Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/IyOQ3_9kRcCaKPJsq4axOWy-HYs.roa
File: IyOQ3_9kRcCaKPJsq4axOWy-HYs.roa (raw, json)
Hash identifier: S+LuIEKMRU2TRdcgebmfy4EZ9tZD9n61WhgTtODu9to=
Subject key identifier: 23:23:90:DF:FF:64:45:C0:9A:28:F2:6C:AB:86:B1:39:6C:BE:1D:8B
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018CC500CA7F17DCB37E7FEB66A3EB4935F4
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/IyOQ3_9kRcCaKPJsq4axOWy-HYs.roa
Signing time: Mon 01 Jan 2024 12:30:12 +0000
ROA not before: Mon 01 Jan 2024 12:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216159
IP address blocks: 188.66.27.0/24 maxlen: 24
188.66.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ca:7f:17:dc:b3:7e:7f:eb:66:a3:eb:49:35:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 1 12:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=232390dfff6445c09a28f26cab86b1396cbe1d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:7f:1e:98:01:54:19:1c:57:81:6c:22:32:
8c:83:6d:61:a5:73:c1:2a:47:04:bf:53:2b:e3:0f:
79:f0:b7:6d:17:2e:18:16:2c:e7:cc:20:0b:2b:76:
5d:7f:13:95:ad:62:fa:84:ee:21:5c:20:db:5f:dd:
7c:53:bd:35:91:cb:6f:30:9a:dd:3c:2d:7f:a1:79:
a9:72:ee:7f:de:42:57:0c:3e:ca:1f:1f:fa:b4:1d:
84:c9:33:03:75:fe:19:8b:02:c0:6b:bd:7d:11:84:
77:de:80:1c:bf:85:d0:09:78:55:2a:1a:33:6f:07:
cc:11:f1:a0:12:77:2f:74:9e:1c:98:d4:63:29:84:
6b:5b:48:31:ef:b5:e4:eb:be:ca:f4:61:42:59:7a:
36:54:e4:05:58:20:1a:28:db:8d:58:0c:b8:56:bf:
ae:c9:13:50:21:d0:f9:ca:16:61:7e:de:f3:f4:90:
0c:8f:5b:10:45:0e:d0:19:db:95:3f:28:1b:83:1c:
80:b1:b5:22:93:96:17:9a:c5:f8:76:9d:78:dc:66:
6d:0b:91:0d:6b:fc:80:82:19:2d:df:a9:f5:3c:ac:
ae:bb:46:d3:41:ce:da:36:c7:58:94:89:da:56:9f:
92:cc:17:81:99:f8:c4:ee:44:cc:dd:43:2a:af:5c:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:23:90:DF:FF:64:45:C0:9A:28:F2:6C:AB:86:B1:39:6C:BE:1D:8B
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/IyOQ3_9kRcCaKPJsq4axOWy-HYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.25.0/24
188.66.27.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:0b:44:cb:a6:07:71:7c:c9:8a:45:7e:2a:c3:ba:95:b4:f1:
3d:59:95:6d:0f:e7:50:57:2f:8c:4d:93:56:8d:54:fd:25:73:
b9:da:53:0a:95:32:70:ce:c3:82:f8:6a:c5:73:18:d3:5e:97:
e1:d5:fd:cb:49:ad:3a:67:ff:b6:7a:4b:bd:8a:fe:e5:35:f1:
46:42:0d:42:6f:df:7f:5d:93:59:18:e0:4b:78:fd:49:61:df:
ca:c6:c1:e4:22:c3:69:37:51:a7:a6:02:2b:91:3e:0f:6e:63:
72:8e:63:cf:91:36:6a:92:35:6d:65:e4:f7:e6:4e:43:60:5f:
0a:60:23:80:34:78:52:03:cb:80:b4:d9:41:10:8d:c9:66:68:
b5:e9:0c:45:5b:62:99:08:24:ca:ce:20:d3:62:a3:11:d5:07:
8b:d0:98:d2:34:2c:35:5b:04:81:37:bf:91:ed:6c:48:96:81:
46:0e:12:93:16:3b:6e:ce:e4:64:e5:07:db:0e:8d:77:95:3f:
f3:8c:3f:c9:b0:e0:03:a8:20:3b:47:7a:f3:6b:e4:d0:6f:e8:
b0:42:47:0b:c4:06:f4:5b:a1:3a:a4:5a:d7:b9:d2:74:2f:a2:
cc:63:7b:15:14:d0:2d:90:c8:e9:1f:27:32:48:78:2c:d5:f9:
06:4e:3b:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAMp/F9yzfn/rZqPrSTX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwMTAxMTIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzIzOTBkZmZmNjQ0NWMwOWEyOGYyNmNhYjg2YjEzOTZjYmUxZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWJ/HpgBVBkcV4FsIjKMg21hpXPB
KkcEv1Mr4w958LdtFy4YFiznzCALK3ZdfxOVrWL6hO4hXCDbX918U701kctvMJrd
PC1/oXmpcu5/3kJXDD7KHx/6tB2EyTMDdf4ZiwLAa719EYR33oAcv4XQCXhVKhoz
bwfMEfGgEncvdJ4cmNRjKYRrW0gx77Xk677K9GFCWXo2VOQFWCAaKNuNWAy4Vr+u
yRNQIdD5yhZhft7z9JAMj1sQRQ7QGduVPygbgxyAsbUik5YXmsX4dp143GZtC5EN
a/yAghkt36n1PKyuu0bTQc7aNsdYlInaVp+SzBeBmfjE7kTM3UMqr1wA7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMjkN//ZEXAmijybKuGsTlsvh2LMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvSXlPUTNfOWtSY0NhS1BKc3E0YXhPV3ktSFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEIZAwQA
vEIbMA0GCSqGSIb3DQEBCwUAA4IBAQA8C0TLpgdxfMmKRX4qw7qVtPE9WZVtD+dQ
Vy+MTZNWjVT9JXO52lMKlTJwzsOC+GrFcxjTXpfh1f3LSa06Z/+2eku9iv7lNfFG
Qg1Cb99/XZNZGOBLeP1JYd/KxsHkIsNpN1GnpgIrkT4PbmNyjmPPkTZqkjVtZeT3
5k5DYF8KYCOANHhSA8uAtNlBEI3JZmi16QxFW2KZCCTKziDTYqMR1QeL0JjSNCw1
WwSBN7+R7WxIloFGDhKTFjtuzuRk5QfbDo13lT/zjD/JsOADqCA7R3rza+TQb+iw
QkcLxAb0W6E6pFrXudJ0L6LMY3sVFNAtkMjpHycySHgs1fkGTjsQ
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:31:50 2025 by rpki-client