Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/IomtuiqVg-NySifoCwUCNE0RmIw.roa
File: IomtuiqVg-NySifoCwUCNE0RmIw.roa (raw, json)
Hash identifier: bKX9wCNPJbYKfvvUp1vlWjA+dtUNYhJyY3qDg/L8YZo=
Subject key identifier: 22:89:AD:BA:2A:95:83:E3:72:4A:27:E8:0B:05:02:34:4D:11:98:8C
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 0191FFB636D22F481618FAD8CF50D26ABA1B
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/IomtuiqVg-NySifoCwUCNE0RmIw.roa
Signing time: Tue 17 Sep 2024 11:20:17 +0000
ROA not before: Tue 17 Sep 2024 11:20:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206621
IP address blocks: 212.87.170.0/23 maxlen: 23
212.87.170.0/24 maxlen: 24
212.87.180.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:b6:36:d2:2f:48:16:18:fa:d8:cf:50:d2:6a:ba:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Sep 17 11:20:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2289adba2a9583e3724a27e80b0502344d11988c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:91:22:88:4c:8a:fc:f7:72:8a:8e:d0:25:33:
35:87:34:70:3f:a2:28:62:32:c0:df:f3:cb:c4:64:
e5:29:30:77:e4:30:9c:72:ea:73:de:85:07:9d:44:
87:bc:cc:d2:d2:4c:61:47:b5:b6:43:7f:fe:db:29:
48:5a:dd:66:36:d7:75:31:e3:32:23:50:67:de:6e:
41:c0:1e:57:48:18:3f:2b:fc:d2:a2:1e:2c:fb:f5:
e6:87:e3:81:4d:33:6c:64:c4:94:35:65:cb:35:ab:
94:c8:5b:92:16:1d:90:b8:a5:5d:9d:7f:97:30:42:
04:cc:e1:fc:ad:8c:ea:4f:ad:79:53:fa:80:6d:7a:
ec:ba:0d:04:8e:9f:b7:87:af:52:d3:40:9c:09:a1:
4b:22:1b:28:5a:25:fb:78:ad:45:fc:12:19:ff:04:
04:3a:34:fc:30:6d:9f:36:70:18:64:c4:2a:51:e8:
63:f8:40:af:ea:83:27:df:d2:01:ed:b4:7a:71:4e:
7f:c3:e7:0a:f7:53:2a:cf:81:58:37:18:a9:e3:53:
e1:2b:54:6b:7a:4f:6f:b0:34:4b:f1:c7:05:ec:01:
de:48:49:c8:65:b5:cb:52:ac:59:a7:72:fd:2a:0f:
b5:66:1a:77:a4:fe:01:e4:ba:43:31:8b:6d:40:51:
df:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:89:AD:BA:2A:95:83:E3:72:4A:27:E8:0B:05:02:34:4D:11:98:8C
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/IomtuiqVg-NySifoCwUCNE0RmIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.170.0/23
212.87.180.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:bb:ed:73:0f:e1:8d:c9:67:c1:7d:09:9a:1a:ca:f1:02:fb:
c3:ea:c6:82:a7:a5:4c:ea:4f:05:4c:1a:ee:75:63:de:14:be:
dd:4d:db:c3:5d:90:78:d7:11:29:94:43:cd:b0:8c:7d:79:1d:
da:5e:38:45:17:9a:ae:dc:bf:03:4c:0a:af:94:88:a1:d6:85:
ca:a0:1a:39:44:9f:37:30:68:19:36:61:52:7f:44:a0:8a:4b:
03:dd:68:19:c1:ef:c4:4a:d6:b9:a5:35:45:b4:2d:9e:0e:1c:
fc:c9:e8:cc:05:14:46:fa:97:60:c8:dd:f9:1f:1a:46:25:1a:
b7:83:79:4a:04:b1:d8:c1:a0:6b:a9:5d:01:5c:58:9f:12:32:
81:ef:d9:5f:92:9e:3e:fa:b9:b4:b5:39:b6:33:b9:c2:21:00:
3f:95:47:e6:96:69:b1:08:0e:73:d0:36:14:c7:3c:f2:3d:d3:
50:6d:54:50:67:0e:cf:90:cb:f9:fa:2d:6e:a4:cf:b0:f2:cd:
45:41:83:58:1e:5a:d6:4d:d5:a5:69:f7:ab:3b:32:00:a5:3f:
9c:db:e3:79:d6:60:98:63:2f:99:68:f6:e5:96:5c:fc:7d:89:
66:ba:21:93:3e:06:44:35:2a:3d:04:e4:12:b7:d6:1a:a4:be:
9d:5c:3e:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZH/tjbSL0gWGPrYz1DSarobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjQwOTE3MTEyMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg5YWRiYTJhOTU4M2UzNzI0YTI3ZTgwYjA1MDIzNDRkMTE5ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZEiiEyK/Pdyio7QJTM1hzRwP6Io
YjLA3/PLxGTlKTB35DCccupz3oUHnUSHvMzS0kxhR7W2Q3/+2ylIWt1mNtd1MeMy
I1Bn3m5BwB5XSBg/K/zSoh4s+/Xmh+OBTTNsZMSUNWXLNauUyFuSFh2QuKVdnX+X
MEIEzOH8rYzqT615U/qAbXrsug0Ejp+3h69S00CcCaFLIhsoWiX7eK1F/BIZ/wQE
OjT8MG2fNnAYZMQqUehj+ECv6oMn39IB7bR6cU5/w+cK91Mqz4FYNxip41PhK1Rr
ek9vsDRL8ccF7AHeSEnIZbXLUqxZp3L9Kg+1Zhp3pP4B5LpDMYttQFHfaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCKJrboqlYPjckon6AsFAjRNEZiMMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvSW9tdHVpcVZnLU55U2lmb0N3VUNORTBSbUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1FeqAwQB
1Fe0MA0GCSqGSIb3DQEBCwUAA4IBAQBuu+1zD+GNyWfBfQmaGsrxAvvD6saCp6VM
6k8FTBrudWPeFL7dTdvDXZB41xEplEPNsIx9eR3aXjhFF5qu3L8DTAqvlIih1oXK
oBo5RJ83MGgZNmFSf0SgiksD3WgZwe/ESta5pTVFtC2eDhz8yejMBRRG+pdgyN35
HxpGJRq3g3lKBLHYwaBrqV0BXFifEjKB79lfkp4++rm0tTm2M7nCIQA/lUfmlmmx
CA5z0DYUxzzyPdNQbVRQZw7PkMv5+i1upM+w8s1FQYNYHlrWTdWlaferOzIApT+c
2+N51mCYYy+ZaPblllz8fYlmuiGTPgZENSo9BOQSt9YapL6dXD5D
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:37 2025 by rpki-client