Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/iqqgvjllZB32gcy-vfW3a8yY_nU.roa
File: iqqgvjllZB32gcy-vfW3a8yY_nU.roa (raw, json)
Hash identifier: wnlvCz09/GwoaW1Xr8oGaEgBGJtMzkssOtg+1h24Y0k=
Subject key identifier: 8A:AA:A0:BE:39:65:64:1D:F6:81:CC:BE:BD:F5:B7:6B:CC:98:FE:75
Certificate issuer: /CN=26638c2cb7b860cd369679c4d05d50f705e04629
Certificate serial: 018CC3489F76C25911D39AA1455484C3B257
Authority key identifier: 26:63:8C:2C:B7:B8:60:CD:36:96:79:C4:D0:5D:50:F7:05:E0:46:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmOMLLe4YM02lnnE0F1Q9wXgRik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/iqqgvjllZB32gcy-vfW3a8yY_nU.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25281
IP address blocks: 185.103.13.0/24 maxlen: 24
185.103.14.0/24 maxlen: 24
185.103.15.0/24 maxlen: 24
185.103.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9f:76:c2:59:11:d3:9a:a1:45:54:84:c3:b2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26638c2cb7b860cd369679c4d05d50f705e04629
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aaaa0be3965641df681ccbebdf5b76bcc98fe75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8a:b8:2e:b5:9f:91:4e:46:25:5b:76:45:23:
92:1c:2c:03:21:8b:bb:5a:6b:a1:40:d2:46:9a:fc:
dd:31:4c:cd:e3:a9:78:4c:f4:4e:95:9c:01:70:23:
60:54:f8:a0:ff:a3:9d:08:56:6e:51:21:20:b8:50:
62:6e:dd:e7:65:db:95:d6:2c:60:c7:2f:2e:0a:be:
bd:56:b1:7f:2c:b0:f6:64:58:67:cc:e6:0a:54:27:
79:6a:56:48:e3:c3:cb:b4:0f:7f:e1:c8:df:14:fa:
8c:b4:d8:cb:7b:44:07:2e:5f:a9:71:ce:f9:18:c0:
9a:ec:09:c3:36:3f:8b:ec:2e:40:fa:0b:0e:5a:0d:
ac:92:19:8e:0a:cd:4d:a2:b2:13:be:17:b5:ff:2a:
98:c4:b6:36:d8:ac:ab:a0:1f:80:44:c1:60:d9:86:
7f:aa:d4:79:ef:09:60:77:f0:b0:fc:ec:e7:ad:e9:
9b:b2:5f:f4:d7:ec:47:26:7d:07:e0:91:fc:f2:59:
db:d8:e7:34:61:e0:77:c1:19:19:97:bf:35:40:f1:
1b:87:06:1b:4c:35:67:73:a7:b3:83:53:b2:b0:64:
f5:c2:b8:66:96:a9:16:96:75:45:6f:ca:3f:6d:59:
28:9c:e8:af:e2:d0:58:7e:08:c4:b8:d7:e8:b7:e1:
b2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AA:A0:BE:39:65:64:1D:F6:81:CC:BE:BD:F5:B7:6B:CC:98:FE:75
X509v3 Authority Key Identifier:
keyid:26:63:8C:2C:B7:B8:60:CD:36:96:79:C4:D0:5D:50:F7:05:E0:46:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmOMLLe4YM02lnnE0F1Q9wXgRik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/iqqgvjllZB32gcy-vfW3a8yY_nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/JmOMLLe4YM02lnnE0F1Q9wXgRik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.12.0/22
Signature Algorithm: sha256WithRSAEncryption
17:93:f0:c2:b5:b9:6a:74:8a:ba:7c:17:9f:08:59:82:8d:a3:
03:6f:0e:26:37:03:16:03:af:20:ce:ef:3a:3e:aa:24:8d:2b:
68:21:0d:a6:cf:68:e7:d1:e0:3c:6d:24:f5:65:da:96:38:0e:
2b:24:68:6c:35:a2:96:47:75:63:d7:18:4d:28:2e:7b:cb:a9:
f0:1c:87:75:35:73:a2:2b:f6:48:51:10:ac:3a:41:cf:db:e4:
6c:df:a7:55:c4:63:f1:5c:25:6d:e2:34:f0:7e:d2:13:61:0d:
37:e3:84:98:be:42:ac:70:1a:19:dd:c3:23:59:22:c8:1b:67:
18:35:61:eb:20:e9:78:92:3d:2f:92:db:79:1a:e8:bd:aa:db:
d6:2e:53:d0:1f:fe:70:6e:21:b4:7b:01:35:b6:24:76:10:64:
e7:71:3c:9f:16:82:b3:14:d7:5c:f4:ca:dc:b5:1a:72:c5:08:
b0:24:48:8c:92:2b:04:e7:64:38:d1:ed:9b:1b:b3:d0:7e:19:
61:82:10:e1:bb:15:db:06:ab:57:b3:ad:de:c1:32:6f:5b:bb:
d7:b6:99:a5:61:ce:5f:fc:95:ce:2f:b6:5f:8d:90:a7:f8:e7:
3c:99:3a:f1:8f:63:eb:6b:7e:34:fd:87:7a:59:ec:15:0e:02:
5b:c2:d0:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJ92wlkR05qhRVSEw7JXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjM4YzJjYjdiODYwY2QzNjk2NzljNGQwNWQ1MGY3MDVl
MDQ2MjkwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFhYTBiZTM5NjU2NDFkZjY4MWNjYmViZGY1Yjc2YmNjOThmZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIq4LrWfkU5GJVt2RSOSHCwDIYu7
WmuhQNJGmvzdMUzN46l4TPROlZwBcCNgVPig/6OdCFZuUSEguFBibt3nZduV1ixg
xy8uCr69VrF/LLD2ZFhnzOYKVCd5alZI48PLtA9/4cjfFPqMtNjLe0QHLl+pcc75
GMCa7AnDNj+L7C5A+gsOWg2skhmOCs1NorITvhe1/yqYxLY22KyroB+ARMFg2YZ/
qtR57wlgd/Cw/Oznrembsl/01+xHJn0H4JH88lnb2Oc0YeB3wRkZl781QPEbhwYb
TDVnc6ezg1OysGT1wrhmlqkWlnVFb8o/bVkonOiv4tBYfgjEuNfot+GybwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqqoL45ZWQd9oHMvr31t2vMmP51MB8GA1UdIwQY
MBaAFCZjjCy3uGDNNpZ5xNBdUPcF4EYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1PTUxMZTRZTTAybG5uRTBGMVE5d1hnUmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kOTZmNjktZWYxNC00MjI3LTg4OTgt
M2U1N2NjNTJjODRlLzEvaXFxZ3ZqbGxaQjMyZ2N5LXZmVzNhOHlZX25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kOTZmNjktZWYxNC00MjI3LTg4OTgtM2U1N2NjNTJjODRl
LzEvSm1PTUxMZTRZTTAybG5uRTBGMVE5d1hnUmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcMMA0G
CSqGSIb3DQEBCwUAA4IBAQAXk/DCtblqdIq6fBefCFmCjaMDbw4mNwMWA68gzu86
PqokjStoIQ2mz2jn0eA8bST1ZdqWOA4rJGhsNaKWR3Vj1xhNKC57y6nwHId1NXOi
K/ZIURCsOkHP2+Rs36dVxGPxXCVt4jTwftITYQ0344SYvkKscBoZ3cMjWSLIG2cY
NWHrIOl4kj0vktt5Gui9qtvWLlPQH/5wbiG0ewE1tiR2EGTncTyfFoKzFNdc9Mrc
tRpyxQiwJEiMkisE52Q40e2bG7PQfhlhghDhuxXbBqtXs63ewTJvW7vXtpmlYc5f
/JXOL7ZfjZCn+Oc8mTrxj2Pra340/Yd6WewVDgJbwtDB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:22 2025 by rpki-client