Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/98149a-b996-45dc-8fcc-53e6c14fcc0c/1/IKaT2GG1V5wVGBPGMrFrImFuLEY.roa
File: IKaT2GG1V5wVGBPGMrFrImFuLEY.roa (raw, json)
Hash identifier: kn5uX4N0XEp8t1PNMvgnegF+jAHZfF4zrakKJ0vJqds=
Subject key identifier: 20:A6:93:D8:61:B5:57:9C:15:18:13:C6:32:B1:6B:22:61:6E:2C:46
Certificate issuer: /CN=a5e69bd82d5ec0c7bd3d5dc9f92902f35e357a45
Certificate serial: 01856CEF1FA6F39EC342E4723850DBE57133
Authority key identifier: A5:E6:9B:D8:2D:5E:C0:C7:BD:3D:5D:C9:F9:29:02:F3:5E:35:7A:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/peab2C1ewMe9PV3J-SkC8141ekU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/98149a-b996-45dc-8fcc-53e6c14fcc0c/1/IKaT2GG1V5wVGBPGMrFrImFuLEY.roa
Signing time: Sun 01 Jan 2023 10:44:48 +0000
ROA not before: Sun 01 Jan 2023 10:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207932
IP address blocks: 194.127.200.0/24 maxlen: 24
194.127.201.0/24 maxlen: 24
194.127.212.0/24 maxlen: 24
194.127.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:1f:a6:f3:9e:c3:42:e4:72:38:50:db:e5:71:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5e69bd82d5ec0c7bd3d5dc9f92902f35e357a45
Validity
Not Before: Jan 1 10:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20a693d861b5579c151813c632b16b22616e2c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:05:f8:97:12:8c:56:ad:63:9a:96:39:e0:
4e:ec:27:22:d9:d4:56:cf:4a:00:1c:3b:60:0b:d5:
60:63:82:3f:cf:69:5a:a6:60:4e:e3:40:11:97:89:
09:48:86:71:e1:29:e9:f9:84:dc:73:ed:20:d7:51:
0a:98:78:f2:ed:01:c2:64:c6:9e:9d:85:0b:f4:5e:
6d:72:97:ee:69:bb:fc:9d:47:00:80:85:9e:3f:af:
55:1f:f1:18:33:29:4d:d4:7e:56:69:21:a2:1c:0c:
01:57:53:97:f5:a3:6d:bf:f6:cd:fa:4e:a4:f7:6e:
6e:af:7c:d4:ca:8d:63:3a:df:27:32:d9:5e:79:fa:
f4:f1:d2:f7:9b:fb:2f:c8:9f:9c:cc:c5:9d:d0:f6:
44:1e:82:5c:1d:eb:fd:bb:f0:5a:db:ae:6f:a9:21:
60:05:5e:e5:3a:35:08:0a:f2:99:64:ca:c7:3d:d6:
f5:1e:6a:e6:15:dc:d2:e8:47:aa:65:e8:49:91:b4:
95:10:8e:8b:9c:57:d4:3e:8b:ea:d2:9c:6f:ca:5b:
fc:49:87:e0:69:36:14:88:43:eb:df:f7:04:02:be:
72:74:79:bc:24:14:03:63:1f:4d:18:76:9d:dd:2d:
e5:8c:b2:dd:f9:47:56:f6:d6:a2:ef:d2:ee:61:9f:
3f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A6:93:D8:61:B5:57:9C:15:18:13:C6:32:B1:6B:22:61:6E:2C:46
X509v3 Authority Key Identifier:
keyid:A5:E6:9B:D8:2D:5E:C0:C7:BD:3D:5D:C9:F9:29:02:F3:5E:35:7A:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/peab2C1ewMe9PV3J-SkC8141ekU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/98149a-b996-45dc-8fcc-53e6c14fcc0c/1/IKaT2GG1V5wVGBPGMrFrImFuLEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/98149a-b996-45dc-8fcc-53e6c14fcc0c/1/peab2C1ewMe9PV3J-SkC8141ekU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.200.0/23
194.127.212.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:fb:1b:e3:42:d2:c8:48:60:16:4d:27:dc:bd:aa:33:5f:ba:
ff:85:fa:03:fb:d8:2e:1c:27:67:80:39:95:71:03:c6:85:01:
3e:3f:e3:bc:77:d0:36:e6:e5:bc:56:ea:48:ad:ba:9c:65:a1:
46:94:e8:e8:4d:9c:60:62:fb:8e:3a:c9:6c:6f:29:3c:a5:1b:
0b:58:11:d4:a2:85:ed:b2:2a:a6:f9:4b:d6:37:69:7b:87:1e:
d4:6b:68:ed:b6:d8:7b:52:9f:9c:cf:5c:c1:03:fc:81:ca:f3:
dd:85:0f:c2:2e:a1:db:a6:e6:0a:18:b0:dd:70:a2:63:cf:87:
ef:db:00:b6:3d:06:83:30:cf:67:e3:aa:07:6c:3f:0b:0f:df:
a5:58:5b:fc:46:bb:74:c4:13:5d:25:5b:aa:14:2b:f8:eb:24:
6e:9e:ea:59:d6:29:ea:1a:bf:14:8c:1e:e1:3a:63:4d:31:97:
e4:8c:8e:39:ed:74:10:73:52:62:d1:51:02:e2:96:8f:e4:fe:
86:25:1e:ec:7a:59:cf:8b:c2:cc:a4:2d:f3:e3:8e:32:1d:1e:
ae:74:98:02:97:f1:05:e0:59:60:8b:53:53:ac:6c:c0:c4:87:
5c:6b:04:fc:dc:28:7f:73:a6:37:2c:09:cb:5b:31:1f:8e:e1:
a2:68:c2:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs7x+m857DQuRyOFDb5XEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZTY5YmQ4MmQ1ZWMwYzdiZDNkNWRjOWY5MjkwMmYzNWUz
NTdhNDUwHhcNMjMwMTAxMTA0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE2OTNkODYxYjU1NzljMTUxODEzYzYzMmIxNmIyMjYxNmUyYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3sF+JcSjFatY5qWOeBO7Cci2dRW
z0oAHDtgC9VgY4I/z2lapmBO40ARl4kJSIZx4Snp+YTcc+0g11EKmHjy7QHCZMae
nYUL9F5tcpfuabv8nUcAgIWeP69VH/EYMylN1H5WaSGiHAwBV1OX9aNtv/bN+k6k
925ur3zUyo1jOt8nMtleefr08dL3m/svyJ+czMWd0PZEHoJcHev9u/Ba265vqSFg
BV7lOjUICvKZZMrHPdb1HmrmFdzS6EeqZehJkbSVEI6LnFfUPovq0pxvylv8SYfg
aTYUiEPr3/cEAr5ydHm8JBQDYx9NGHad3S3ljLLd+UdW9tai79LuYZ8/KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCmk9hhtVecFRgTxjKxayJhbixGMB8GA1UdIwQY
MBaAFKXmm9gtXsDHvT1dyfkpAvNeNXpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGVhYjJDMWV3TWU5UFYzSi1Ta0M4MTQxZWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS85ODE0OWEtYjk5Ni00NWRjLThmY2Mt
NTNlNmMxNGZjYzBjLzEvSUthVDJHRzFWNXdWR0JQR01yRnJJbUZ1TEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS85ODE0OWEtYjk5Ni00NWRjLThmY2MtNTNlNmMxNGZjYzBj
LzEvcGVhYjJDMWV3TWU5UFYzSi1Ta0M4MTQxZWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwn/IAwQB
wn/UMA0GCSqGSIb3DQEBCwUAA4IBAQB9+xvjQtLISGAWTSfcvaozX7r/hfoD+9gu
HCdngDmVcQPGhQE+P+O8d9A25uW8VupIrbqcZaFGlOjoTZxgYvuOOslsbyk8pRsL
WBHUooXtsiqm+UvWN2l7hx7Ua2jttth7Up+cz1zBA/yByvPdhQ/CLqHbpuYKGLDd
cKJjz4fv2wC2PQaDMM9n46oHbD8LD9+lWFv8Rrt0xBNdJVuqFCv46yRunupZ1inq
Gr8UjB7hOmNNMZfkjI457XQQc1Ji0VEC4paP5P6GJR7selnPi8LMpC3z444yHR6u
dJgCl/EF4Flgi1NTrGzAxIdcawT83Ch/c6Y3LAnLWzEfjuGiaMK0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:46 2024 by rpki-client on console-fra.rpki-client.org