:65:2e:c4:84:e2:ab:89:f3:
44:3d:bc:7d:17:b0:da:9f:61:78:2c:87:e9:1a:6f:
8b:5f:2d:7e:73:16:f7:fd:cb:32:d9:e3:03:c6:8c:
da:09:e3:70:3a:60:4d:84:a1:0a:09:08:8b:ff:8b:
fa:79:be:f6:bd:2a:74:66:97:6e:13:9f:c6:92:19:
0f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:08:00:6F:07:8D:6F:3F:4C:61:68:B2:A1:FE:C1:DB:EA:7B:50:56
X509v3 Authority Key Identifier:
keyid:4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/iQgAbweNbz9MYWiyof7B2-p7UFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/TfCXBITrJrxZ_Y-o1b98PHIS0BE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.44.0/22
Signature Algorithm: sha256WithRSAEncryption
33:58:3c:56:a7:98:f9:08:1b:5c:63:a6:74:24:4b:3b:28:b4:
10:b2:7e:37:45:df:0e:54:4f:90:93:3a:36:b3:19:07:1f:4a:
90:5c:33:f1:33:48:69:18:2c:59:a5:92:b8:97:1a:58:ab:4e:
96:74:2f:60:98:05:29:a8:62:2c:46:0a:a3:bf:8c:e5:b0:87:
55:43:b9:f5:c0:fe:bc:86:a1:88:1b:d9:ff:c7:e6:2e:8d:ff:
9a:4d:40:e3:b4:1d:f4:b5:64:b0:32:bf:23:64:0a:27:a4:a0:
53:57:f7:0e:29:a4:cb:eb:24:2a:1c:c2:78:49:e4:88:86:b8:
76:01:17:16:13:b0:e7:28:5a:f9:a1:e3:aa:f1:45:86:b1:70:
ae:bd:09:0e:56:27:fe:55:85:44:29:78:41:b8:48:11:50:ab:
17:a5:5d:cc:8e:f4:68:6d:8a:c7:cc:ba:41:1b:44:f8:6f:05:
48:37:1d:ee:85:80:d1:79:2b:bd:9b:71:bb:2b:75:83:bd:3b:
99:c0:84:a9:ee:df:0c:a8:79:86:c0:68:f9:87:52:68:0f:1f:
da:5a:ff:94:a7:1c:67:31:80:2c:00:9f:9a:4e:86:58:e9:23:
9b:10:24:ff:23:b0:16:29:9a:24:c0:40:67:34:b9:ef:71:cd:
02:89:b2:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP0ibLS24zEIjk0KPDOSpRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjA5NzA0ODRlYjI2YmM1OWZkOGZhOGQ1YmY3YzNjNzIx
MmQwMTEwHhcNMjQxMjIzMTcyMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTA4MDA2ZjA3OGQ2ZjNmNGM2MTY4YjJhMWZlYzFkYmVhN2I1MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp81cPkX8ZEiE81B0DlKl99hYsWz
WsKlKNZXImQCF0o2iZh9AoTZg6X7sKqNS3SjM5Vi/JpJZ8vhFhaGgYBAawOjvGPe
HVuU4rRePl7wN8lWDBukvYSDMXI654PtkYqJ8eIglvxZ49LHCRlmArnH47/p2un5
uOulQjp9oSwfgKAk7qLzSJvVrhXYsDRF71XDwwq7g212Seyqx5HRjTNR001Zd7Hs
2ueWsEgiDV+bCaWuWS/QZpmErj/HZS7EhOKrifNEPbx9F7Dan2F4LIfpGm+LXy1+
cxb3/csy2eMDxozaCeNwOmBNhKEKCQiL/4v6eb72vSp0ZpduE5/GkhkPPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkIAG8HjW8/TGFosqH+wdvqe1BWMB8GA1UdIwQY
MBaAFE3wlwSE6ya8Wf2PqNW/fDxyEtARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmIt
MWU5YmZmNWU0MDIxLzEvaVFnQWJ3ZU5iejlNWVdpeW9mN0IyLXA3VUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmItMWU5YmZmNWU0MDIx
LzEvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueYsMA0G
CSqGSIb3DQEBCwUAA4IBAQAzWDxWp5j5CBtcY6Z0JEs7KLQQsn43Rd8OVE+Qkzo2
sxkHH0qQXDPxM0hpGCxZpZK4lxpYq06WdC9gmAUpqGIsRgqjv4zlsIdVQ7n1wP68
hqGIG9n/x+Yujf+aTUDjtB30tWSwMr8jZAonpKBTV/cOKaTL6yQqHMJ4SeSIhrh2
ARcWE7DnKFr5oeOq8UWGsXCuvQkOVif+VYVEKXhBuEgRUKsXpV3MjvRobYrHzLpB
G0T4bwVINx3uhYDReSu9m3G7K3WDvTuZwISp7t8MqHmGwGj5h1JoDx/aWv+Upxxn
MYAsAJ+aToZY6SObECT/I7AWKZokwEBnNLnvcc0CibJu
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:03:52 2025 by rpki-client