Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/izLO7lSz5NaZYweFer9MOdLhOQk.roa
File: izLO7lSz5NaZYweFer9MOdLhOQk.roa (raw, json)
Hash identifier: ZaRREt/OO7vZl14TrnEy10H42HcbKFgvfcLj7gouIfA=
Subject key identifier: 8B:32:CE:EE:54:B3:E4:D6:99:63:07:85:7A:BF:4C:39:D2:E1:39:09
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC8789FF8BB465DBAEBC6A121DEA76
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/izLO7lSz5NaZYweFer9MOdLhOQk.roa
Signing time: Thu 02 Jan 2025 07:48:14 +0000
ROA not before: Thu 02 Jan 2025 07:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 328867
IP address blocks: 82.115.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 22:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:87:89:ff:8b:b4:65:db:ae:bc:6a:12:1d:ea:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b32ceee54b3e4d6996307857abf4c39d2e13909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5f:60:be:df:ba:db:6d:56:62:a0:7e:dc:ee:
50:b0:51:a4:17:be:a6:95:c0:2f:3d:03:74:3c:98:
7a:40:34:b8:39:51:b7:95:93:25:5d:7d:1e:44:01:
a0:2d:8d:ab:0c:d6:10:89:49:6f:79:bb:68:1f:82:
9a:e2:a3:a5:d9:e2:17:91:0a:1f:b8:42:c5:24:95:
56:44:ff:56:7a:78:f9:9d:7b:1a:59:5d:1c:a8:80:
89:1d:9b:84:81:50:4c:1b:d0:33:92:85:01:50:59:
03:47:0b:1d:28:fa:31:44:0f:7c:12:1e:91:b3:f4:
a0:02:a0:f1:36:62:3f:b8:b1:ae:3f:eb:4e:b6:02:
6a:e9:4a:df:c7:bd:12:a8:a8:6f:52:de:a7:0d:41:
ab:50:46:b1:db:95:77:77:c1:a1:5a:31:61:18:bb:
5b:7d:57:d1:38:75:09:fc:32:cb:eb:1f:57:bd:79:
b6:0e:73:b2:ef:a4:c4:12:40:7e:a9:f7:43:ca:99:
f8:89:0a:f5:2e:09:58:1e:35:11:da:0d:1d:6e:6d:
dc:d6:e3:5c:9e:7c:71:70:12:5c:1c:28:6a:4c:53:
f6:2b:98:da:af:27:5c:b2:b2:19:03:f7:74:c3:09:
c8:bb:35:25:b8:a0:6f:64:d7:3d:fe:38:52:93:4e:
a6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:32:CE:EE:54:B3:E4:D6:99:63:07:85:7A:BF:4C:39:D2:E1:39:09
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/izLO7lSz5NaZYweFer9MOdLhOQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.12.0/24
Signature Algorithm: sha256WithRSAEncryption
89:59:95:b6:a9:6a:62:ba:f5:e7:5e:9b:46:9e:87:ac:04:ed:
72:41:be:76:95:52:a6:40:70:89:2b:e9:33:85:15:64:c5:6b:
a9:5b:a5:44:6d:c3:c7:75:7d:cc:c5:05:df:19:66:36:66:45:
8b:c6:34:cc:20:05:70:6c:59:dc:66:b6:d3:51:5d:67:95:c2:
5b:7b:27:93:6f:cb:d6:c5:e2:ff:62:38:35:a7:f8:cf:82:75:
09:6f:18:0d:2a:c2:f9:31:9b:0d:5c:47:d5:c3:69:75:33:cf:
3e:27:00:2c:e9:1e:53:d2:2c:eb:ae:c0:10:01:ee:8f:b8:2f:
5b:b7:f2:5e:c1:69:a7:e9:ca:81:a6:28:15:2a:1d:74:0b:47:
56:dc:e4:90:8c:52:52:b6:6b:25:b7:72:12:3c:16:b7:6b:78:
5f:c3:e3:9f:d8:73:f9:6b:fc:e4:ae:c6:0e:2b:be:c9:98:00:
b4:d8:e2:9b:88:dd:a8:f8:c8:a5:b7:9f:ea:c0:17:5d:30:ea:
10:bd:0a:eb:39:6c:da:e5:f7:5d:b0:fb:df:3f:9b:c2:18:37:
cc:c1:2e:60:15:8d:48:04:1f:38:15:52:2a:cf:ac:21:20:08:
77:0b:e4:bb:23:91:e2:27:19:36:2c:83:5a:b4:4d:a7:1b:6e:
bc:01:2d:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/IeJ/4u0ZduuvGoSHep2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMyY2VlZTU0YjNlNGQ2OTk2MzA3ODU3YWJmNGMzOWQyZTEzOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF9gvt+6221WYqB+3O5QsFGkF76m
lcAvPQN0PJh6QDS4OVG3lZMlXX0eRAGgLY2rDNYQiUlvebtoH4Ka4qOl2eIXkQof
uELFJJVWRP9Wenj5nXsaWV0cqICJHZuEgVBMG9AzkoUBUFkDRwsdKPoxRA98Eh6R
s/SgAqDxNmI/uLGuP+tOtgJq6Urfx70SqKhvUt6nDUGrUEax25V3d8GhWjFhGLtb
fVfROHUJ/DLL6x9XvXm2DnOy76TEEkB+qfdDypn4iQr1LglYHjUR2g0dbm3c1uNc
nnxxcBJcHChqTFP2K5jarydcsrIZA/d0wwnIuzUluKBvZNc9/jhSk06mSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsyzu5Us+TWmWMHhXq/TDnS4TkJMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaXpMTzdsU3o1TmFaWXdlRmVyOU1PZExoT1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnMMMA0G
CSqGSIb3DQEBCwUAA4IBAQCJWZW2qWpiuvXnXptGnoesBO1yQb52lVKmQHCJK+kz
hRVkxWupW6VEbcPHdX3MxQXfGWY2ZkWLxjTMIAVwbFncZrbTUV1nlcJbeyeTb8vW
xeL/Yjg1p/jPgnUJbxgNKsL5MZsNXEfVw2l1M88+JwAs6R5T0izrrsAQAe6PuC9b
t/JewWmn6cqBpigVKh10C0dW3OSQjFJStmslt3ISPBa3a3hfw+Of2HP5a/zkrsYO
K77JmAC02OKbiN2o+Milt5/qwBddMOoQvQrrOWza5fddsPvfP5vCGDfMwS5gFY1I
BB84FVIqz6whIAh3C+S7I5HiJxk2LINatE2nG268AS1F
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:53:47 2025 by rpki-client