Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iWLIkdehME66wOHHpzEdueVooow.roa
File: iWLIkdehME66wOHHpzEdueVooow.roa (raw, json)
Hash identifier: zfu+GC4p7C3AkZDLOlzCf7KgXZYUPH/C7NteUfJpq6c=
Subject key identifier: 89:62:C8:91:D7:A1:30:4E:BA:C0:E1:C7:A7:31:1D:B9:E5:68:A2:8C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29F4CD6FA698C7F2AFB02A7505D017
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iWLIkdehME66wOHHpzEdueVooow.roa
Signing time: Tue 02 Jan 2024 12:33:16 +0000
ROA not before: Tue 02 Jan 2024 12:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44019
IP address blocks: 95.46.157.0/24 maxlen: 24
93.170.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f4:cd:6f:a6:98:c7:f2:af:b0:2a:75:05:d0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8962c891d7a1304ebac0e1c7a7311db9e568a28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:e8:e8:c9:81:14:16:c5:da:14:5f:28:05:
fc:f4:9d:a2:cd:75:03:93:8c:55:cd:a9:09:db:a4:
e6:5e:95:36:aa:96:2d:9c:a9:4b:8f:70:10:94:97:
69:e4:b6:c7:d0:81:ae:d6:25:58:f2:18:72:9e:b1:
b7:17:b9:c1:a1:7b:68:1d:67:f3:07:6c:f6:e5:8c:
48:b9:89:29:8f:db:08:0d:ee:69:8e:bb:89:e0:a4:
16:82:95:c5:53:d0:74:be:2b:0b:db:25:d4:b5:8f:
a0:1f:af:30:12:8c:6a:28:91:a5:6a:5b:5f:21:1c:
53:09:bf:d4:68:1e:0a:4d:89:b0:1a:2f:39:21:33:
bf:02:a1:c4:79:7b:bb:be:11:31:41:8a:af:76:24:
00:b0:23:44:b5:d5:d6:33:78:ef:a1:16:68:9d:65:
9b:17:12:7b:ab:74:16:6d:e6:87:0c:6a:99:61:ab:
38:48:b7:bf:a5:ee:be:c5:18:df:7d:94:89:81:5c:
79:0d:a1:23:f0:e4:1f:95:ed:c6:95:19:80:6b:3e:
18:82:f8:15:8c:7c:48:a0:01:4e:13:77:42:6f:1d:
23:43:d2:79:9a:c5:c5:7c:cd:a3:3e:a7:3b:0f:d7:
fe:fa:f9:12:cc:71:25:88:f3:05:7d:60:0c:a2:5e:
c5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:62:C8:91:D7:A1:30:4E:BA:C0:E1:C7:A7:31:1D:B9:E5:68:A2:8C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iWLIkdehME66wOHHpzEdueVooow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.134.0/24
95.46.157.0/24
Signature Algorithm: sha256WithRSAEncryption
70:7b:7c:47:ec:2f:3c:72:98:6f:3d:82:4c:f6:b2:8b:c6:9d:
81:d8:3b:74:55:d7:11:9b:a8:5b:9b:57:e1:a6:78:66:f7:33:
72:d3:3e:b2:34:5a:28:47:11:50:33:5e:dc:d3:0b:0b:13:45:
51:52:74:68:73:11:92:3b:d0:ef:52:76:d9:da:3e:2c:46:de:
20:5e:b0:78:73:f6:c8:d4:77:65:46:63:f0:25:1e:93:00:14:
94:21:38:62:14:49:4f:23:2c:22:dc:1c:74:4a:a8:2b:d3:68:
d0:af:c6:67:68:ad:24:82:06:6d:c0:a6:27:6e:72:e6:2b:68:
af:12:b0:8a:4f:90:a1:b3:c2:aa:d5:f9:49:a2:9d:11:e4:10:
93:bd:1f:38:78:35:e8:e2:5a:5c:c2:2f:20:75:66:ff:32:ed:
58:6e:9b:2a:e6:76:b1:06:41:e4:16:70:21:1f:0d:df:bf:b9:
2e:6c:f6:17:09:37:d3:16:6d:cb:50:ac:1f:b4:95:de:cf:42:
c7:96:55:95:4f:19:31:01:fb:ae:8d:0f:1a:a2:e5:9c:ad:9a:
f7:c5:68:dc:59:55:e8:ac:18:5f:de:03:2b:8f:79:56:35:46:
3b:72:86:df:b7:d1:77:be:2a:3d:2f:8a:0a:8b:56:32:7e:9a:
6e:30:ba:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKfTNb6aYx/KvsCp1BdAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYyYzg5MWQ3YTEzMDRlYmFjMGUxYzdhNzMxMWRiOWU1NjhhMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXLo6MmBFBbF2hRfKAX89J2izXUD
k4xVzakJ26TmXpU2qpYtnKlLj3AQlJdp5LbH0IGu1iVY8hhynrG3F7nBoXtoHWfz
B2z25YxIuYkpj9sIDe5pjruJ4KQWgpXFU9B0visL2yXUtY+gH68wEoxqKJGlaltf
IRxTCb/UaB4KTYmwGi85ITO/AqHEeXu7vhExQYqvdiQAsCNEtdXWM3jvoRZonWWb
FxJ7q3QWbeaHDGqZYas4SLe/pe6+xRjffZSJgVx5DaEj8OQfle3GlRmAaz4YgvgV
jHxIoAFOE3dCbx0jQ9J5msXFfM2jPqc7D9f++vkSzHEliPMFfWAMol7FJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIliyJHXoTBOusDhx6cxHbnlaKKMMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaVdMSWtkZWhNRTY2d09ISHB6RWR1ZVZvb293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXaqGAwQA
Xy6dMA0GCSqGSIb3DQEBCwUAA4IBAQBwe3xH7C88cphvPYJM9rKLxp2B2Dt0VdcR
m6hbm1fhpnhm9zNy0z6yNFooRxFQM17c0wsLE0VRUnRocxGSO9DvUnbZ2j4sRt4g
XrB4c/bI1HdlRmPwJR6TABSUIThiFElPIywi3Bx0Sqgr02jQr8ZnaK0kggZtwKYn
bnLmK2ivErCKT5Chs8Kq1flJop0R5BCTvR84eDXo4lpcwi8gdWb/Mu1Ybpsq5nax
BkHkFnAhHw3fv7kubPYXCTfTFm3LUKwftJXez0LHllWVTxkxAfuujQ8aouWcrZr3
xWjcWVXorBhf3gMrj3lWNUY7cobft9F3vio9L4oKi1YyfppuMLov
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:10:02 2025 by rpki-client