Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/ii4CXv-Pk8tLlzAxCbGI9NE1WPw.roa
File: ii4CXv-Pk8tLlzAxCbGI9NE1WPw.roa (raw, json)
Hash identifier: MD/2wPYy9n41NpIL1JkCHQCFsgcTqXL+b/pbg63NS80=
Subject key identifier: 8A:2E:02:5E:FF:8F:93:CB:4B:97:30:31:09:B1:88:F4:D1:35:58:FC
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 018DE51E0D2E49BA485E8F8F2AC418DE1A04
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/ii4CXv-Pk8tLlzAxCbGI9NE1WPw.roa
Signing time: Mon 26 Feb 2024 11:12:48 +0000
ROA not before: Mon 26 Feb 2024 11:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201622
IP address blocks: 188.126.96.0/19 maxlen: 19
188.126.96.0/20 maxlen: 20
188.126.112.0/21 maxlen: 21
188.126.120.0/21 maxlen: 21
188.126.120.0/22 maxlen: 22
188.126.124.0/22 maxlen: 22
2a09:f400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:1e:0d:2e:49:ba:48:5e:8f:8f:2a:c4:18:de:1a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Feb 26 11:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a2e025eff8f93cb4b97303109b188f4d13558fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ff:d2:d8:93:b6:0a:23:24:d3:e5:13:b5:3e:
b5:e8:21:a2:54:68:65:ae:01:6d:c4:ad:df:00:e1:
68:d3:94:34:ea:9e:52:ab:3b:90:61:21:a7:9f:0b:
e9:31:3c:aa:04:da:1a:f8:e7:35:91:68:3c:e1:52:
a3:ce:9b:0a:0a:85:fd:c0:43:fc:3c:60:13:c1:70:
6d:cf:56:fb:7b:03:0c:56:4c:18:85:5a:b1:fd:dd:
84:90:82:e7:1e:e2:1c:34:a4:e9:60:6f:31:05:20:
17:25:34:4d:9b:dc:1d:99:a3:c8:4f:99:7a:b3:f1:
c5:6e:be:81:78:29:17:e2:09:43:ed:59:1a:7e:09:
3b:94:53:91:5a:37:a5:37:a1:b8:be:a2:ad:57:2b:
b4:01:31:ce:64:56:3d:fc:cd:fc:0f:ae:c2:ce:7e:
af:83:3d:15:51:20:80:24:49:75:1f:d0:83:ec:94:
2d:50:7f:4c:af:bc:95:81:a6:f8:04:c7:1e:f9:30:
1e:9a:a1:a0:b4:03:47:5f:b7:db:01:a7:aa:ce:59:
fe:58:ea:99:6b:2e:75:23:eb:b6:e2:04:34:ee:3b:
1b:49:8b:07:a1:fc:ef:cb:c2:c4:86:d6:dc:46:0c:
f7:c1:0a:78:ee:10:ab:a9:5d:8e:6b:7f:7b:a3:16:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2E:02:5E:FF:8F:93:CB:4B:97:30:31:09:B1:88:F4:D1:35:58:FC
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/ii4CXv-Pk8tLlzAxCbGI9NE1WPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.126.96.0/19
IPv6:
2a09:f400::/29
Signature Algorithm: sha256WithRSAEncryption
66:db:38:ba:a1:a3:67:58:8d:40:9d:ae:df:54:86:13:c8:73:
e8:48:7b:f4:18:7d:fc:bd:6b:f4:01:28:68:39:92:17:a8:06:
4b:1b:c7:2d:10:68:26:0e:f5:89:04:1d:22:b6:cc:75:25:39:
32:c4:1e:e4:a6:4c:d9:e3:c4:47:ed:f8:e9:b7:d5:1e:60:4b:
3d:ac:32:6e:22:01:f5:18:d3:c6:85:9e:0a:6d:ea:63:71:2b:
88:5d:3d:b7:b1:dc:28:6f:6a:48:82:7c:6b:9f:58:aa:3f:23:
64:b1:84:73:01:02:5d:e4:5c:d0:34:e0:fd:8c:3c:e8:cf:26:
12:e7:fd:ad:8b:16:71:e9:5f:4e:10:ae:66:b6:4e:c0:0b:a1:
bc:60:3d:d3:16:c2:c9:a2:7a:9f:1c:36:61:8e:1d:d1:3a:31:
b7:15:49:d8:0b:c9:bc:27:e1:ca:0b:86:c7:6b:5c:f5:02:cd:
84:a6:3a:43:fc:54:b0:78:85:d5:8a:c4:ab:15:25:17:19:a8:
fa:e8:33:f0:83:ec:ae:61:72:cd:8a:f9:9e:bd:6e:6d:6c:ce:
c1:cf:bc:83:eb:cd:ae:4a:c1:35:c4:8f:9c:7d:f0:c7:ca:c0:
b8:39:9a:7d:b3:8b:1c:4d:54:6a:f2:9a:5d:a2:80:60:f3:f5:
b7:67:4c:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3lHg0uSbpIXo+PKsQY3hoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2FiNWJhOThiZWY1ZDBkOWJkMGNlYTAzMWExZmUxMzc3
N2E0ODYwHhcNMjQwMjI2MTExMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJlMDI1ZWZmOGY5M2NiNGI5NzMwMzEwOWIxODhmNGQxMzU1OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif/S2JO2CiMk0+UTtT616CGiVGhl
rgFtxK3fAOFo05Q06p5SqzuQYSGnnwvpMTyqBNoa+Oc1kWg84VKjzpsKCoX9wEP8
PGATwXBtz1b7ewMMVkwYhVqx/d2EkILnHuIcNKTpYG8xBSAXJTRNm9wdmaPIT5l6
s/HFbr6BeCkX4glD7Vkafgk7lFORWjelN6G4vqKtVyu0ATHOZFY9/M38D67Czn6v
gz0VUSCAJEl1H9CD7JQtUH9Mr7yVgab4BMce+TAemqGgtANHX7fbAaeqzln+WOqZ
ay51I+u24gQ07jsbSYsHofzvy8LEhtbcRgz3wQp47hCrqV2Oa397oxar3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIouAl7/j5PLS5cwMQmxiPTRNVj8MB8GA1UdIwQY
MBaAFDI6tbqYvvXQ2b0M6gMaH+E3d6SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQt
Zjk1MTI0OTllMDVjLzEvaWk0Q1h2LVBrOHRMbHpBeENiR0k5TkUxV1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQtZjk1MTI0OTllMDVj
LzEvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFvH5gMA0E
AgACMAcDBQMqCfQAMA0GCSqGSIb3DQEBCwUAA4IBAQBm2zi6oaNnWI1Ana7fVIYT
yHPoSHv0GH38vWv0AShoOZIXqAZLG8ctEGgmDvWJBB0itsx1JTkyxB7kpkzZ48RH
7fjpt9UeYEs9rDJuIgH1GNPGhZ4KbepjcSuIXT23sdwob2pIgnxrn1iqPyNksYRz
AQJd5FzQNOD9jDzozyYS5/2tixZx6V9OEK5mtk7AC6G8YD3TFsLJonqfHDZhjh3R
OjG3FUnYC8m8J+HKC4bHa1z1As2EpjpD/FSweIXVisSrFSUXGaj66DPwg+yuYXLN
ivmevW5tbM7Bz7yD682uSsE1xI+cffDHysC4OZp9s4scTVRq8ppdooBg8/W3Z0wP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:42:01 2025 by rpki-client