Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/IgpKPR0KwR2Qs-Vniq8USA-nLfQ.roa
File: IgpKPR0KwR2Qs-Vniq8USA-nLfQ.roa (raw, json)
Hash identifier: kpw+SRV+yKWDKGCezG2AnQLQ8AT0LPMs2bR/Ljg/hn0=
Subject key identifier: 22:0A:4A:3D:1D:0A:C1:1D:90:B3:E5:67:8A:AF:14:48:0F:A7:2D:F4
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018570F0B6D6DB491AA2E2E5D218989DD771
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/IgpKPR0KwR2Qs-Vniq8USA-nLfQ.roa
Signing time: Mon 02 Jan 2023 05:25:01 +0000
ROA not before: Mon 02 Jan 2023 05:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397423
IP address blocks: 195.244.14.0/23 maxlen: 23
91.239.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Dec 2023 06:51:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b6:d6:db:49:1a:a2:e2:e5:d2:18:98:9d:d7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 2 05:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=220a4a3d1d0ac11d90b3e5678aaf14480fa72df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:03:48:c9:39:3b:7c:fc:aa:88:87:fc:59:
86:58:0e:5a:18:84:4e:e1:c1:8c:f4:f6:ce:6c:cb:
47:e2:c2:a9:8c:b8:ae:6f:4b:dc:58:79:3e:60:4f:
1c:ac:22:9e:46:7a:44:7d:e5:1a:31:26:b5:b8:c1:
1a:d9:a8:6c:aa:10:c2:fd:de:e5:bb:a2:53:bc:e4:
71:ac:65:bd:9e:1e:7c:0a:39:0d:59:f7:ce:73:49:
62:4a:03:ac:a5:d9:ed:4a:7f:08:05:f5:36:5d:a8:
b8:62:90:86:aa:ea:a5:db:ee:de:a3:8a:29:70:0d:
d3:d4:c3:8b:11:d9:9a:b2:fa:41:f9:e1:67:32:f5:
49:3e:20:f4:ad:4d:1b:4c:36:a5:49:8a:17:76:ed:
6e:e7:8d:89:c3:87:32:1c:38:39:50:61:1e:d2:a1:
cb:d5:fc:b7:c4:27:21:cc:29:94:7b:77:ec:cb:46:
66:e3:53:f7:e8:7a:04:1d:bd:b8:bd:df:7e:0f:2f:
d9:2a:7d:5c:4b:c9:da:18:3d:9e:3c:ed:86:62:30:
47:e1:9d:0e:d1:c9:f6:47:23:fa:43:64:54:60:93:
66:16:9f:21:b3:2a:2a:43:e6:c2:23:ee:cb:59:bc:
e1:c2:70:f5:22:23:a4:1b:23:ec:26:b0:2f:78:4d:
76:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0A:4A:3D:1D:0A:C1:1D:90:B3:E5:67:8A:AF:14:48:0F:A7:2D:F4
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/IgpKPR0KwR2Qs-Vniq8USA-nLfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.37.0/24
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
24:ba:cf:de:7c:ae:a7:2a:7a:65:4c:32:81:1d:9f:82:42:b5:
32:03:07:16:ce:6e:be:03:01:87:44:f3:80:9b:8d:e8:50:4b:
63:ab:8d:04:07:31:e2:e8:a9:46:aa:4f:66:15:1b:26:e9:c2:
53:61:89:ad:ba:33:71:24:60:42:dd:c2:11:1b:15:e2:f3:08:
d0:43:30:ca:a4:00:8e:67:0d:bb:88:20:7b:fc:35:ca:45:6d:
13:93:6d:a1:59:46:05:31:07:60:c4:15:b5:b9:0e:8f:29:00:
79:c6:56:fa:c5:5c:ec:81:ac:8c:8e:6b:cc:1a:4d:ec:69:63:
c7:66:2e:af:c7:57:29:99:b8:0a:0c:9f:6c:5e:88:52:4f:f4:
dc:ff:29:b6:e0:64:56:b0:22:21:e5:d7:b7:12:88:96:81:74:
02:75:22:fb:a6:97:bf:aa:f2:21:64:e1:f1:29:26:dc:39:d8:
2b:00:ee:01:aa:73:47:9f:98:3e:15:3c:65:d2:a6:63:66:8f:
47:1b:b0:ed:e8:6e:46:ab:2c:8d:56:92:ad:c9:16:08:8e:2f:
79:36:42:0f:d7:ba:6d:68:db:5c:d7:59:f6:9c:3f:3a:b4:84:
e0:8e:ec:5e:35:2a:7e:43:5e:f5:75:56:84:d9:7c:26:33:4e:
97:59:b8:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw8LbW20kaouLl0hiYnddxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjMwMTAyMDUyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBhNGEzZDFkMGFjMTFkOTBiM2U1Njc4YWFmMTQ0ODBmYTcyZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLcDSMk5O3z8qoiH/FmGWA5aGIRO
4cGM9PbObMtH4sKpjLiub0vcWHk+YE8crCKeRnpEfeUaMSa1uMEa2ahsqhDC/d7l
u6JTvORxrGW9nh58CjkNWffOc0liSgOspdntSn8IBfU2Xai4YpCGquql2+7eo4op
cA3T1MOLEdmasvpB+eFnMvVJPiD0rU0bTDalSYoXdu1u542Jw4cyHDg5UGEe0qHL
1fy3xCchzCmUe3fsy0Zm41P36HoEHb24vd9+Dy/ZKn1cS8naGD2ePO2GYjBH4Z0O
0cn2RyP6Q2RUYJNmFp8hsyoqQ+bCI+7LWbzhwnD1IiOkGyPsJrAveE12YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCIKSj0dCsEdkLPlZ4qvFEgPpy30MB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvSWdwS1BSMEt3UjJRcy1WbmlxOFVTQS1uTGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+8lAwQB
w/QOMA0GCSqGSIb3DQEBCwUAA4IBAQAkus/efK6nKnplTDKBHZ+CQrUyAwcWzm6+
AwGHRPOAm43oUEtjq40EBzHi6KlGqk9mFRsm6cJTYYmtujNxJGBC3cIRGxXi8wjQ
QzDKpACOZw27iCB7/DXKRW0Tk22hWUYFMQdgxBW1uQ6PKQB5xlb6xVzsgayMjmvM
Gk3saWPHZi6vx1cpmbgKDJ9sXohST/Tc/ym24GRWsCIh5de3EoiWgXQCdSL7ppe/
qvIhZOHxKSbcOdgrAO4BqnNHn5g+FTxl0qZjZo9HG7Dt6G5GqyyNVpKtyRYIji95
NkIP17ptaNtc11n2nD86tITgjuxeNSp+Q171dVaE2XwmM06XWbi7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:02 2024 by rpki-client on console-ams.rpki-client.org