Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/Iiq_WJn8v5MOvcuNjblVxQhhNG0.roa
File: Iiq_WJn8v5MOvcuNjblVxQhhNG0.roa (raw, json)
Hash identifier: DcJwmH1pWaduCRBz+Twnn+rvAB9EnwEA1YZT15St6+Y=
Subject key identifier: 22:2A:BF:58:99:FC:BF:93:0E:BD:CB:8D:8D:B9:55:C5:08:61:34:6D
Certificate issuer: /CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Certificate serial: 0194228D29DE192BC81C31C89AD522539E82
Authority key identifier: 24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/Iiq_WJn8v5MOvcuNjblVxQhhNG0.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 37.153.153.0/24 maxlen: 24
37.153.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:34:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:29:de:19:2b:c8:1c:31:c8:9a:d5:22:53:9e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=222abf5899fcbf930ebdcb8d8db955c50861346d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6f:23:0a:33:58:89:2e:e6:8d:3b:38:4f:51:
e3:93:ef:05:78:66:8f:e8:04:71:99:dc:ac:08:e8:
95:88:d7:77:53:75:33:7a:c1:fa:3c:3c:b7:e0:0f:
02:18:f7:58:26:03:92:c3:2e:f3:97:69:bc:41:f1:
e6:e1:35:a7:46:30:39:b5:3e:f2:f5:dc:30:b8:7e:
bc:33:fc:89:a9:7a:08:d0:20:90:1e:0d:f9:67:cb:
b1:52:4c:db:52:38:fa:df:e3:eb:cc:1b:89:c9:62:
59:8e:fd:4a:1b:3c:ad:cf:e4:04:86:f1:d1:c9:39:
fc:0f:c2:e3:00:3c:03:d0:ad:66:c6:27:ed:2f:a9:
03:47:d6:33:f5:ab:4d:db:5b:f9:2e:b6:2c:7b:99:
12:54:94:51:85:91:43:dd:21:7f:af:83:b2:d5:3f:
bd:55:40:4f:43:41:d7:e0:94:57:e5:4e:d3:b2:91:
03:3d:91:e3:cb:5d:23:f7:2f:a1:a4:75:24:e3:c0:
22:5a:75:87:85:5d:d1:cc:d1:40:c9:ea:90:06:6c:
2e:7c:fb:38:a7:9f:28:75:b5:a3:10:7d:05:c0:6b:
6f:55:91:12:32:ff:14:6c:be:8f:c7:da:2c:82:ad:
d3:65:91:da:fc:7f:97:0b:95:e3:21:49:ef:1c:eb:
fc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2A:BF:58:99:FC:BF:93:0E:BD:CB:8D:8D:B9:55:C5:08:61:34:6D
X509v3 Authority Key Identifier:
keyid:24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/Iiq_WJn8v5MOvcuNjblVxQhhNG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.153.0-37.153.154.255
Signature Algorithm: sha256WithRSAEncryption
01:97:af:dd:98:81:46:e8:68:a9:83:50:bf:ab:43:46:94:91:
61:90:a0:41:7c:3b:1f:5a:ef:64:ac:18:4f:92:03:6c:3e:f7:
21:64:42:7d:ed:1f:df:bf:9f:4c:37:94:1d:f2:f6:ba:36:6b:
a7:4b:27:f7:30:39:a8:a6:2d:f7:bb:3b:c1:20:1b:3b:90:30:
6f:f6:a6:05:b8:50:0a:73:88:2f:e5:a0:a6:cd:14:2f:0c:b3:
29:06:57:aa:21:93:6a:cc:0c:14:14:ec:ea:62:cc:bd:57:d4:
ce:c0:58:5f:40:6f:6f:a0:7e:4c:ea:02:3f:8c:76:39:5e:63:
d5:a2:3f:7f:a3:43:d5:78:46:65:b4:bd:14:26:07:4b:64:48:
7b:b9:27:cb:29:9f:93:2f:bc:c1:af:b8:dc:1c:0d:96:e5:7b:
bd:6f:f6:b4:1c:a4:9d:56:d7:3c:5e:51:cc:59:5c:56:10:ae:
74:bd:d6:3c:61:72:f7:d1:64:b7:b7:98:d4:b9:cd:36:d5:15:
9a:ee:19:74:7f:79:13:25:84:c1:0d:b9:c0:76:1a:2b:f3:30:
b7:01:23:ef:7c:0a:6e:94:7c:34:98:6e:9e:50:88:87:1e:42:
ac:42:1c:5f:a9:19:38:06:71:80:7d:87:39:73:06:29:2d:69:
2d:75:12:dd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQijSneGSvIHDHImtUiU56CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTViZjljNjFjODVkYjdjOTlhYzRjZGY3OTI1N2U3OTk3
YWI3N2MwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJhYmY1ODk5ZmNiZjkzMGViZGNiOGQ4ZGI5NTVjNTA4NjEzNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW8jCjNYiS7mjTs4T1Hjk+8FeGaP
6ARxmdysCOiViNd3U3UzesH6PDy34A8CGPdYJgOSwy7zl2m8QfHm4TWnRjA5tT7y
9dwwuH68M/yJqXoI0CCQHg35Z8uxUkzbUjj63+PrzBuJyWJZjv1KGzytz+QEhvHR
yTn8D8LjADwD0K1mxiftL6kDR9Yz9atN21v5LrYse5kSVJRRhZFD3SF/r4Oy1T+9
VUBPQ0HX4JRX5U7TspEDPZHjy10j9y+hpHUk48AiWnWHhV3RzNFAyeqQBmwufPs4
p58odbWjEH0FwGtvVZESMv8UbL6Px9osgq3TZZHa/H+XC5XjIUnvHOv8KwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCIqv1iZ/L+TDr3LjY25VcUIYTRtMB8GA1UdIwQY
MBaAFCQVv5xhyF23yZrEzfeSV+eZerd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMt
NmExOGRjODgxNmRiLzEvSWlxX1dKbjh2NU1PdmN1TmpibFZ4UWhoTkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMtNmExOGRjODgxNmRi
LzEvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlmZkD
BAAlmZowDQYJKoZIhvcNAQELBQADggEBAAGXr92YgUboaKmDUL+rQ0aUkWGQoEF8
Ox9a72SsGE+SA2w+9yFkQn3tH9+/n0w3lB3y9ro2a6dLJ/cwOaimLfe7O8EgGzuQ
MG/2pgW4UApziC/loKbNFC8MsykGV6ohk2rMDBQU7OpizL1X1M7AWF9Ab2+gfkzq
Aj+MdjleY9WiP3+jQ9V4RmW0vRQmB0tkSHu5J8spn5MvvMGvuNwcDZble71v9rQc
pJ1W1zxeUcxZXFYQrnS91jxhcvfRZLe3mNS5zTbVFZruGXR/eRMlhMENucB2Givz
MLcBI+98Cm6UfDSYbp5QiIceQqxCHF+pGTgGcYB9hzlzBiktaS11Et0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:15 2025 by rpki-client