Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/Ickk_xto0AqkMCUfLBeYGgu9ySw.roa
File: Ickk_xto0AqkMCUfLBeYGgu9ySw.roa (raw, json)
Hash identifier: 216xKawdYm4DixD3aQBy5oTliG2oYxMN4qOlgaO6uZk=
Subject key identifier: 21:C9:24:FF:1B:68:D0:0A:A4:30:25:1F:2C:17:98:1A:0B:BD:C9:2C
Certificate issuer: /CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Certificate serial: 0185708CAB3025DF285389CACF2BE83495B4
Authority key identifier: AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/Ickk_xto0AqkMCUfLBeYGgu9ySw.roa
Signing time: Mon 02 Jan 2023 03:35:45 +0000
ROA not before: Mon 02 Jan 2023 03:35:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8881
IP address blocks: 194.99.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:ab:30:25:df:28:53:89:ca:cf:2b:e8:34:95:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Validity
Not Before: Jan 2 03:35:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21c924ff1b68d00aa430251f2c17981a0bbdc92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ba:53:1d:08:27:5a:61:b3:b2:e9:b2:e1:f2:
55:71:89:6b:bb:25:93:e8:7a:d4:b5:64:f1:ff:50:
4b:bf:d4:62:c8:5a:a2:90:73:bb:4e:f6:f1:7e:81:
ee:da:ef:7d:aa:a5:de:e2:ce:3c:e1:06:c3:fb:b7:
9b:7d:24:3a:b1:5f:6f:66:fa:9c:7e:ac:03:87:80:
3f:b8:25:a2:ef:de:14:59:d0:b8:ca:a6:7f:d9:19:
6b:ca:83:6d:b7:a7:04:3b:f1:ad:8c:52:c5:53:40:
8d:70:92:e0:53:2c:4b:92:25:b6:1a:44:0a:e5:ba:
2f:37:ff:fb:1d:68:e0:72:b3:cf:56:a0:5f:c2:d4:
77:a9:b5:6e:d9:04:67:9e:13:de:17:ea:57:b9:41:
25:76:b0:1d:ad:65:f9:fd:f8:ec:90:a9:8e:38:c1:
dc:73:17:4f:82:9a:76:8c:f3:94:9c:af:e9:be:a2:
5d:bd:7b:44:4f:7e:b6:8e:f3:92:a5:0a:50:03:87:
2d:2d:ff:05:14:87:ea:fb:17:a0:fa:12:98:78:9d:
31:b1:69:1e:2c:8a:e5:52:f0:4d:43:fd:45:f2:4b:
21:cb:99:42:5f:dd:b9:ad:6c:9a:39:28:31:5a:04:
20:9d:76:73:0b:ee:26:cc:69:d6:c4:75:97:dc:b8:
a3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C9:24:FF:1B:68:D0:0A:A4:30:25:1F:2C:17:98:1A:0B:BD:C9:2C
X509v3 Authority Key Identifier:
keyid:AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/Ickk_xto0AqkMCUfLBeYGgu9ySw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.113.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:ce:f8:23:ed:39:65:cd:f2:5b:a8:9a:35:81:38:68:d6:d7:
a5:72:5b:34:bd:aa:10:d3:87:fb:2b:d4:43:14:2b:1b:f8:5b:
eb:a3:26:21:75:5b:02:38:9d:aa:15:35:00:e2:2c:30:87:d8:
83:37:0a:21:21:6b:c2:43:cf:3b:0a:e8:69:eb:c6:51:a2:96:
1b:69:92:cf:2a:34:5d:6e:6e:6b:50:91:18:eb:cb:c7:6f:8c:
78:28:61:ec:22:c3:a0:cc:3b:39:8c:26:5a:60:b9:d6:25:d8:
07:06:be:c3:5c:05:9f:6f:5e:6f:1c:56:71:2e:d0:14:be:cd:
b9:33:ff:fa:c9:d7:a7:6e:ae:2a:96:ce:1c:2d:08:22:a9:c0:
ea:72:d5:7d:b8:da:6b:22:fe:8a:fd:15:9e:0d:26:fa:17:e7:
a6:65:9d:72:15:19:d8:e4:ad:cb:7b:89:df:34:ee:ef:59:88:
be:c8:94:e3:65:c3:ff:a5:2e:4d:78:e7:97:2f:ab:fd:0c:3a:
be:38:c3:f1:f5:1a:0b:83:66:26:60:86:d5:95:bd:64:f1:a6:
b7:69:15:5e:74:fb:cd:fe:1a:39:0b:1c:40:76:2b:35:90:96:
bd:55:48:7c:03:7d:89:78:12:d2:84:76:e0:c1:b1:8c:5a:e7:
ff:65:83:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKswJd8oU4nKzyvoNJW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWRjMThhNGIxZmJmZTJjMmJhYmQ4YmJiNDdmZTFmZDFj
ZjIyZjgwHhcNMjMwMTAyMDMzNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM5MjRmZjFiNjhkMDBhYTQzMDI1MWYyYzE3OTgxYTBiYmRjOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7pTHQgnWmGzsumy4fJVcYlruyWT
6HrUtWTx/1BLv9RiyFqikHO7TvbxfoHu2u99qqXe4s484QbD+7ebfSQ6sV9vZvqc
fqwDh4A/uCWi794UWdC4yqZ/2RlryoNtt6cEO/GtjFLFU0CNcJLgUyxLkiW2GkQK
5bovN//7HWjgcrPPVqBfwtR3qbVu2QRnnhPeF+pXuUEldrAdrWX5/fjskKmOOMHc
cxdPgpp2jPOUnK/pvqJdvXtET362jvOSpQpQA4ctLf8FFIfq+xeg+hKYeJ0xsWke
LIrlUvBNQ/1F8kshy5lCX925rWyaOSgxWgQgnXZzC+4mzGnWxHWX3Lij2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHJJP8baNAKpDAlHywXmBoLvcksMB8GA1UdIwQY
MBaAFK4dwYpLH7/iwrq9i7tH/h/RzyL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMt
OGU3MTQ5ZjA0YTRlLzEvSWNra194dG8wQXFrTUNVZkxCZVlHZ3U5eVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMtOGU3MTQ5ZjA0YTRl
LzEvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmNxMA0G
CSqGSIb3DQEBCwUAA4IBAQC3zvgj7TllzfJbqJo1gTho1telcls0vaoQ04f7K9RD
FCsb+FvroyYhdVsCOJ2qFTUA4iwwh9iDNwohIWvCQ887Cuhp68ZRopYbaZLPKjRd
bm5rUJEY68vHb4x4KGHsIsOgzDs5jCZaYLnWJdgHBr7DXAWfb15vHFZxLtAUvs25
M//6ydenbq4qls4cLQgiqcDqctV9uNprIv6K/RWeDSb6F+emZZ1yFRnY5K3Le4nf
NO7vWYi+yJTjZcP/pS5NeOeXL6v9DDq+OMPx9RoLg2YmYIbVlb1k8aa3aRVedPvN
/ho5CxxAdis1kJa9VUh8A32JeBLShHbgwbGMWuf/ZYMU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:28 2024 by rpki-client on console-fra.rpki-client.org