Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/cd9589-3825-43e6-9552-0307486269d7/1/iPVI7UuvbCRM-L0XnoKrroo6oVk.roa
File: iPVI7UuvbCRM-L0XnoKrroo6oVk.roa (raw, json)
Hash identifier: Gv+LQpUYnO+J+EwQdw9akiDA/eMGEM95EqAZkzIkFbU=
Subject key identifier: 88:F5:48:ED:4B:AF:6C:24:4C:F8:BD:17:9E:82:AB:AE:8A:3A:A1:59
Certificate issuer: /CN=a3e5999283aaf2e4395079ea3716ddfc2b130f07
Certificate serial: 01916E468B9AA7A2098A9F4D7610628F48AF
Authority key identifier: A3:E5:99:92:83:AA:F2:E4:39:50:79:EA:37:16:DD:FC:2B:13:0F:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-WZkoOq8uQ5UHnqNxbd_CsTDwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/cd9589-3825-43e6-9552-0307486269d7/1/iPVI7UuvbCRM-L0XnoKrroo6oVk.roa
Signing time: Tue 20 Aug 2024 05:33:22 +0000
ROA not before: Tue 20 Aug 2024 05:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49588
IP address blocks: 176.107.48.0/20 maxlen: 20
176.122.0.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:46:8b:9a:a7:a2:09:8a:9f:4d:76:10:62:8f:48:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e5999283aaf2e4395079ea3716ddfc2b130f07
Validity
Not Before: Aug 20 05:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88f548ed4baf6c244cf8bd179e82abae8a3aa159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6e:dd:12:f6:0a:f9:15:9b:51:49:14:f2:5b:
34:a1:ca:23:a9:a4:03:5e:c2:26:59:76:1e:42:7e:
b8:c2:1a:93:e7:5d:92:17:ed:c9:c2:8a:92:38:13:
6e:79:29:08:bf:46:06:94:0b:17:a0:54:d1:8a:7e:
3d:28:4b:d3:b0:86:0e:1d:eb:8b:8b:72:7b:50:22:
60:74:00:8f:57:8c:eb:f6:ef:68:fa:57:7a:b7:ae:
a7:d1:8e:5e:96:49:5d:f0:18:a6:b8:03:5c:fa:5f:
43:d4:5d:79:85:fe:e5:93:d3:2b:aa:7b:a7:48:29:
c3:ac:d1:80:94:ce:85:2f:2b:5d:6f:65:b7:70:9a:
4c:f9:5c:96:7a:e6:31:8a:34:e8:5a:90:44:c6:68:
73:22:68:d4:91:eb:9e:4e:22:cc:1e:63:be:9e:3d:
46:2b:af:fa:25:07:40:07:82:73:18:66:df:d7:c9:
b5:cd:87:f7:37:c8:a3:1a:5e:03:c2:bb:48:c1:c6:
1f:91:dd:29:77:14:05:95:22:78:63:9e:e6:eb:b7:
8a:af:8d:72:15:40:a4:e7:e9:60:b3:97:90:62:77:
fa:41:4c:26:6b:73:8e:e7:08:0e:12:27:e8:08:39:
8c:bd:1a:03:1d:53:fd:87:89:fb:7f:38:8a:32:3a:
75:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F5:48:ED:4B:AF:6C:24:4C:F8:BD:17:9E:82:AB:AE:8A:3A:A1:59
X509v3 Authority Key Identifier:
keyid:A3:E5:99:92:83:AA:F2:E4:39:50:79:EA:37:16:DD:FC:2B:13:0F:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-WZkoOq8uQ5UHnqNxbd_CsTDwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/cd9589-3825-43e6-9552-0307486269d7/1/iPVI7UuvbCRM-L0XnoKrroo6oVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/cd9589-3825-43e6-9552-0307486269d7/1/o-WZkoOq8uQ5UHnqNxbd_CsTDwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.107.48.0/20
176.122.0.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:7b:22:a2:0b:ee:f7:82:41:39:1f:a8:18:54:57:79:af:a1:
c6:a1:db:76:39:a4:ef:bb:24:93:1f:fd:3b:3d:f1:84:f3:38:
c5:f7:3c:90:66:ac:75:e6:e1:9c:07:fe:82:49:43:5e:6c:ff:
1d:1b:12:85:26:4b:b6:a5:ee:22:34:6f:b8:ed:80:e9:08:84:
ec:51:ab:a5:87:c3:88:10:26:27:22:99:dd:48:b6:c1:27:7a:
74:a2:b4:0a:65:e9:25:10:b5:e6:40:de:e3:02:fb:3d:16:70:
f1:92:8e:21:57:a9:9b:d0:ca:e6:07:dd:24:82:e0:de:2a:c8:
95:04:fe:5f:bd:19:37:f0:b3:d2:8b:15:a0:0b:a9:61:bf:40:
55:ad:5d:5b:5d:83:7e:4b:95:05:c5:d3:2e:75:1b:06:82:00:
f4:df:1f:ec:84:06:ec:3d:3a:7b:d7:ae:18:89:ae:b1:db:3b:
8d:4b:4b:63:50:05:cb:09:0a:a7:48:13:b7:0f:7d:4c:3e:3a:
10:98:85:f8:71:ea:f8:1b:ff:f4:c8:42:67:e0:fd:23:53:51:
bf:0f:c1:aa:67:93:ea:41:6d:99:ca:7a:f2:99:a1:74:e1:a0:
b2:95:1a:26:26:c2:c4:11:bb:5b:2a:9d:71:7e:7d:c3:4b:36:
99:d5:ce:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFuRouap6IJip9NdhBij0ivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTU5OTkyODNhYWYyZTQzOTUwNzllYTM3MTZkZGZjMmIx
MzBmMDcwHhcNMjQwODIwMDUzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY1NDhlZDRiYWY2YzI0NGNmOGJkMTc5ZTgyYWJhZThhM2FhMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm7dEvYK+RWbUUkU8ls0ocojqaQD
XsImWXYeQn64whqT512SF+3JwoqSOBNueSkIv0YGlAsXoFTRin49KEvTsIYOHeuL
i3J7UCJgdACPV4zr9u9o+ld6t66n0Y5elkld8BimuANc+l9D1F15hf7lk9Mrqnun
SCnDrNGAlM6FLytdb2W3cJpM+VyWeuYxijToWpBExmhzImjUkeueTiLMHmO+nj1G
K6/6JQdAB4JzGGbf18m1zYf3N8ijGl4DwrtIwcYfkd0pdxQFlSJ4Y57m67eKr41y
FUCk5+lgs5eQYnf6QUwma3OO5wgOEifoCDmMvRoDHVP9h4n7fziKMjp16wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIj1SO1Lr2wkTPi9F56Cq66KOqFZMB8GA1UdIwQY
MBaAFKPlmZKDqvLkOVB56jcW3fwrEw8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1XWmtvT3E4dVE1VUhucU54YmRfQ3NURHdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9jZDk1ODktMzgyNS00M2U2LTk1NTIt
MDMwNzQ4NjI2OWQ3LzEvaVBWSTdVdXZiQ1JNLUwwWG5vS3Jyb282b1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9jZDk1ODktMzgyNS00M2U2LTk1NTItMDMwNzQ4NjI2OWQ3
LzEvby1XWmtvT3E4dVE1VUhucU54YmRfQ3NURHdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsGswAwQE
sHoAMA0GCSqGSIb3DQEBCwUAA4IBAQBdeyKiC+73gkE5H6gYVFd5r6HGodt2OaTv
uySTH/07PfGE8zjF9zyQZqx15uGcB/6CSUNebP8dGxKFJku2pe4iNG+47YDpCITs
Uaulh8OIECYnIpndSLbBJ3p0orQKZeklELXmQN7jAvs9FnDxko4hV6mb0MrmB90k
guDeKsiVBP5fvRk38LPSixWgC6lhv0BVrV1bXYN+S5UFxdMudRsGggD03x/shAbs
PTp7164Yia6x2zuNS0tjUAXLCQqnSBO3D31MPjoQmIX4cer4G//0yEJn4P0jU1G/
D8GqZ5PqQW2ZynrymaF04aCylRomJsLEEbtbKp1xfn3DSzaZ1c57
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:53:14 2025 by rpki-client