Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/IQAM7F-409bnf1kRV_xtwNJeG7E.roa
File: IQAM7F-409bnf1kRV_xtwNJeG7E.roa (raw, json)
Hash identifier: pO8Mq/WxV+l7HjyF5BppZ/MInboC4sXcAnk5EcDtL/g=
Subject key identifier: 21:00:0C:EC:5F:B8:D3:D6:E7:7F:59:11:57:FC:6D:C0:D2:5E:1B:B1
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 01856BEEB7A6E02A83176D607CD4AF8584E6
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/IQAM7F-409bnf1kRV_xtwNJeG7E.roa
Signing time: Sun 01 Jan 2023 06:04:44 +0000
ROA not before: Sun 01 Jan 2023 06:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33895
IP address blocks: 178.16.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b7:a6:e0:2a:83:17:6d:60:7c:d4:af:85:84:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 06:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21000cec5fb8d3d6e77f591157fc6dc0d25e1bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:15:53:e0:4c:25:f1:47:23:cd:19:77:82:20:
e3:ce:cb:af:b9:a1:61:ee:c3:0c:0d:c7:1f:a8:5b:
97:83:b7:8d:ac:e6:f2:ef:e7:bb:74:17:9d:fe:20:
a7:ef:57:1f:50:a8:95:6e:61:a4:0a:2d:ac:45:65:
98:c0:fa:98:57:ed:09:5b:eb:6d:25:5d:6f:e5:e4:
78:1b:4d:86:3c:0d:98:ac:45:61:68:de:1e:cb:a9:
81:7e:c9:b1:ab:bf:a1:3b:e9:fc:20:61:35:7d:4b:
8f:3f:c4:92:18:84:39:07:dc:21:82:91:43:e7:88:
06:f0:1a:a0:5f:d3:bf:a2:8b:7d:06:52:e0:f2:b7:
cc:eb:6b:f1:28:8f:fc:f3:e5:d7:84:96:5c:ac:d4:
64:25:10:79:d9:d6:4f:58:80:8b:03:87:39:6d:6c:
fe:47:ee:65:dc:48:08:8d:2f:6b:89:38:60:b4:72:
c4:04:91:63:b8:2d:93:1a:b1:96:e5:ea:73:1d:07:
df:19:fa:7e:55:8b:fb:e0:fd:20:da:05:76:f8:bb:
22:cf:b4:58:51:27:84:a1:bf:14:d0:06:cb:31:17:
32:97:12:ba:50:a1:ac:69:80:48:d8:1e:8d:36:0f:
14:fc:b2:e7:60:98:89:ca:d4:36:39:ea:93:cb:3c:
12:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:00:0C:EC:5F:B8:D3:D6:E7:7F:59:11:57:FC:6D:C0:D2:5E:1B:B1
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/IQAM7F-409bnf1kRV_xtwNJeG7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.112.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c2:6f:61:40:d5:34:c9:78:49:e5:c2:2f:44:96:7d:b2:d7:
8a:75:1a:ce:13:0e:31:14:a6:39:fa:da:41:23:53:30:ec:03:
24:a7:a5:a7:58:60:1c:2a:1c:f9:24:73:10:7e:15:01:0c:fe:
fd:57:4e:2d:63:d8:2a:56:dd:32:f8:a3:b0:34:7f:cd:96:ec:
e7:60:7d:d6:64:2d:55:f6:21:f2:ce:e6:6d:39:ff:8c:b8:69:
97:27:99:94:33:4a:78:00:62:52:54:cf:2c:51:04:1f:6b:64:
f8:ed:f9:f3:6c:b0:1b:e8:2e:99:8d:35:3a:e9:f0:1e:c7:74:
7a:50:b9:5c:c6:53:a9:c4:d3:ea:06:e0:7c:ad:57:ad:26:e5:
f0:dd:ac:58:95:ca:73:d2:cd:ac:c5:df:f8:62:52:46:e3:20:
85:66:35:22:3f:a5:32:37:69:40:66:78:b8:db:2e:af:bf:78:
14:1d:d9:16:c3:6f:89:46:fa:67:01:61:1f:0a:b4:3e:d1:d5:
b3:d1:57:b7:49:d4:86:fa:a8:14:62:95:23:e4:92:a2:d8:e0:
91:ee:1d:2c:0a:bb:d7:fb:ff:4b:f9:c4:17:d3:ec:9a:9c:cb:
ed:23:f3:25:47:69:8e:5a:e2:ee:94:e7:00:0a:0e:71:a0:65:
68:d8:77:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7rem4CqDF21gfNSvhYTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTAwMGNlYzVmYjhkM2Q2ZTc3ZjU5MTE1N2ZjNmRjMGQyNWUxYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRVT4Ewl8UcjzRl3giDjzsuvuaFh
7sMMDccfqFuXg7eNrOby7+e7dBed/iCn71cfUKiVbmGkCi2sRWWYwPqYV+0JW+tt
JV1v5eR4G02GPA2YrEVhaN4ey6mBfsmxq7+hO+n8IGE1fUuPP8SSGIQ5B9whgpFD
54gG8BqgX9O/oot9BlLg8rfM62vxKI/88+XXhJZcrNRkJRB52dZPWICLA4c5bWz+
R+5l3EgIjS9riThgtHLEBJFjuC2TGrGW5epzHQffGfp+VYv74P0g2gV2+Lsiz7RY
USeEob8U0AbLMRcylxK6UKGsaYBI2B6NNg8U/LLnYJiJytQ2OeqTyzwSmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEADOxfuNPW539ZEVf8bcDSXhuxMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvSVFBTTdGLTQwOWJuZjFrUlZfeHR3TkplRzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshBwMA0G
CSqGSIb3DQEBCwUAA4IBAQA0wm9hQNU0yXhJ5cIvRJZ9steKdRrOEw4xFKY5+tpB
I1Mw7AMkp6WnWGAcKhz5JHMQfhUBDP79V04tY9gqVt0y+KOwNH/NluznYH3WZC1V
9iHyzuZtOf+MuGmXJ5mUM0p4AGJSVM8sUQQfa2T47fnzbLAb6C6ZjTU66fAex3R6
ULlcxlOpxNPqBuB8rVetJuXw3axYlcpz0s2sxd/4YlJG4yCFZjUiP6UyN2lAZni4
2y6vv3gUHdkWw2+JRvpnAWEfCrQ+0dWz0Ve3SdSG+qgUYpUj5JKi2OCR7h0sCrvX
+/9L+cQX0+yanMvtI/MlR2mOWuLulOcACg5xoGVo2Hcr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org