Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/I64snve9ARFC7lop01DjavvL1QM.roa
File: I64snve9ARFC7lop01DjavvL1QM.roa (raw, json)
Hash identifier: AAVu3SHZgW4BHe7dSGPPKlEeHDWOEsBaSqwp6clv9O0=
Subject key identifier: 23:AE:2C:9E:F7:BD:01:11:42:EE:5A:29:D3:50:E3:6A:FB:CB:D5:03
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF8F9B68B07F14D9E172FFE9E1AAE2
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/I64snve9ARFC7lop01DjavvL1QM.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216076
IP address blocks: 188.132.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8f:9b:68:b0:7f:14:d9:e1:72:ff:e9:e1:aa:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23ae2c9ef7bd011142ee5a29d350e36afbcbd503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:17:4e:75:7f:16:19:86:a1:a3:3b:90:c5:1b:
8d:0e:e8:92:f3:dd:04:2d:7e:73:54:98:00:fc:da:
07:8f:79:cc:a0:f6:b4:ff:81:7b:77:fb:38:c9:62:
7c:8a:6c:28:c4:6d:4a:3b:f5:d3:67:e2:35:7a:8d:
25:18:b3:29:cb:d6:e7:c7:b5:56:7e:64:dd:09:9e:
2b:6a:df:38:13:04:0a:8b:48:b9:5e:2a:f9:4f:5c:
9c:a3:87:3f:e6:12:9d:5c:8a:2b:ce:65:b7:e5:47:
82:e7:cf:92:c9:d2:71:ca:6b:a5:e4:3a:b9:fa:f6:
75:eb:3f:99:b0:c7:e0:40:c8:da:cc:e6:20:49:85:
0c:4d:a2:24:79:27:95:d6:ee:24:86:49:3c:3f:62:
98:ca:2c:72:45:e0:e4:fc:b4:cd:d8:40:6b:ea:4e:
29:ac:42:21:61:26:04:0c:48:b9:2d:02:5c:c6:80:
d9:9b:6a:2a:72:dd:58:17:f7:9f:3c:19:f8:48:b6:
9a:ae:73:da:50:b1:55:c9:13:b9:b4:b4:f2:c5:a2:
7c:5b:1b:5d:99:c8:e7:18:79:a4:82:3d:32:39:6c:
a4:42:05:06:55:2b:0b:f8:4b:34:35:86:5b:ef:a7:
18:26:b3:fb:ec:d3:a6:e0:e2:70:52:70:6e:55:75:
1d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AE:2C:9E:F7:BD:01:11:42:EE:5A:29:D3:50:E3:6A:FB:CB:D5:03
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/I64snve9ARFC7lop01DjavvL1QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.160.0/24
Signature Algorithm: sha256WithRSAEncryption
27:d6:51:54:ba:a4:66:69:86:fd:8b:c7:e4:3a:f9:36:c5:86:
71:9d:c7:92:1a:34:d1:54:7b:14:38:62:b7:42:0b:e3:5f:a1:
b8:ae:3a:f2:28:ae:af:a4:b8:35:05:8d:3c:dd:13:91:e9:1e:
c3:d9:98:c8:0b:20:b1:c2:ee:2b:f4:6a:17:66:fe:27:d5:52:
56:0d:10:ed:07:44:5b:38:71:b1:cc:f0:07:93:26:ce:b8:45:
6a:9a:f0:06:4e:5c:8b:9d:99:bf:35:cd:ee:92:58:2d:1a:6f:
e8:e7:a8:d1:df:91:c5:d6:0a:15:7d:fb:ce:b6:17:53:64:0a:
75:f1:92:cc:2b:07:46:53:11:94:6e:78:55:e8:c0:a9:5c:c2:
ef:b8:28:f8:d3:ea:d8:7c:63:9b:4c:be:3e:3f:10:41:fd:00:
37:2e:97:97:c1:93:68:44:bc:17:19:cd:b9:fb:c3:98:12:db:
07:fd:02:64:55:eb:10:b3:e0:47:55:55:d7:01:e1:63:9e:00:
ff:15:44:aa:7c:0d:09:e4:e4:34:76:3f:44:07:d7:b0:6b:91:
2d:60:57:b9:40:8d:b4:c2:db:5c:72:38:3c:ce:ac:3f:c4:ea:
cc:e1:f5:d2:d3:1e:81:a4:b9:f9:6c:88:3d:e2:da:de:3a:62:
77:6d:5a:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34+baLB/FNnhcv/p4ariMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FlMmM5ZWY3YmQwMTExNDJlZTVhMjlkMzUwZTM2YWZiY2JkNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRdOdX8WGYahozuQxRuNDuiS890E
LX5zVJgA/NoHj3nMoPa0/4F7d/s4yWJ8imwoxG1KO/XTZ+I1eo0lGLMpy9bnx7VW
fmTdCZ4rat84EwQKi0i5Xir5T1yco4c/5hKdXIorzmW35UeC58+SydJxymul5Dq5
+vZ16z+ZsMfgQMjazOYgSYUMTaIkeSeV1u4khkk8P2KYyixyReDk/LTN2EBr6k4p
rEIhYSYEDEi5LQJcxoDZm2oqct1YF/efPBn4SLaarnPaULFVyRO5tLTyxaJ8Wxtd
mcjnGHmkgj0yOWykQgUGVSsL+Es0NYZb76cYJrP77NOm4OJwUnBuVXUd7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOuLJ73vQERQu5aKdNQ42r7y9UDMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSTY0c252ZTlBUkZDN2xvcDAxRGphdnZMMVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvISgMA0G
CSqGSIb3DQEBCwUAA4IBAQAn1lFUuqRmaYb9i8fkOvk2xYZxnceSGjTRVHsUOGK3
QgvjX6G4rjryKK6vpLg1BY083ROR6R7D2ZjICyCxwu4r9GoXZv4n1VJWDRDtB0Rb
OHGxzPAHkybOuEVqmvAGTlyLnZm/Nc3uklgtGm/o56jR35HF1goVffvOthdTZAp1
8ZLMKwdGUxGUbnhV6MCpXMLvuCj40+rYfGObTL4+PxBB/QA3LpeXwZNoRLwXGc25
+8OYEtsH/QJkVesQs+BHVVXXAeFjngD/FUSqfA0J5OQ0dj9EB9ewa5EtYFe5QI20
wttccjg8zqw/xOrM4fXS0x6BpLn5bIg94treOmJ3bVrN
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:12:34 2025 by rpki-client