Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/IOw9gLx-6F_L4GTpdtP5OwRPoRI.roa
File: IOw9gLx-6F_L4GTpdtP5OwRPoRI.roa (raw, json)
Hash identifier: lvNuZkCsqS0q4IaPYIeJK8PAbKEQmPsQYp3t1F6DnJk=
Subject key identifier: 20:EC:3D:80:BC:7E:E8:5F:CB:E0:64:E9:76:D3:F9:3B:04:4F:A1:12
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 018F3EF814D1075212AAFCA11997D6DFBEFB
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/IOw9gLx-6F_L4GTpdtP5OwRPoRI.roa
Signing time: Fri 03 May 2024 14:59:56 +0000
ROA not before: Fri 03 May 2024 14:59:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205394
IP address blocks: 46.226.72.0/21 maxlen: 24
139.28.100.0/22 maxlen: 22
139.28.100.0/24 maxlen: 24
139.28.101.0/24 maxlen: 24
185.176.124.0/22 maxlen: 24
185.180.172.0/23 maxlen: 24
185.201.164.0/22 maxlen: 24
2a00:5a00::/32 maxlen: 48
2a0a:c840::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Jun 2024 10:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3e:f8:14:d1:07:52:12:aa:fc:a1:19:97:d6:df:be:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: May 3 14:59:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20ec3d80bc7ee85fcbe064e976d3f93b044fa112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:13:9a:68:d2:cd:12:c3:20:e9:89:1c:4c:a0:
c0:d2:f2:df:50:2e:c1:da:c0:2d:fb:0f:1e:40:7a:
a2:98:81:66:d2:2e:15:2e:5e:14:9f:89:c5:3b:bc:
28:a1:35:1f:8d:16:81:1c:0c:58:bc:21:ac:6e:62:
b3:aa:d8:2c:3f:59:82:52:c9:3e:3e:2f:c7:4f:6a:
17:04:cc:61:6a:4f:ce:88:f9:21:18:fb:b1:34:88:
6b:33:e4:51:83:7c:a9:ea:2b:de:83:d1:c3:39:29:
60:bc:e5:b5:e8:35:b2:02:dc:7d:31:7f:b5:27:8e:
e5:18:2f:cd:89:e9:6b:eb:27:f9:fd:d7:e9:12:15:
7d:0e:27:7b:01:5b:03:d5:2b:6a:3a:5e:3d:d4:f0:
6a:b8:56:fb:ce:1c:42:e8:6a:1e:3b:f9:26:fe:f0:
bd:25:f7:7b:4c:1f:bf:75:0d:f5:d8:3b:98:aa:14:
6e:e8:4b:46:3e:c1:dd:06:b6:f1:d7:04:dd:d5:67:
6d:fa:f3:78:00:e2:32:62:7a:a0:6b:4d:9c:22:c1:
f7:2a:24:91:65:8b:07:f8:f9:54:12:02:5a:51:a6:
5c:ea:13:08:9d:2d:91:ab:b4:10:0e:92:64:16:a5:
f6:62:e1:74:e6:21:7d:b5:ed:b7:36:46:58:ad:81:
9b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EC:3D:80:BC:7E:E8:5F:CB:E0:64:E9:76:D3:F9:3B:04:4F:A1:12
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/IOw9gLx-6F_L4GTpdtP5OwRPoRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
139.28.100.0/22
185.176.124.0/22
185.180.172.0/23
185.201.164.0/22
IPv6:
2a00:5a00::/32
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
7f:6e:a6:56:9d:e6:39:29:4a:5e:f5:c7:85:f4:f1:0f:79:d3:
d9:00:84:08:14:7c:fc:ff:05:cd:38:ef:94:b4:46:e6:ba:d0:
ee:6a:31:ac:61:7d:3a:af:16:94:ca:05:94:2d:3d:49:0b:d0:
53:a2:13:21:17:78:0d:23:ea:67:82:4a:da:52:2a:e0:9c:c1:
82:70:f3:51:bf:3c:94:74:65:74:76:41:41:d5:64:42:2d:5e:
4d:30:5b:70:e7:fc:29:45:1a:25:62:05:b1:66:f5:17:38:a3:
1f:53:5b:29:cd:2b:57:b7:cb:51:f1:5c:2f:2c:30:c7:81:79:
27:ca:7d:32:55:06:62:f8:24:c6:85:f5:4d:07:e7:23:86:c9:
6f:3c:54:02:54:ab:67:44:e2:62:d8:25:ae:f2:ac:3b:61:1c:
e6:59:9f:00:0f:cc:85:19:a4:6e:68:c4:30:28:5c:8f:a7:45:
77:f2:6f:c6:ee:60:f0:ab:dc:c7:66:89:69:03:5f:83:46:ec:
86:f1:b4:e7:7a:04:99:fc:3e:aa:96:3f:fd:d0:f5:74:d5:a5:
8c:42:16:8d:d9:ef:d3:66:be:9c:2a:20:a2:f2:0d:f7:ed:55:
ff:c3:79:1e:98:0e:7f:9a:50:3c:1d:e1:94:71:20:ce:43:42:
62:78:41:aa
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8++BTRB1ISqvyhGZfW3777MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjQwNTAzMTQ1OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVjM2Q4MGJjN2VlODVmY2JlMDY0ZTk3NmQzZjkzYjA0NGZhMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhOaaNLNEsMg6YkcTKDA0vLfUC7B
2sAt+w8eQHqimIFm0i4VLl4Un4nFO7wooTUfjRaBHAxYvCGsbmKzqtgsP1mCUsk+
Pi/HT2oXBMxhak/OiPkhGPuxNIhrM+RRg3yp6iveg9HDOSlgvOW16DWyAtx9MX+1
J47lGC/Nielr6yf5/dfpEhV9Did7AVsD1StqOl491PBquFb7zhxC6GoeO/km/vC9
Jfd7TB+/dQ312DuYqhRu6EtGPsHdBrbx1wTd1Wdt+vN4AOIyYnqga02cIsH3KiSR
ZYsH+PlUEgJaUaZc6hMInS2Rq7QQDpJkFqX2YuF05iF9te23NkZYrYGbiQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCDsPYC8fuhfy+Bk6XbT+TsET6ESMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvSU93OWdMeC02Rl9MNEdUcGR0UDVPd1JQb1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDLuJIAwQC
ixxkAwQCubB8AwQBubSsAwQCucmkMBQEAgACMA4DBQAqAFoAAwUDKgrIQDANBgkq
hkiG9w0BAQsFAAOCAQEAf26mVp3mOSlKXvXHhfTxD3nT2QCECBR8/P8FzTjvlLRG
5rrQ7moxrGF9Oq8WlMoFlC09SQvQU6ITIRd4DSPqZ4JK2lIq4JzBgnDzUb88lHRl
dHZBQdVkQi1eTTBbcOf8KUUaJWIFsWb1FzijH1NbKc0rV7fLUfFcLywwx4F5J8p9
MlUGYvgkxoX1TQfnI4bJbzxUAlSrZ0TiYtglrvKsO2Ec5lmfAA/MhRmkbmjEMChc
j6dFd/Jvxu5g8Kvcx2aJaQNfg0bshvG053oEmfw+qpY//dD1dNWljEIWjdnv02a+
nCogovIN9+1V/8N5HpgOf5pQPB3hlHEgzkNCYnhBqg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:04:00 2025 by rpki-client