Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iRK_Qb394Mlq9F7mC5iBWD80AEo.roa
File: iRK_Qb394Mlq9F7mC5iBWD80AEo.roa (raw, json)
Hash identifier: vaCamBVDxfVYUSszgjPRIPb5matwxJYFXjqHCOmbi7w=
Subject key identifier: 89:12:BF:41:BD:FD:E0:C9:6A:F4:5E:E6:0B:98:81:58:3F:34:00:4A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EA509FF6CA1F1F1C091D05FBBA93084FC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iRK_Qb394Mlq9F7mC5iBWD80AEo.roa
Signing time: Wed 03 Apr 2024 17:37:59 +0000
ROA not before: Wed 03 Apr 2024 17:37:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 82.153.255.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
109.176.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 09:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:09:ff:6c:a1:f1:f1:c0:91:d0:5f:bb:a9:30:84:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 3 17:37:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8912bf41bdfde0c96af45ee60b9881583f34004a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ec:65:98:c1:0c:2f:b0:04:dc:d9:d0:dd:dd:
25:1a:89:59:c7:9a:d4:16:a8:d7:dc:de:1a:25:2e:
c0:1f:8a:7c:a1:68:f1:4c:36:60:0c:60:d6:c7:67:
bf:d0:14:cd:cb:55:25:07:49:47:a3:13:20:3a:c6:
d2:cd:5b:42:24:b2:1f:94:7f:fb:ba:33:11:2f:88:
f1:69:99:83:10:9e:7c:96:0a:09:6f:5e:84:b9:ba:
9c:c0:a7:88:18:c8:1e:95:20:51:96:2f:9d:d2:28:
8b:af:97:90:db:1b:96:84:f3:6e:fc:62:f3:32:b0:
2d:cd:84:68:e1:92:c9:90:95:4c:5e:78:53:74:78:
06:0f:70:e2:b8:f6:c6:c2:15:e2:ed:9b:e3:ca:52:
58:d1:95:76:17:35:64:0e:2d:b0:3a:1d:b3:cb:81:
89:bf:95:a5:52:62:b7:9e:33:89:0e:6f:9b:19:49:
f9:5e:f4:da:91:d5:31:b8:f2:74:81:bc:fa:85:0a:
a1:58:43:b9:71:68:64:d0:cd:8e:1d:31:96:c2:b9:
ba:06:16:99:58:3a:bd:c2:8e:09:36:dc:d8:ab:cf:
0f:03:ad:51:24:af:fd:9b:cf:ac:f1:a2:c3:8f:3f:
de:73:07:df:7c:b2:01:be:a5:1f:32:49:73:26:1c:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:12:BF:41:BD:FD:E0:C9:6A:F4:5E:E6:0B:98:81:58:3F:34:00:4A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iRK_Qb394Mlq9F7mC5iBWD80AEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.255.0/24
82.163.10.0/23
109.176.30.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f6:77:cf:55:57:ef:fb:f3:6a:b0:3a:3b:93:cf:db:30:12:
46:ab:b2:b4:7a:27:12:41:b0:ed:f9:24:6c:ab:98:cb:ab:1c:
e6:29:bb:43:79:ef:72:48:bd:a9:44:88:11:d5:7d:6a:03:07:
48:e8:e0:c5:2c:94:c7:64:d0:4f:53:41:12:fe:5e:99:ed:c7:
70:0f:62:9a:49:b2:e9:7c:a9:ab:c4:27:31:a7:e1:32:96:de:
63:a2:04:a8:88:10:68:1b:70:16:e3:e3:b3:27:ac:ae:71:e3:
de:ef:d2:b8:90:f3:d0:9a:92:dc:5c:84:47:1d:e7:39:28:de:
be:50:43:2a:aa:a3:8a:bb:eb:6b:c3:e4:53:4d:cd:78:07:6d:
70:83:9d:b5:44:6b:f2:6f:72:ff:71:4c:6d:ad:71:4d:30:75:
46:3a:5b:9c:8d:2d:9a:dd:c1:5b:66:41:ef:74:83:62:44:5b:
74:8a:51:91:bc:2f:6b:a9:bd:fe:21:68:12:27:ff:c0:f6:ec:
8b:28:70:78:64:a5:e9:b6:d5:9e:a8:b2:9c:90:b0:15:f2:79:
75:5c:76:bb:bf:b0:92:c8:73:cd:f9:bb:1c:f4:68:8a:69:7d:
ba:b4:e3:c8:40:90:a3:3d:d5:ff:84:c0:f7:5f:22:28:06:8e:
01:eb:e4:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6lCf9sofHxwJHQX7upMIT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAzMTczNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTEyYmY0MWJkZmRlMGM5NmFmNDVlZTYwYjk4ODE1ODNmMzQwMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OxlmMEML7AE3NnQ3d0lGolZx5rU
FqjX3N4aJS7AH4p8oWjxTDZgDGDWx2e/0BTNy1UlB0lHoxMgOsbSzVtCJLIflH/7
ujMRL4jxaZmDEJ58lgoJb16EubqcwKeIGMgelSBRli+d0iiLr5eQ2xuWhPNu/GLz
MrAtzYRo4ZLJkJVMXnhTdHgGD3DiuPbGwhXi7ZvjylJY0ZV2FzVkDi2wOh2zy4GJ
v5WlUmK3njOJDm+bGUn5XvTakdUxuPJ0gbz6hQqhWEO5cWhk0M2OHTGWwrm6BhaZ
WDq9wo4JNtzYq88PA61RJK/9m8+s8aLDjz/ecwfffLIBvqUfMklzJhwQMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIkSv0G9/eDJavRe5guYgVg/NABKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaVJLX1FiMzk0TWxxOUY3bUM1aUJXRDgwQUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpn/AwQB
UqMKAwQAbbAeMA0GCSqGSIb3DQEBCwUAA4IBAQBu9nfPVVfv+/NqsDo7k8/bMBJG
q7K0eicSQbDt+SRsq5jLqxzmKbtDee9ySL2pRIgR1X1qAwdI6ODFLJTHZNBPU0ES
/l6Z7cdwD2KaSbLpfKmrxCcxp+Eylt5jogSoiBBoG3AW4+OzJ6yucePe79K4kPPQ
mpLcXIRHHec5KN6+UEMqqqOKu+trw+RTTc14B21wg521RGvyb3L/cUxtrXFNMHVG
OlucjS2a3cFbZkHvdINiRFt0ilGRvC9rqb3+IWgSJ//A9uyLKHB4ZKXpttWeqLKc
kLAV8nl1XHa7v7CSyHPN+bsc9GiKaX26tOPIQJCjPdX/hMD3XyIoBo4B6+Tv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org