Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/1TIqvyB8O16WTAYLTsRt8trsNg4.roa
File: 1TIqvyB8O16WTAYLTsRt8trsNg4.roa (raw, json)
Hash identifier: Im6LW5nJYq6vLTM1XnfBZO50nlDtee3JIEc6VlbPm6o=
Subject key identifier: D5:32:2A:BF:20:7C:3B:5E:96:4C:06:0B:4E:C4:6D:F2:DA:EC:36:0E
Certificate issuer: /CN=1983b02e10ca821bfe1be6e751d92cf73d6d4c0b
Certificate serial: 018CC7937B68C859A0DE803485B12E5EE812
Authority key identifier: 19:83:B0:2E:10:CA:82:1B:FE:1B:E6:E7:51:D9:2C:F7:3D:6D:4C:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GYOwLhDKghv-G-bnUdks9z1tTAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/1TIqvyB8O16WTAYLTsRt8trsNg4.roa
Signing time: Tue 02 Jan 2024 00:29:40 +0000
ROA not before: Tue 02 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48695
IP address blocks: 194.11.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 13:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:7b:68:c8:59:a0:de:80:34:85:b1:2e:5e:e8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1983b02e10ca821bfe1be6e751d92cf73d6d4c0b
Validity
Not Before: Jan 2 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5322abf207c3b5e964c060b4ec46df2daec360e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:17:71:57:9d:eb:37:ba:ae:33:13:64:69:16:
77:4a:32:0f:ff:46:1a:f3:4a:b6:77:83:d5:7a:b1:
5b:e1:fc:a3:44:2c:97:40:3c:c7:c2:28:c3:d9:73:
a5:a7:27:97:33:61:f5:6e:39:2d:b2:6c:4b:b5:f8:
2b:d8:d9:2a:f3:ef:49:ac:2c:70:a5:63:77:fc:54:
61:cd:d2:0a:5b:76:82:4b:b8:51:50:c4:35:78:f0:
91:b8:29:e9:54:96:6f:80:18:d2:8c:27:01:79:48:
c1:f3:88:f1:de:0c:6a:b0:52:47:e5:09:0d:67:0a:
c4:9a:a7:cd:be:f1:0e:ae:c9:16:3f:61:d8:42:5d:
96:4d:9e:4a:b6:a1:63:74:a7:cd:36:ae:47:f4:73:
5b:d9:52:26:f2:29:ac:37:35:6e:78:b9:80:13:bf:
e8:0d:4c:db:24:b2:0e:1c:23:1d:8e:3d:21:77:28:
86:4f:7a:ab:f5:f7:10:84:0a:af:61:2e:73:5a:e3:
e8:db:ab:e5:e3:30:1a:42:b6:f9:d3:5b:a5:94:f1:
14:4f:8e:ee:35:91:31:9c:d1:33:e2:95:a5:87:7d:
b7:8f:1d:84:49:63:15:89:94:75:d0:d7:d2:51:15:
50:93:25:cf:42:8c:42:4d:d3:3b:7f:ec:30:e0:34:
88:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:32:2A:BF:20:7C:3B:5E:96:4C:06:0B:4E:C4:6D:F2:DA:EC:36:0E
X509v3 Authority Key Identifier:
keyid:19:83:B0:2E:10:CA:82:1B:FE:1B:E6:E7:51:D9:2C:F7:3D:6D:4C:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYOwLhDKghv-G-bnUdks9z1tTAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/1TIqvyB8O16WTAYLTsRt8trsNg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/GYOwLhDKghv-G-bnUdks9z1tTAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.247.0/24
Signature Algorithm: sha256WithRSAEncryption
02:0c:94:cf:95:c0:52:a7:ca:b1:ba:61:b5:bd:60:32:e6:07:
47:57:3d:48:00:5e:e5:40:50:e6:21:2e:78:0a:de:a5:15:4b:
3d:d7:94:d4:31:96:50:59:1d:fe:0b:75:38:11:ae:c5:55:5d:
eb:a7:06:74:9c:fb:96:87:0f:be:a9:d4:5a:bc:4d:5e:8e:b7:
08:75:50:a5:21:a4:b2:3c:89:7c:ce:3c:14:16:9a:52:e8:7e:
f8:55:18:5b:be:3c:03:2b:75:92:58:1d:41:6b:00:2f:b7:7d:
c2:25:6a:33:56:d5:bb:65:6f:91:ed:b0:ef:45:85:0f:61:87:
48:09:5f:52:4d:f9:b9:37:d1:aa:59:d7:d7:1c:58:6d:a1:a2:
3c:90:5a:52:a4:dc:da:d7:33:17:80:10:56:ad:df:31:ee:d5:
0b:9d:c7:7f:b8:a7:84:bb:33:24:93:b8:bc:53:48:d9:66:a9:
33:1e:91:ba:f3:0f:0d:c5:b0:dd:8a:7f:61:d0:c0:8b:22:85:
c1:e0:d0:4c:24:1b:62:0a:13:43:79:c7:0c:bc:19:24:ee:a6:
69:0f:41:ec:44:03:8a:c3:62:f1:f1:e8:f0:41:34:48:97:f0:
3a:9e:fe:92:ff:7c:75:3e:ff:45:fd:9c:5f:97:31:58:47:af:
4e:9b:46:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk3toyFmg3oA0hbEuXugSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ODNiMDJlMTBjYTgyMWJmZTFiZTZlNzUxZDkyY2Y3M2Q2
ZDRjMGIwHhcNMjQwMTAyMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTMyMmFiZjIwN2MzYjVlOTY0YzA2MGI0ZWM0NmRmMmRhZWMzNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBdxV53rN7quMxNkaRZ3SjIP/0Ya
80q2d4PVerFb4fyjRCyXQDzHwijD2XOlpyeXM2H1bjktsmxLtfgr2Nkq8+9JrCxw
pWN3/FRhzdIKW3aCS7hRUMQ1ePCRuCnpVJZvgBjSjCcBeUjB84jx3gxqsFJH5QkN
ZwrEmqfNvvEOrskWP2HYQl2WTZ5KtqFjdKfNNq5H9HNb2VIm8imsNzVueLmAE7/o
DUzbJLIOHCMdjj0hdyiGT3qr9fcQhAqvYS5zWuPo26vl4zAaQrb501ullPEUT47u
NZExnNEz4pWlh323jx2ESWMViZR10NfSURVQkyXPQoxCTdM7f+ww4DSI6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUyKr8gfDtelkwGC07EbfLa7DYOMB8GA1UdIwQY
MBaAFBmDsC4QyoIb/hvm51HZLPc9bUwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1lPd0xoREtnaHYtRy1iblVka3M5ejF0VEFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wOTZjMTctZGQ4My00MDU4LTgyZTEt
Y2RhMzYyNTYyOTZjLzEvMVRJcXZ5QjhPMTZXVEFZTFRzUnQ4dHJzTmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wOTZjMTctZGQ4My00MDU4LTgyZTEtY2RhMzYyNTYyOTZj
LzEvR1lPd0xoREtnaHYtRy1iblVka3M5ejF0VEFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgv3MA0G
CSqGSIb3DQEBCwUAA4IBAQACDJTPlcBSp8qxumG1vWAy5gdHVz1IAF7lQFDmIS54
Ct6lFUs915TUMZZQWR3+C3U4Ea7FVV3rpwZ0nPuWhw++qdRavE1ejrcIdVClIaSy
PIl8zjwUFppS6H74VRhbvjwDK3WSWB1BawAvt33CJWozVtW7ZW+R7bDvRYUPYYdI
CV9STfm5N9GqWdfXHFhtoaI8kFpSpNza1zMXgBBWrd8x7tULncd/uKeEuzMkk7i8
U0jZZqkzHpG68w8NxbDdin9h0MCLIoXB4NBMJBtiChNDeccMvBkk7qZpD0HsRAOK
w2Lx8ejwQTRIl/A6nv6S/3x1Pv9F/ZxflzFYR69Om0Zm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:58 2025 by rpki-client