Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/IJzuo-XigOfmXpPLy7Xgq1M9pLI.roa
File: IJzuo-XigOfmXpPLy7Xgq1M9pLI.roa (raw, json)
Hash identifier: HZtOEnsYLe7wktO5g7Fukml6rRobXgHaTSf6MMZewHw=
Subject key identifier: 20:9C:EE:A3:E5:E2:80:E7:E6:5E:93:CB:CB:B5:E0:AB:53:3D:A4:B2
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01953CF4FA7882EE65ADAC443355AA3067F9
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/IJzuo-XigOfmXpPLy7Xgq1M9pLI.roa
Signing time: Tue 25 Feb 2025 11:54:02 +0000
ROA not before: Tue 25 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197343
IP address blocks: 5.56.128.0/22 maxlen: 22
5.57.34.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
37.32.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 08:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:f4:fa:78:82:ee:65:ad:ac:44:33:55:aa:30:67:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Feb 25 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=209ceea3e5e280e7e65e93cbcbb5e0ab533da4b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fc:c6:68:e9:c2:57:9a:29:61:66:82:05:81:
75:e0:95:47:ba:53:4b:3c:60:d2:40:a8:02:47:b2:
6e:f0:0f:0a:fa:ec:d8:c7:67:9b:43:81:bf:66:7b:
62:ea:22:1c:c0:85:13:eb:76:aa:95:b4:99:37:7d:
df:f3:36:63:24:58:e1:54:de:88:b9:10:68:a8:4d:
eb:5d:93:26:20:b0:d6:7a:cf:c2:e7:33:cf:1b:71:
22:0f:57:ef:78:7d:47:0e:6e:e6:25:f9:06:ff:0f:
b3:80:29:40:c9:c9:af:db:58:6c:57:4c:e4:ce:24:
d1:bf:3f:0d:3c:42:49:1e:a7:8e:27:ed:e8:be:e4:
21:4e:68:2f:fb:f2:d3:5d:42:65:d8:07:40:d5:4d:
5b:09:82:52:47:e0:57:e1:5c:08:54:b0:da:fb:d0:
c0:14:f5:eb:2f:f6:ff:22:41:86:87:d4:c7:3e:b1:
ce:ef:36:e0:07:35:c0:b0:4a:3d:d6:8b:f3:84:e4:
08:48:98:6a:31:46:c7:25:4f:79:65:f0:4e:19:56:
ea:ac:a2:71:96:e4:cc:46:35:41:5b:58:e5:72:3b:
a4:bc:95:3a:d2:c3:78:be:1e:32:8e:51:a0:68:f0:
9c:44:be:b9:fb:f6:f3:af:0f:07:fe:3f:94:30:b1:
62:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9C:EE:A3:E5:E2:80:E7:E6:5E:93:CB:CB:B5:E0:AB:53:3D:A4:B2
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/IJzuo-XigOfmXpPLy7Xgq1M9pLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.34.0/24
37.32.40.0/22
Signature Algorithm: sha256WithRSAEncryption
65:35:6d:ef:05:7c:97:7a:42:86:a5:2a:3d:23:17:bf:36:b3:
c9:ea:c7:a2:5e:bd:82:73:21:8e:8c:46:de:99:ff:dd:f8:d7:
11:70:07:79:97:a7:86:4a:d2:00:05:be:da:36:3e:f5:5f:5a:
fb:fd:20:2a:ee:bc:cb:12:ce:f1:7b:56:3d:cd:28:b0:f7:11:
7e:dc:7d:bb:a4:e3:0a:2a:4a:7d:b8:f4:cf:7a:56:d1:7d:87:
14:87:91:b7:ea:45:aa:0e:1f:72:76:4c:50:ea:5d:89:9f:59:
95:b8:65:c7:f7:b7:2d:f1:9d:b7:03:a5:8e:5a:70:13:05:9a:
e7:f3:62:4c:a1:c2:28:8b:c4:9e:08:4b:06:e5:02:26:f1:08:
c8:1b:aa:6f:19:d1:3d:e4:79:30:0f:cb:47:53:cf:15:8d:75:
99:69:4f:b1:a6:15:55:4b:e4:e7:58:4a:9c:a6:b8:5b:77:03:
60:69:87:89:2a:3d:fc:df:74:1b:17:85:ee:e9:76:7d:54:14:
c6:e4:a2:8f:86:49:40:af:55:0e:a9:da:33:bb:90:d8:64:db:
b3:93:7a:96:f3:1f:26:89:af:f4:ba:52:9b:82:a9:ed:50:75:
78:f3:ff:a3:a6:95:e4:52:5e:62:c7:48:d5:a9:4b:93:ac:df:
66:df:54:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU89Pp4gu5lraxEM1WqMGf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwMjI1MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDljZWVhM2U1ZTI4MGU3ZTY1ZTkzY2JjYmI1ZTBhYjUzM2RhNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/zGaOnCV5opYWaCBYF14JVHulNL
PGDSQKgCR7Ju8A8K+uzYx2ebQ4G/Znti6iIcwIUT63aqlbSZN33f8zZjJFjhVN6I
uRBoqE3rXZMmILDWes/C5zPPG3EiD1fveH1HDm7mJfkG/w+zgClAycmv21hsV0zk
ziTRvz8NPEJJHqeOJ+3ovuQhTmgv+/LTXUJl2AdA1U1bCYJSR+BX4VwIVLDa+9DA
FPXrL/b/IkGGh9THPrHO7zbgBzXAsEo91ovzhOQISJhqMUbHJU95ZfBOGVbqrKJx
luTMRjVBW1jlcjukvJU60sN4vh4yjlGgaPCcRL65+/bzrw8H/j+UMLFiYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCCc7qPl4oDn5l6Ty8u14KtTPaSyMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvSUp6dW8tWGlnT2ZtWHBQTHk3WGdxMU05cExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBTiAAwQA
BTkiAwQCJSAoMA0GCSqGSIb3DQEBCwUAA4IBAQBlNW3vBXyXekKGpSo9Ixe/NrPJ
6seiXr2CcyGOjEbemf/d+NcRcAd5l6eGStIABb7aNj71X1r7/SAq7rzLEs7xe1Y9
zSiw9xF+3H27pOMKKkp9uPTPelbRfYcUh5G36kWqDh9ydkxQ6l2Jn1mVuGXH97ct
8Z23A6WOWnATBZrn82JMocIoi8SeCEsG5QIm8QjIG6pvGdE95HkwD8tHU88VjXWZ
aU+xphVVS+TnWEqcprhbdwNgaYeJKj3833QbF4Xu6XZ9VBTG5KKPhklAr1UOqdoz
u5DYZNuzk3qW8x8mia/0ulKbgqntUHV48/+jppXkUl5ix0jVqUuTrN9m31QQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:15:17 2025 by rpki-client