Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/IIIXS2gX8FMttTO7LgKvRf4fbiI.roa
File: IIIXS2gX8FMttTO7LgKvRf4fbiI.roa (raw, json)
Hash identifier: x04dYuEh0qABE4nNeB7apFgO9cUKnjWvdfbT44nhXaw=
Subject key identifier: 20:82:17:4B:68:17:F0:53:2D:B5:33:BB:2E:02:AF:45:FE:1F:6E:22
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 0190CB88CF2E91CA489F6B6158CD1884D1E4
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/IIIXS2gX8FMttTO7LgKvRf4fbiI.roa
Signing time: Fri 19 Jul 2024 15:07:39 +0000
ROA not before: Fri 19 Jul 2024 15:07:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 09:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:88:cf:2e:91:ca:48:9f:6b:61:58:cd:18:84:d1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jul 19 15:07:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2082174b6817f0532db533bb2e02af45fe1f6e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d5:40:b7:31:25:33:fe:ac:28:0e:ed:6c:51:
99:8e:36:1b:d8:ec:e8:04:fb:d0:52:a1:39:82:7f:
94:e6:20:43:6b:db:4e:e0:7a:07:14:0f:03:d1:1f:
80:95:34:49:77:82:97:97:e0:1c:16:94:a9:3d:4e:
50:0b:14:c0:b5:e8:e6:78:2a:37:7c:1f:2b:58:a4:
bd:99:16:c6:8d:bd:5a:d2:28:2d:2f:77:fe:c1:50:
ce:97:3f:6c:8c:8c:2a:01:d4:b6:42:26:dc:32:2a:
49:26:e7:fa:db:22:3a:a4:14:12:ee:f0:1e:86:4d:
51:2b:df:ab:6c:01:4f:86:f5:95:97:09:a3:1e:4d:
0b:7e:28:c7:0a:6c:3e:35:34:79:1e:0f:91:34:a7:
3d:f9:55:7e:08:95:97:d1:ab:f6:e9:2e:e6:be:66:
fb:3e:77:6f:19:39:64:4d:ee:50:04:40:4f:be:fa:
ee:af:b2:00:b8:54:27:f5:e2:b7:aa:cb:7a:52:4e:
4d:43:9d:b1:61:fd:ee:ba:ce:8f:29:cd:d4:f8:8a:
07:a0:43:c7:4d:78:82:eb:d5:c3:27:48:de:97:69:
b2:6f:63:cc:b2:ba:45:7f:52:dd:a4:0f:79:6b:fc:
ac:e0:e0:1c:1b:9c:c1:66:64:f7:0e:f8:d3:cd:9f:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:82:17:4B:68:17:F0:53:2D:B5:33:BB:2E:02:AF:45:FE:1F:6E:22
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/IIIXS2gX8FMttTO7LgKvRf4fbiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0/20
145.224.160.0-145.224.223.255
Signature Algorithm: sha256WithRSAEncryption
a7:bf:7e:ad:fd:d0:b6:dc:22:64:d6:ec:1f:c2:e9:95:20:92:
46:11:fc:f2:38:34:d8:41:2c:ab:ed:3c:71:2f:8c:b5:57:00:
61:5b:b2:2b:9f:b6:21:a9:01:d4:5a:95:c8:e8:ea:85:c8:e7:
7a:44:93:44:81:20:23:0d:6b:57:84:16:f5:e6:96:5d:a6:a3:
20:76:8e:49:1e:16:2d:91:ee:2b:ae:d4:40:48:1f:36:54:4a:
88:f2:bc:da:08:a8:ac:5d:cf:ba:03:bb:4b:c0:2d:9d:8e:ef:
0e:b5:6b:f7:5f:cb:97:f2:63:5b:e0:8f:b5:cd:bb:d9:97:f5:
a7:21:bf:2b:a6:cc:9c:72:b3:5e:b2:1f:8e:a2:f7:a2:b9:7b:
13:83:05:bf:69:c4:24:47:9e:b7:c0:ba:7c:f4:0b:be:5b:38:
0e:9f:34:02:94:be:59:6b:b9:c3:7b:f6:eb:61:4b:b8:23:73:
e9:ed:c8:d1:53:ee:0f:92:96:39:7f:ab:ff:02:e6:b0:27:2c:
30:42:af:41:73:48:34:14:48:fb:17:34:d8:c6:b6:b4:59:45:
1c:36:bf:fe:8e:aa:4d:cb:92:97:3e:e0:e4:8d:d8:90:5c:80:
10:ba:de:40:97:74:5a:59:4e:e2:6c:40:ad:31:a2:73:0d:76:
2a:31:b8:04
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZDLiM8ukcpIn2thWM0YhNHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQwNzE5MTUwNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDgyMTc0YjY4MTdmMDUzMmRiNTMzYmIyZTAyYWY0NWZlMWY2ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutVAtzElM/6sKA7tbFGZjjYb2Ozo
BPvQUqE5gn+U5iBDa9tO4HoHFA8D0R+AlTRJd4KXl+AcFpSpPU5QCxTAtejmeCo3
fB8rWKS9mRbGjb1a0igtL3f+wVDOlz9sjIwqAdS2QibcMipJJuf62yI6pBQS7vAe
hk1RK9+rbAFPhvWVlwmjHk0LfijHCmw+NTR5Hg+RNKc9+VV+CJWX0av26S7mvmb7
PndvGTlkTe5QBEBPvvrur7IAuFQn9eK3qst6Uk5NQ52xYf3uus6PKc3U+IoHoEPH
TXiC69XDJ0jel2myb2PMsrpFf1LdpA95a/ys4OAcG5zBZmT3DvjTzZ952wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCCCF0toF/BTLbUzuy4Cr0X+H24iMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvSUlJWFMyZ1g4Rk10dFRPN0xnS3ZSZjRmYmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQEkeCAMAwD
BAWR4KADBAWR4MAwDQYJKoZIhvcNAQELBQADggEBAKe/fq390LbcImTW7B/C6ZUg
kkYR/PI4NNhBLKvtPHEvjLVXAGFbsiuftiGpAdRalcjo6oXI53pEk0SBICMNa1eE
FvXmll2moyB2jkkeFi2R7iuu1EBIHzZUSojyvNoIqKxdz7oDu0vALZ2O7w61a/df
y5fyY1vgj7XNu9mX9achvyumzJxys16yH46i96K5exODBb9pxCRHnrfAunz0C75b
OA6fNAKUvllrucN79uthS7gjc+ntyNFT7g+Sljl/q/8C5rAnLDBCr0FzSDQUSPsX
NNjGtrRZRRw2v/6Oqk3Lkpc+4OSN2JBcgBC63kCXdFpZTuJsQK0xonMNdioxuAQ=
-----END CERTIFICATE-----
Generated at Thu Nov 14 12:27:55 2024 by rpki-client on console-fra.rpki-client.org