Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/IviE858-xzClNMKBIcOo8xnsNmM.roa
File: IviE858-xzClNMKBIcOo8xnsNmM.roa (raw, json)
Hash identifier: K3jAhQBw1spKl6G8PCVetuTQIQwD20P7QRFgK8fKNSs=
Subject key identifier: 22:F8:84:F3:9F:3E:C7:30:A5:34:C2:81:21:C3:A8:F3:19:EC:36:63
Certificate issuer: /CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Certificate serial: 018CC4251F3655B79EAE37695335FFF0173B
Authority key identifier: AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/IviE858-xzClNMKBIcOo8xnsNmM.roa
Signing time: Mon 01 Jan 2024 08:30:16 +0000
ROA not before: Mon 01 Jan 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8881
IP address blocks: 194.99.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1f:36:55:b7:9e:ae:37:69:53:35:ff:f0:17:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22f884f39f3ec730a534c28121c3a8f319ec3663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ac:c3:80:81:e3:52:2b:3a:5e:93:f7:e2:6c:
83:f7:f7:f4:5f:5d:bd:59:56:b3:4d:7b:24:0c:29:
6a:38:45:ce:b0:1e:b2:5f:d5:98:8a:ed:86:6c:9d:
7b:7c:e7:fb:59:57:fe:06:1d:d9:7e:e1:97:35:23:
e4:37:38:47:02:af:89:c9:b6:dd:b9:b8:f0:f0:33:
13:e1:e2:ae:b2:ee:ac:7f:3e:0a:26:4e:74:9f:92:
1c:32:80:5d:9c:5a:87:62:16:25:27:04:dd:bb:11:
69:97:d6:48:4c:cd:31:73:fd:31:7f:31:f2:6c:e8:
59:f3:8c:2f:1b:da:0b:22:7b:8a:6e:3c:fb:c7:0d:
5e:c1:ed:23:cc:30:f5:96:b7:d0:a3:c3:8e:99:94:
16:87:f0:a4:08:f6:1a:60:de:20:54:16:f7:c8:d2:
f4:65:35:5c:75:47:d4:8c:ef:05:55:34:1c:db:52:
bf:7b:30:e1:40:89:68:3b:56:a6:9b:7f:63:ae:de:
be:fb:df:82:af:bf:8d:b5:5f:2e:04:c2:85:54:11:
bb:cc:b5:a4:24:87:22:77:d6:81:a3:13:cd:ad:50:
26:3c:ea:73:42:d1:9d:4f:cf:01:a5:bb:ae:c2:e5:
ca:2b:1f:cf:cf:de:bc:d2:a4:93:bd:df:50:c8:44:
b6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F8:84:F3:9F:3E:C7:30:A5:34:C2:81:21:C3:A8:F3:19:EC:36:63
X509v3 Authority Key Identifier:
keyid:AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/IviE858-xzClNMKBIcOo8xnsNmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.113.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:f0:e3:a7:47:88:25:55:24:fb:7e:fe:f8:c3:5d:86:6f:52:
25:dc:c2:87:76:a8:50:b8:29:3d:b0:9a:85:40:b1:24:86:2b:
42:ed:f5:69:ec:09:29:20:20:21:31:f4:5d:82:84:08:93:0f:
6a:d2:ff:cd:2e:1f:f4:97:25:ca:00:12:b7:0f:77:59:27:1f:
93:7a:7a:16:11:02:fd:e1:eb:46:e8:3d:13:5a:c6:69:46:29:
23:00:5f:a4:e6:c1:8c:fe:84:86:84:94:c7:8a:9d:7f:3d:9f:
a1:79:d8:3f:b2:a6:e8:61:10:bf:1d:ee:5d:6e:60:50:79:c9:
26:af:72:13:c0:70:4e:21:5d:70:ef:81:71:2e:14:9b:17:a3:
73:c2:2b:d5:69:86:9b:64:a4:4f:bd:b0:2b:ee:c9:96:eb:8a:
7b:8b:ea:04:7e:fa:b5:72:c9:7a:f8:67:f3:97:db:b0:af:53:
5b:04:d5:60:56:a0:41:09:95:0d:b6:94:cf:62:13:43:2c:28:
15:68:f3:71:4e:57:73:55:7b:f8:58:d4:3a:d5:4f:5b:08:ad:
e1:52:5e:ef:d2:16:3c:71:84:05:dc:07:2b:53:44:de:4f:b2:
ed:b8:8f:d8:16:49:d5:6a:ba:f8:da:f0:2e:db:92:d2:8f:a2:
d7:a9:a8:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJR82VbeerjdpUzX/8Bc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWRjMThhNGIxZmJmZTJjMmJhYmQ4YmJiNDdmZTFmZDFj
ZjIyZjgwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY4ODRmMzlmM2VjNzMwYTUzNGMyODEyMWMzYThmMzE5ZWMzNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6zDgIHjUis6XpP34myD9/f0X129
WVazTXskDClqOEXOsB6yX9WYiu2GbJ17fOf7WVf+Bh3ZfuGXNSPkNzhHAq+Jybbd
ubjw8DMT4eKusu6sfz4KJk50n5IcMoBdnFqHYhYlJwTduxFpl9ZITM0xc/0xfzHy
bOhZ84wvG9oLInuKbjz7xw1ewe0jzDD1lrfQo8OOmZQWh/CkCPYaYN4gVBb3yNL0
ZTVcdUfUjO8FVTQc21K/ezDhQIloO1amm39jrt6++9+Cr7+NtV8uBMKFVBG7zLWk
JIcid9aBoxPNrVAmPOpzQtGdT88BpbuuwuXKKx/Pz9680qSTvd9QyES21QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCL4hPOfPscwpTTCgSHDqPMZ7DZjMB8GA1UdIwQY
MBaAFK4dwYpLH7/iwrq9i7tH/h/RzyL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMt
OGU3MTQ5ZjA0YTRlLzEvSXZpRTg1OC14ekNsTk1LQkljT284eG5zTm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMtOGU3MTQ5ZjA0YTRl
LzEvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmNxMA0G
CSqGSIb3DQEBCwUAA4IBAQBO8OOnR4glVST7fv74w12Gb1Il3MKHdqhQuCk9sJqF
QLEkhitC7fVp7AkpICAhMfRdgoQIkw9q0v/NLh/0lyXKABK3D3dZJx+TenoWEQL9
4etG6D0TWsZpRikjAF+k5sGM/oSGhJTHip1/PZ+hedg/sqboYRC/He5dbmBQeckm
r3ITwHBOIV1w74FxLhSbF6NzwivVaYabZKRPvbAr7smW64p7i+oEfvq1csl6+Gfz
l9uwr1NbBNVgVqBBCZUNtpTPYhNDLCgVaPNxTldzVXv4WNQ61U9bCK3hUl7v0hY8
cYQF3AcrU0TeT7LtuI/YFknVarr42vAu25LSj6LXqaiz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:43 2025 by rpki-client