Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/ic_CtB62t_-MNoPcsKZ9s5APprk.roa
File: ic_CtB62t_-MNoPcsKZ9s5APprk.roa (raw, json)
Hash identifier: GOfyA4nTzLum0CVbCBDUUETEpKMmBgTRpUBlGHgPZA4=
Subject key identifier: 89:CF:C2:B4:1E:B6:B7:FF:8C:36:83:DC:B0:A6:7D:B3:90:0F:A6:B9
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 018DD26C970C56BBBA85D4B5B7FCA5ED4AE5
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/ic_CtB62t_-MNoPcsKZ9s5APprk.roa
Signing time: Thu 22 Feb 2024 20:05:48 +0000
ROA not before: Thu 22 Feb 2024 20:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 159.197.224.0/19 maxlen: 24
161.8.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d2:6c:97:0c:56:bb:ba:85:d4:b5:b7:fc:a5:ed:4a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Feb 22 20:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89cfc2b41eb6b7ff8c3683dcb0a67db3900fa6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:46:b2:dc:d2:70:e5:8e:fa:9f:f4:40:83:30:
83:51:0c:4b:8f:e8:0c:b7:0a:76:31:ab:16:df:32:
92:57:7a:da:b8:07:ae:d6:a2:3d:c8:29:34:4d:a2:
e1:de:a8:65:f9:89:15:95:bc:fe:13:32:db:b2:ef:
9a:b3:70:7b:ff:5e:08:f8:d7:e2:00:ec:20:00:c3:
db:98:39:b4:2c:31:47:40:9f:c2:ca:cd:1f:c8:41:
4d:21:9e:20:7a:d2:1c:d1:ad:50:88:1d:93:76:f0:
ef:a1:e2:c9:d8:e3:3d:9a:5b:0f:ef:8c:53:85:ac:
c6:bf:13:b8:62:01:11:c9:2e:92:ff:aa:2d:69:3e:
d6:cd:bd:8c:fc:57:a8:8c:df:a9:42:14:33:05:28:
2b:35:67:3f:c1:2a:97:54:01:d1:c8:15:92:9e:a8:
21:09:05:f0:40:c0:23:65:2c:56:cc:13:1c:a6:31:
92:c9:3b:20:9e:53:54:7a:ea:1d:aa:ec:eb:54:d5:
59:0e:54:7f:fa:f6:c3:cd:39:d7:11:f0:b8:9c:2d:
fd:6e:fb:f6:75:6c:bc:d4:cb:04:16:a6:36:9a:15:
1b:02:82:a7:a4:d4:15:7a:a3:e5:fe:27:4d:2f:4a:
f3:6e:5b:3d:7f:ca:0b:5f:35:d2:e4:1c:e6:b3:30:
ac:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CF:C2:B4:1E:B6:B7:FF:8C:36:83:DC:B0:A6:7D:B3:90:0F:A6:B9
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/ic_CtB62t_-MNoPcsKZ9s5APprk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.224.0/19
161.8.128.0/19
Signature Algorithm: sha256WithRSAEncryption
b6:ea:da:42:81:b6:30:f0:3d:c4:83:4e:3f:52:2c:fd:05:d1:
57:6d:28:b3:50:4c:dc:f6:57:3a:28:5e:65:87:57:0b:00:fb:
89:33:67:e2:c9:23:89:4a:c9:fc:08:c6:69:14:21:4c:ee:d5:
88:57:59:fd:c2:7d:cc:a2:35:14:f9:9c:cc:d2:ec:9e:df:fa:
84:88:46:8f:c4:d3:66:ef:77:2b:e9:9c:87:2c:da:5a:c7:a5:
4a:2a:a2:49:fe:79:5b:e7:e0:e4:96:0c:ba:a2:16:76:1a:e7:
40:8c:d9:38:25:2c:70:b5:11:08:1a:72:3d:aa:3e:7f:07:e9:
da:0c:ae:5d:23:6c:c0:e4:86:c5:ff:4f:ea:1f:87:4c:17:4a:
9c:70:b2:d6:3b:57:bd:d4:b7:e7:f8:64:8d:22:e8:03:fa:1e:
7b:6e:e9:2c:f7:41:26:10:2a:46:40:33:fa:47:64:f6:de:f7:
6e:f5:1f:02:70:dd:29:b1:38:79:5f:e2:03:7e:10:24:62:31:
90:be:4e:59:9f:e4:24:10:6b:38:17:b9:49:24:0b:ba:20:d4:
28:12:05:b4:13:e5:22:ef:1a:41:29:84:84:0e:3d:0b:89:3d:
c7:1b:34:b8:c7:1c:e2:92:71:5d:88:10:7a:91:d2:d0:67:ec:
3e:12:0b:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3SbJcMVru6hdS1t/yl7UrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjQwMjIyMjAwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNmYzJiNDFlYjZiN2ZmOGMzNjgzZGNiMGE2N2RiMzkwMGZhNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEay3NJw5Y76n/RAgzCDUQxLj+gM
twp2MasW3zKSV3rauAeu1qI9yCk0TaLh3qhl+YkVlbz+EzLbsu+as3B7/14I+Nfi
AOwgAMPbmDm0LDFHQJ/Cys0fyEFNIZ4getIc0a1QiB2TdvDvoeLJ2OM9mlsP74xT
hazGvxO4YgERyS6S/6otaT7Wzb2M/FeojN+pQhQzBSgrNWc/wSqXVAHRyBWSnqgh
CQXwQMAjZSxWzBMcpjGSyTsgnlNUeuodquzrVNVZDlR/+vbDzTnXEfC4nC39bvv2
dWy81MsEFqY2mhUbAoKnpNQVeqPl/idNL0rzbls9f8oLXzXS5BzmszCslQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFInPwrQetrf/jDaD3LCmfbOQD6a5MB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvaWNfQ3RCNjJ0Xy1NTm9QY3NLWjlzNUFQcHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFn8XgAwQF
oQiAMA0GCSqGSIb3DQEBCwUAA4IBAQC26tpCgbYw8D3Eg04/Uiz9BdFXbSizUEzc
9lc6KF5lh1cLAPuJM2fiySOJSsn8CMZpFCFM7tWIV1n9wn3MojUU+ZzM0uye3/qE
iEaPxNNm73cr6ZyHLNpax6VKKqJJ/nlb5+Dklgy6ohZ2GudAjNk4JSxwtREIGnI9
qj5/B+naDK5dI2zA5IbF/0/qH4dMF0qccLLWO1e91Lfn+GSNIugD+h57buks90Em
ECpGQDP6R2T23vdu9R8CcN0psTh5X+IDfhAkYjGQvk5Zn+QkEGs4F7lJJAu6INQo
EgW0E+Ui7xpBKYSEDj0LiT3HGzS4xxziknFdiBB6kdLQZ+w+Egtq
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:02 2025 by rpki-client