Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/f79e8e-6625-45e9-bb9a-96d22861a922/1/Ivr-2LnSFGTBA6kPP9gUCDEiqtc.roa
File: Ivr-2LnSFGTBA6kPP9gUCDEiqtc.roa (raw, json)
Hash identifier: LFtmNMQN7VXD1oYlbIBEoubp7qBtgQQnI/MXG+Q1pJI=
Subject key identifier: 22:FA:FE:D8:B9:D2:14:64:C1:03:A9:0F:3F:D8:14:08:31:22:AA:D7
Certificate issuer: /CN=2e112e2c61d2a80e7c4385c60858c91d75f31e7b
Certificate serial: 0194CFF4ADB895F6B6A0DED1BCADAF87FA55
Authority key identifier: 2E:11:2E:2C:61:D2:A8:0E:7C:43:85:C6:08:58:C9:1D:75:F3:1E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhEuLGHSqA58Q4XGCFjJHXXzHns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/f79e8e-6625-45e9-bb9a-96d22861a922/1/Ivr-2LnSFGTBA6kPP9gUCDEiqtc.roa
Signing time: Tue 04 Feb 2025 07:55:06 +0000
ROA not before: Tue 04 Feb 2025 07:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204036
IP address blocks: 195.170.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Mar 2025 07:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cf:f4:ad:b8:95:f6:b6:a0:de:d1:bc:ad:af:87:fa:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e112e2c61d2a80e7c4385c60858c91d75f31e7b
Validity
Not Before: Feb 4 07:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22fafed8b9d21464c103a90f3fd814083122aad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:59:29:67:96:98:e2:1d:d6:eb:41:b9:cc:f1:
b3:c5:ef:e9:08:97:4d:42:ac:1c:a1:c2:49:c2:f7:
74:1a:af:0d:05:7c:98:02:cb:b3:51:16:5f:9f:16:
6a:c8:c9:29:35:ec:d4:b9:d8:ce:8a:b2:f2:ca:80:
af:1c:da:7d:7f:32:f5:1f:18:48:f8:ce:82:c9:f5:
9b:da:ba:a5:bf:51:b0:5c:04:e8:4e:74:d2:6f:0e:
f5:aa:d6:19:2c:57:55:fa:f8:d1:e1:c0:a7:c6:68:
34:bb:43:83:a7:29:32:0f:a6:ad:df:28:df:3d:9a:
0d:d1:4c:20:67:03:8b:cc:9f:f5:e0:3c:74:cf:3a:
92:7d:b3:e8:17:71:f8:b4:a7:08:ca:2f:8b:db:66:
ea:f8:c4:00:2d:af:b9:d7:86:10:8d:3b:0a:9c:d4:
c9:cc:3d:28:c3:ef:00:4e:b4:8c:5e:41:8b:6b:06:
b0:57:da:b9:45:1a:e1:f5:99:df:52:15:3d:b4:ef:
a9:28:66:f8:e1:8a:e8:2c:53:ed:7c:70:32:ee:48:
e7:88:34:11:c6:98:3c:be:76:65:90:60:f9:05:d9:
22:f2:ad:f7:de:4b:96:d1:d3:54:dd:ae:50:89:aa:
80:7d:04:49:66:b4:62:c1:cf:d8:cc:dc:6b:23:a8:
b6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FA:FE:D8:B9:D2:14:64:C1:03:A9:0F:3F:D8:14:08:31:22:AA:D7
X509v3 Authority Key Identifier:
keyid:2E:11:2E:2C:61:D2:A8:0E:7C:43:85:C6:08:58:C9:1D:75:F3:1E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhEuLGHSqA58Q4XGCFjJHXXzHns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f79e8e-6625-45e9-bb9a-96d22861a922/1/Ivr-2LnSFGTBA6kPP9gUCDEiqtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f79e8e-6625-45e9-bb9a-96d22861a922/1/LhEuLGHSqA58Q4XGCFjJHXXzHns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.186.0/24
Signature Algorithm: sha256WithRSAEncryption
75:db:86:ac:0f:dc:a9:62:f8:1d:9e:e9:05:d0:6d:bd:1f:ba:
d4:89:1a:d8:a2:8b:f7:48:29:3e:77:ae:55:f9:e2:f0:10:55:
8b:92:a9:34:68:e3:70:08:f1:6e:9a:61:b2:53:c5:2a:e7:c3:
ec:61:de:03:f2:7d:f7:d9:6f:a8:f7:51:94:2a:b8:a2:22:3c:
0e:90:29:ae:95:08:98:1f:43:e0:71:ce:06:22:91:98:30:39:
c5:74:11:91:00:5b:fe:d1:e7:a9:7f:07:92:c3:c2:6d:49:6c:
7f:4b:68:c4:32:b6:e4:bf:f2:31:50:1b:99:55:d8:93:c6:a1:
32:4f:27:84:74:cf:0d:1e:57:b2:f3:e7:14:54:2e:ac:c8:92:
50:09:b8:42:8f:a6:43:a9:72:dd:41:bb:3b:48:aa:bf:87:13:
92:e9:91:f4:ca:d7:f0:46:2c:81:5d:b3:46:df:47:44:87:1a:
98:e7:ea:9b:94:06:ec:bf:05:f1:ee:aa:a2:f6:b5:12:b9:d3:
ec:af:47:9e:50:9a:d6:38:31:66:2c:46:bb:d7:3a:54:14:8f:
88:6d:af:8b:29:18:f9:67:42:a2:88:5a:f4:53:29:a8:6e:31:
4a:43:fe:73:0d:22:31:40:87:43:18:c2:87:e1:d6:e6:2e:90:
f4:c4:30:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTP9K24lfa2oN7RvK2vh/pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTEyZTJjNjFkMmE4MGU3YzQzODVjNjA4NThjOTFkNzVm
MzFlN2IwHhcNMjUwMjA0MDc1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZhZmVkOGI5ZDIxNDY0YzEwM2E5MGYzZmQ4MTQwODMxMjJhYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FkpZ5aY4h3W60G5zPGzxe/pCJdN
QqwcocJJwvd0Gq8NBXyYAsuzURZfnxZqyMkpNezUudjOirLyyoCvHNp9fzL1HxhI
+M6CyfWb2rqlv1GwXAToTnTSbw71qtYZLFdV+vjR4cCnxmg0u0ODpykyD6at3yjf
PZoN0UwgZwOLzJ/14Dx0zzqSfbPoF3H4tKcIyi+L22bq+MQALa+514YQjTsKnNTJ
zD0ow+8ATrSMXkGLawawV9q5RRrh9ZnfUhU9tO+pKGb44YroLFPtfHAy7kjniDQR
xpg8vnZlkGD5Bdki8q333kuW0dNU3a5QiaqAfQRJZrRiwc/YzNxrI6i2cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCL6/ti50hRkwQOpDz/YFAgxIqrXMB8GA1UdIwQY
MBaAFC4RLixh0qgOfEOFxghYyR118x57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhFdUxHSFNxQTU4UTRYR0NGakpIWFh6SG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mNzllOGUtNjYyNS00NWU5LWJiOWEt
OTZkMjI4NjFhOTIyLzEvSXZyLTJMblNGR1RCQTZrUFA5Z1VDREVpcXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mNzllOGUtNjYyNS00NWU5LWJiOWEtOTZkMjI4NjFhOTIy
LzEvTGhFdUxHSFNxQTU4UTRYR0NGakpIWFh6SG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6q6MA0G
CSqGSIb3DQEBCwUAA4IBAQB124asD9ypYvgdnukF0G29H7rUiRrYoov3SCk+d65V
+eLwEFWLkqk0aONwCPFummGyU8Uq58PsYd4D8n332W+o91GUKriiIjwOkCmulQiY
H0Pgcc4GIpGYMDnFdBGRAFv+0eepfweSw8JtSWx/S2jEMrbkv/IxUBuZVdiTxqEy
TyeEdM8NHley8+cUVC6syJJQCbhCj6ZDqXLdQbs7SKq/hxOS6ZH0ytfwRiyBXbNG
30dEhxqY5+qblAbsvwXx7qqi9rUSudPsr0eeUJrWODFmLEa71zpUFI+Iba+LKRj5
Z0KiiFr0UymobjFKQ/5zDSIxQIdDGMKH4dbmLpD0xDAt
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:18 2025 by rpki-client