Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/7IxbqdyZBE9Zk69vTsT_xk23m-A.roa
File: 7IxbqdyZBE9Zk69vTsT_xk23m-A.roa (raw, json)
Hash identifier: 5QXggjbytLCKn3Xb5JBghlEJV/TueJEzChgbLthvnpc=
Subject key identifier: EC:8C:5B:A9:DC:99:04:4F:59:93:AF:6F:4E:C4:FF:C6:4D:B7:9B:E0
Certificate issuer: /CN=9eb289f3d9e13be67a244b72bd24945b2c320a63
Certificate serial: 018CC726CB11248E8C01CB47A6D5F4C28988
Authority key identifier: 9E:B2:89:F3:D9:E1:3B:E6:7A:24:4B:72:BD:24:94:5B:2C:32:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrKJ89nhO-Z6JEtyvSSUWywyCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/7IxbqdyZBE9Zk69vTsT_xk23m-A.roa
Signing time: Mon 01 Jan 2024 22:30:57 +0000
ROA not before: Mon 01 Jan 2024 22:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208359
IP address blocks: 188.119.109.0/24 maxlen: 24
188.119.108.0/24 maxlen: 24
188.119.111.0/24 maxlen: 24
188.119.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:cb:11:24:8e:8c:01:cb:47:a6:d5:f4:c2:89:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb289f3d9e13be67a244b72bd24945b2c320a63
Validity
Not Before: Jan 1 22:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec8c5ba9dc99044f5993af6f4ec4ffc64db79be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5c:41:5a:d4:93:4f:c4:cc:89:49:1a:5a:ff:
06:54:19:a3:89:1f:41:dd:92:d2:00:57:64:72:ba:
b9:e4:7a:f9:3e:4a:8e:7d:a8:68:ef:e7:14:02:c2:
58:b4:90:8f:5f:4c:5d:a9:03:68:4a:bb:98:94:6d:
fd:62:85:ce:3d:0e:08:52:9f:30:9b:9d:37:5c:d1:
7f:ca:5f:e0:73:c0:85:63:e3:e5:70:54:48:0e:6b:
dc:71:c2:40:07:ef:6c:d1:fb:26:4f:15:fe:7d:05:
b5:57:b8:b3:9a:4c:6c:38:0b:e5:25:54:da:c6:48:
89:f5:4b:8e:a7:69:c2:39:8e:7a:9a:a5:63:3f:d0:
b0:af:a6:6d:25:aa:34:9a:a5:2b:52:9f:a7:6b:8c:
21:20:7b:b9:1f:69:ee:0f:fa:c7:ab:71:31:c0:eb:
2b:7c:e4:17:25:7c:a9:61:81:d5:a8:b3:af:a2:69:
d4:a8:18:b9:87:1f:dd:ea:60:51:3f:52:f8:fa:44:
be:a6:32:1b:d3:93:4e:df:c0:13:3d:e4:87:6e:c5:
35:7a:88:37:f0:0b:34:4e:e7:88:89:f1:ab:05:78:
6f:5f:73:0f:49:be:9b:c7:ed:32:84:82:4a:ff:63:
f2:5f:7b:7a:4c:cd:39:d5:84:9e:b0:90:fa:86:ee:
cb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8C:5B:A9:DC:99:04:4F:59:93:AF:6F:4E:C4:FF:C6:4D:B7:9B:E0
X509v3 Authority Key Identifier:
keyid:9E:B2:89:F3:D9:E1:3B:E6:7A:24:4B:72:BD:24:94:5B:2C:32:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrKJ89nhO-Z6JEtyvSSUWywyCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/7IxbqdyZBE9Zk69vTsT_xk23m-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/nrKJ89nhO-Z6JEtyvSSUWywyCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:5c:a5:a8:8d:d3:79:78:c9:d9:92:c9:a3:92:74:0d:66:cb:
f3:30:19:dd:66:04:bb:ca:71:fe:c7:44:1e:bd:c7:c8:22:22:
4d:fd:b7:30:ad:f3:86:5e:74:df:a2:e8:ca:b9:c1:77:2d:f1:
3b:fe:be:44:3b:6d:ea:d2:5f:93:2c:3b:b0:28:e4:67:54:76:
55:cb:93:70:c3:bd:93:4c:68:2c:92:95:a5:50:0a:c4:e4:ed:
ba:9c:9b:e9:04:cc:b4:24:33:6f:ed:4c:e4:42:9e:3e:b0:1b:
7d:7c:d3:36:7b:39:fc:e8:18:cd:4b:c5:00:42:0f:0d:ca:93:
9a:f8:66:ba:87:23:c3:6f:4c:97:54:f4:15:73:bf:81:c1:84:
03:d4:e4:3f:12:57:14:6c:e8:79:fa:f7:e2:91:ee:5f:d7:c0:
91:07:a3:71:ef:77:16:7a:91:77:02:5c:41:4b:7b:8e:d4:92:
a7:5c:1a:92:41:eb:ac:00:2c:fd:ba:be:67:48:e8:09:17:ea:
40:60:6b:7b:a3:25:24:ea:71:7f:5c:0c:c9:a4:9b:74:2d:df:
65:5c:b3:72:d1:03:c6:c8:63:14:2b:c4:30:2d:51:fb:6c:35:
3c:82:1d:44:a0:9b:58:6f:4d:cb:11:18:93:94:65:45:26:bf:
c4:cb:56:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJssRJI6MActHptX0womIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjI4OWYzZDllMTNiZTY3YTI0NGI3MmJkMjQ5NDViMmMz
MjBhNjMwHhcNMjQwMTAxMjIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzhjNWJhOWRjOTkwNDRmNTk5M2FmNmY0ZWM0ZmZjNjRkYjc5YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllxBWtSTT8TMiUkaWv8GVBmjiR9B
3ZLSAFdkcrq55Hr5PkqOfaho7+cUAsJYtJCPX0xdqQNoSruYlG39YoXOPQ4IUp8w
m503XNF/yl/gc8CFY+PlcFRIDmvcccJAB+9s0fsmTxX+fQW1V7izmkxsOAvlJVTa
xkiJ9UuOp2nCOY56mqVjP9Cwr6ZtJao0mqUrUp+na4whIHu5H2nuD/rHq3ExwOsr
fOQXJXypYYHVqLOvomnUqBi5hx/d6mBRP1L4+kS+pjIb05NO38ATPeSHbsU1eog3
8As0TueIifGrBXhvX3MPSb6bx+0yhIJK/2PyX3t6TM051YSesJD6hu7LhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyMW6ncmQRPWZOvb07E/8ZNt5vgMB8GA1UdIwQY
MBaAFJ6yifPZ4TvmeiRLcr0klFssMgpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJLSjg5bmhPLVo2SkV0eXZTU1VXeXd5Q21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83OWE2MDUtNjA3Mi00MTQyLTg1NmUt
ZDhlMTgzNTY5M2NkLzEvN0l4YnFkeVpCRTlaazY5dlRzVF94azIzbS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83OWE2MDUtNjA3Mi00MTQyLTg1NmUtZDhlMTgzNTY5M2Nk
LzEvbnJLSjg5bmhPLVo2SkV0eXZTU1VXeXd5Q21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvHdsMA0G
CSqGSIb3DQEBCwUAA4IBAQB/XKWojdN5eMnZksmjknQNZsvzMBndZgS7ynH+x0Qe
vcfIIiJN/bcwrfOGXnTfoujKucF3LfE7/r5EO23q0l+TLDuwKORnVHZVy5Nww72T
TGgskpWlUArE5O26nJvpBMy0JDNv7UzkQp4+sBt9fNM2ezn86BjNS8UAQg8NypOa
+Ga6hyPDb0yXVPQVc7+BwYQD1OQ/ElcUbOh5+vfike5f18CRB6Nx73cWepF3AlxB
S3uO1JKnXBqSQeusACz9ur5nSOgJF+pAYGt7oyUk6nF/XAzJpJt0Ld9lXLNy0QPG
yGMUK8QwLVH7bDU8gh1EoJtYb03LERiTlGVFJr/Ey1aI
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:20 2025 by rpki-client