Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/iBFM5yoMERc3asWf_m0gxYWDdq4.roa
File: iBFM5yoMERc3asWf_m0gxYWDdq4.roa (raw, json)
Hash identifier: ANCdWuT7nBWUAtPKAnnjnHiLYsIx3GngnI9i/qr/eKM=
Subject key identifier: 88:11:4C:E7:2A:0C:11:17:37:6A:C5:9F:FE:6D:20:C5:85:83:76:AE
Certificate issuer: /CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Certificate serial: 018CC3491B02D36F859F6EBA36844407AD16
Authority key identifier: F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/iBFM5yoMERc3asWf_m0gxYWDdq4.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208537
IP address blocks: 213.159.24.0/23 maxlen: 23
94.101.104.0/24 maxlen: 24
192.83.120.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 20:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1b:02:d3:6f:85:9f:6e:ba:36:84:44:07:ad:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88114ce72a0c1117376ac59ffe6d20c5858376ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:75:3a:42:69:b0:30:7e:4c:1a:da:54:b5:
9a:75:3e:c1:57:61:ad:71:3e:74:6a:7d:6c:5b:5d:
1a:5c:36:d8:d2:e3:d5:2f:54:a1:2f:28:36:0c:1b:
18:66:73:84:77:2b:e3:b8:54:dc:7f:c9:58:5b:24:
c8:42:9c:a8:a9:17:14:6d:f5:45:f6:ed:f1:69:84:
4c:15:6b:b2:e7:36:aa:7b:ec:92:fc:14:90:00:bc:
68:88:b9:27:f2:c4:2d:13:81:ff:ef:fb:ea:52:1c:
60:da:f1:04:c1:f7:22:ec:65:be:df:88:c3:85:98:
41:7a:b0:27:1f:ae:d8:4f:cc:69:b3:cf:e1:4f:62:
fd:71:e2:6a:72:6b:d0:37:33:12:a9:73:b7:2d:e9:
01:01:4b:ba:53:a2:09:53:13:d0:dc:fb:f4:95:ad:
27:0e:27:8c:20:02:e4:7c:bc:da:fd:7c:b1:88:95:
2e:1c:c2:d5:c5:3d:87:b0:a8:92:04:c2:a4:3f:05:
d6:5d:f0:ab:30:66:dd:50:0e:fc:59:3a:b2:03:b6:
90:f6:a9:85:50:09:2a:11:fa:c5:0f:e9:d0:74:92:
c7:32:8b:e8:af:f7:a9:6c:c9:1f:73:1f:5c:37:a6:
a3:72:1d:3b:22:23:78:0d:86:fc:84:8f:e0:42:9e:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:11:4C:E7:2A:0C:11:17:37:6A:C5:9F:FE:6D:20:C5:85:83:76:AE
X509v3 Authority Key Identifier:
keyid:F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/iBFM5yoMERc3asWf_m0gxYWDdq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/9q2iC9mLq990w9Vs14raZu2HoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.104.0/24
192.83.120.0/24
194.102.239.0/24
213.159.24.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:39:4f:2b:54:04:cc:16:f6:26:bd:86:09:dc:cc:94:f2:e8:
2c:8e:c1:c7:98:68:01:80:d4:3e:bd:34:3e:ba:10:ae:07:5f:
92:ae:38:11:32:8c:35:4b:cc:d2:c5:cc:ef:ff:c7:98:f4:8d:
77:94:8b:a4:a2:6c:16:6e:68:11:02:9e:4f:87:0f:54:54:0f:
f9:dc:2a:66:27:f2:93:6c:8b:91:c7:87:be:d7:d3:18:32:df:
90:d1:27:da:77:44:64:e4:c5:8b:70:ad:8f:50:ad:ac:e6:44:
9b:8b:94:81:9b:24:f1:c4:c4:8c:97:30:f3:32:d9:87:6c:1a:
9b:32:81:09:97:1a:4f:35:6a:96:16:33:eb:26:b3:38:a6:85:
98:4b:9e:34:d0:2e:5e:83:3d:ff:d0:b4:9a:62:60:0f:fa:65:
31:69:ba:c2:31:d5:c5:f3:32:b2:8f:66:f0:87:31:42:10:52:
98:d1:2b:60:e8:1c:ae:76:38:5c:9b:d3:65:82:9c:e3:7d:ab:
49:ff:35:fc:6c:e7:d1:51:e9:1e:82:13:ff:8b:5e:47:30:2d:
a5:ca:f5:c3:ca:9f:f1:24:31:9b:7d:7a:fe:97:d4:c7:aa:ad:
19:87:c6:30:00:6b:90:32:63:49:26:16:f8:75:89:7a:92:da:
b7:88:2e:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSRsC02+Fn266NoREB60WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWRhMjBiZDk4YmFiZGY3NGMzZDU2Y2Q3OGFkYTY2ZWQ4
N2ExNDgwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODExNGNlNzJhMGMxMTE3Mzc2YWM1OWZmZTZkMjBjNTg1ODM3NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXV1OkJpsDB+TBraVLWadT7BV2Gt
cT50an1sW10aXDbY0uPVL1ShLyg2DBsYZnOEdyvjuFTcf8lYWyTIQpyoqRcUbfVF
9u3xaYRMFWuy5zaqe+yS/BSQALxoiLkn8sQtE4H/7/vqUhxg2vEEwfci7GW+34jD
hZhBerAnH67YT8xps8/hT2L9ceJqcmvQNzMSqXO3LekBAUu6U6IJUxPQ3Pv0la0n
DieMIALkfLza/XyxiJUuHMLVxT2HsKiSBMKkPwXWXfCrMGbdUA78WTqyA7aQ9qmF
UAkqEfrFD+nQdJLHMovor/epbMkfcx9cN6ajch07IiN4DYb8hI/gQp6OLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIgRTOcqDBEXN2rFn/5tIMWFg3auMB8GA1UdIwQY
MBaAFPatogvZi6vfdMPVbNeK2mbth6FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzkt
OWRiMTdhNWRlNDYzLzEvaUJGTTV5b01FUmMzYXNXZl9tMGd4WVdEZHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzktOWRiMTdhNWRlNDYz
LzEvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXmVoAwQA
wFN4AwQAwmbvAwQB1Z8YMA0GCSqGSIb3DQEBCwUAA4IBAQCsOU8rVATMFvYmvYYJ
3MyU8ugsjsHHmGgBgNQ+vTQ+uhCuB1+SrjgRMow1S8zSxczv/8eY9I13lIukomwW
bmgRAp5Phw9UVA/53CpmJ/KTbIuRx4e+19MYMt+Q0Sfad0Rk5MWLcK2PUK2s5kSb
i5SBmyTxxMSMlzDzMtmHbBqbMoEJlxpPNWqWFjPrJrM4poWYS5400C5egz3/0LSa
YmAP+mUxabrCMdXF8zKyj2bwhzFCEFKY0Stg6Byudjhcm9NlgpzjfatJ/zX8bOfR
UekeghP/i15HMC2lyvXDyp/xJDGbfXr+l9THqq0Zh8YwAGuQMmNJJhb4dYl6ktq3
iC7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:17 2024 by rpki-client on console-ams.rpki-client.org