Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/8iG5IYNPBsohjNzz3aig9dfonkA.roa
File: 8iG5IYNPBsohjNzz3aig9dfonkA.roa (raw, json)
Hash identifier: iPsckdXpmeoi/tqyU3TUxvMf6uAPZOcPD/6qLuw+NDM=
Subject key identifier: F2:21:B9:21:83:4F:06:CA:21:8C:DC:F3:DD:A8:A0:F5:D7:E8:9E:40
Certificate issuer: /CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Certificate serial: 01922863E70823E73BE99BFCF86AC7DD7506
Authority key identifier: D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/8iG5IYNPBsohjNzz3aig9dfonkA.roa
Signing time: Wed 25 Sep 2024 08:54:48 +0000
ROA not before: Wed 25 Sep 2024 08:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 37.58.48.0/20 maxlen: 20
178.162.192.0/18 maxlen: 18
185.17.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 25 Sep 2024 09:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:63:e7:08:23:e7:3b:e9:9b:fc:f8:6a:c7:dd:75:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Validity
Not Before: Sep 25 08:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f221b921834f06ca218cdcf3dda8a0f5d7e89e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:91:bf:33:8f:eb:d6:0e:6d:d7:86:63:49:cd:
f2:a3:76:40:8a:63:45:ab:c5:88:ee:1f:98:d9:d3:
06:12:09:d4:f7:47:a8:da:1c:db:86:f7:13:c8:65:
ca:27:29:b3:80:af:2e:a4:06:01:60:de:09:2e:1e:
4f:e2:22:3d:f5:5c:50:61:fc:df:59:23:69:9b:71:
3b:20:bf:0e:c1:b3:64:f0:fb:f0:a3:c5:2e:8a:38:
79:51:06:0e:39:4b:66:3a:50:54:f9:48:aa:c4:5c:
c4:af:d1:ee:85:da:ab:0a:c8:10:98:d9:b8:e6:a5:
a2:c9:20:e0:ff:be:60:3b:91:c3:1a:71:0c:30:7d:
0b:d4:5a:c2:0e:0e:9a:74:5a:96:5f:2d:af:16:1c:
58:d6:a7:0d:69:26:96:e1:8c:f0:f5:33:54:7e:1c:
b2:fd:8e:1d:b9:58:88:45:0f:88:4a:81:ad:51:1a:
7e:cf:62:22:70:d5:5f:9f:c4:5a:6b:5d:55:4f:ca:
71:48:2e:9a:91:18:03:07:0a:e9:2f:bc:b0:8a:24:
17:ae:c6:74:71:f6:0d:2f:2b:89:0b:da:45:a8:02:
94:f5:28:3b:1e:53:56:0f:ad:89:33:4a:58:bd:8f:
7b:cd:ff:eb:95:cf:61:59:ac:66:35:83:1c:e1:2f:
05:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:21:B9:21:83:4F:06:CA:21:8C:DC:F3:DD:A8:A0:F5:D7:E8:9E:40
X509v3 Authority Key Identifier:
keyid:D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/8iG5IYNPBsohjNzz3aig9dfonkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.48.0/20
178.162.192.0/18
185.17.144.0/22
Signature Algorithm: sha256WithRSAEncryption
68:a0:15:80:0b:fb:f8:b0:54:d6:8b:83:46:1e:58:8a:cf:c4:
ef:02:b8:14:88:25:65:28:30:88:82:72:83:cf:45:49:71:ff:
a4:41:a7:7b:13:18:49:69:5e:b4:d1:79:0a:fc:42:c5:5f:84:
cf:33:32:f7:1d:ba:0c:ec:e1:d4:1b:b4:cc:e3:18:f9:9d:23:
9c:79:03:db:72:c9:1f:c7:13:3b:3a:6e:ca:07:9c:32:28:ee:
72:72:10:6e:53:8b:c2:6f:5c:c4:a2:1d:f1:2a:39:b0:10:63:
ea:e5:e8:da:85:d9:d6:4e:70:db:83:ff:34:be:61:bd:48:8c:
f0:9b:34:1d:ce:28:f6:d6:44:84:ba:77:26:9a:66:6a:55:f4:
37:1f:cb:80:00:be:9c:ba:07:1c:b3:73:74:74:0d:13:2c:15:
cf:24:6f:28:ef:27:e8:b3:6a:e5:e5:07:74:f6:5e:ef:1e:cb:
77:36:48:6c:08:62:48:f5:d1:19:70:2b:63:5e:ee:69:1d:83:
02:52:69:a6:7e:d5:59:ba:d1:b4:e2:22:d4:d0:b1:3a:80:00:
02:5c:28:bc:a9:26:71:e5:2d:d9:1f:8e:ef:ae:c7:66:d7:d2:
a1:68:d6:c5:bf:3b:cc:2f:3a:52:ad:f4:b4:cb:ba:1b:f3:9b:
d9:2d:a4:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIoY+cII+c76Zv8+GrH3XUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTQ0MzZlZDMyNDJiZGRiOTZmZGYxMzlhMTI1M2RlYjk4
NmRmZDAwHhcNMjQwOTI1MDg1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIxYjkyMTgzNGYwNmNhMjE4Y2RjZjNkZGE4YTBmNWQ3ZTg5ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pG/M4/r1g5t14ZjSc3yo3ZAimNF
q8WI7h+Y2dMGEgnU90eo2hzbhvcTyGXKJymzgK8upAYBYN4JLh5P4iI99VxQYfzf
WSNpm3E7IL8OwbNk8Pvwo8Uuijh5UQYOOUtmOlBU+UiqxFzEr9HuhdqrCsgQmNm4
5qWiySDg/75gO5HDGnEMMH0L1FrCDg6adFqWXy2vFhxY1qcNaSaW4Yzw9TNUfhyy
/Y4duViIRQ+ISoGtURp+z2IicNVfn8Raa11VT8pxSC6akRgDBwrpL7ywiiQXrsZ0
cfYNLyuJC9pFqAKU9Sg7HlNWD62JM0pYvY97zf/rlc9hWaxmNYMc4S8FJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPIhuSGDTwbKIYzc892ooPXX6J5AMB8GA1UdIwQY
MBaAFNZUQ27TJCvduW/fE5oSU965ht/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUt
YTE0MjA4N2NlODkwLzEvOGlHNUlZTlBCc29oak56ejNhaWc5ZGZvbmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUtYTE0MjA4N2NlODkw
LzEvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEJTowAwQG
sqLAAwQCuRGQMA0GCSqGSIb3DQEBCwUAA4IBAQBooBWAC/v4sFTWi4NGHliKz8Tv
ArgUiCVlKDCIgnKDz0VJcf+kQad7ExhJaV600XkK/ELFX4TPMzL3HboM7OHUG7TM
4xj5nSOceQPbcskfxxM7Om7KB5wyKO5ychBuU4vCb1zEoh3xKjmwEGPq5ejahdnW
TnDbg/80vmG9SIzwmzQdzij21kSEuncmmmZqVfQ3H8uAAL6cugccs3N0dA0TLBXP
JG8o7yfos2rl5Qd09l7vHst3NkhsCGJI9dEZcCtjXu5pHYMCUmmmftVZutG04iLU
0LE6gAACXCi8qSZx5S3ZH47vrsdm19KhaNbFvzvMLzpSrfS0y7ob85vZLaRn
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:43 2025 by rpki-client