Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/IO8JKv2I1FJgh17cZjrCE46yTqY.roa
File: IO8JKv2I1FJgh17cZjrCE46yTqY.roa (raw, json)
Hash identifier: FZg5i/mpeVsA9FARXIpx7pTKCnESJK6/5s61UvI0KV4=
Subject key identifier: 20:EF:09:2A:FD:88:D4:52:60:87:5E:DC:66:3A:C2:13:8E:B2:4E:A6
Certificate issuer: /CN=e19cbb88d2b1a896658506778662e75c732a67e7
Certificate serial: 018CCA2BA7A0BBC6057AB4BB51F364906109
Authority key identifier: E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/IO8JKv2I1FJgh17cZjrCE46yTqY.roa
Signing time: Tue 02 Jan 2024 12:35:07 +0000
ROA not before: Tue 02 Jan 2024 12:35:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59659
IP address blocks: 185.220.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 25 Mar 2024 10:15:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a7:a0:bb:c6:05:7a:b4:bb:51:f3:64:90:61:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e19cbb88d2b1a896658506778662e75c732a67e7
Validity
Not Before: Jan 2 12:35:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20ef092afd88d45260875edc663ac2138eb24ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:98:4f:c1:30:19:f7:6c:00:11:7e:9b:c2:
8a:f4:e6:86:1a:e2:d4:fa:f1:2d:23:69:91:df:f8:
11:65:6b:53:6c:7b:67:7b:d6:94:33:0e:fa:ea:c0:
d6:85:28:5d:ad:0d:5e:79:33:4a:8e:57:dc:7d:bc:
3f:92:b3:85:65:6c:00:62:bb:9a:f1:ab:a8:ca:d1:
96:4c:ad:5c:98:28:11:79:f1:e8:cc:d7:6f:40:45:
30:ef:47:29:22:a1:87:a6:ea:b7:9f:8e:87:03:a8:
0c:7f:f5:c8:70:35:8b:91:6a:be:40:9b:9c:8d:57:
95:32:a2:17:40:88:d2:d5:e4:72:45:85:cc:e5:28:
f6:1c:19:0d:14:03:46:65:95:54:e0:47:ec:95:cc:
20:1d:dd:28:02:b0:70:d0:53:73:98:35:e3:1a:78:
53:73:df:ac:b9:d9:9a:da:db:51:51:57:d3:da:b1:
57:f0:8f:1b:98:da:c1:54:d4:2d:2e:26:94:46:7b:
bf:7c:f9:f1:4f:f4:b0:89:18:e0:bc:db:72:cf:3c:
c7:44:2a:be:2b:c1:3a:5f:74:25:92:9d:b9:39:04:
85:a2:11:b2:dd:59:35:5e:0c:63:7f:36:c5:56:f8:
d2:50:96:93:82:ef:fb:14:62:36:db:a3:97:23:9e:
10:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EF:09:2A:FD:88:D4:52:60:87:5E:DC:66:3A:C2:13:8E:B2:4E:A6
X509v3 Authority Key Identifier:
keyid:E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/IO8JKv2I1FJgh17cZjrCE46yTqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.88.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:b4:2e:f8:79:aa:42:f8:d6:81:b0:d2:ff:22:85:ee:fb:6a:
bb:87:89:94:70:f8:8a:e7:46:64:88:97:6a:43:42:04:a5:9a:
8e:d9:cf:74:1b:cc:b7:64:a8:e1:c6:05:63:d1:c6:1e:ce:02:
d3:a7:1a:d8:97:d7:c8:54:43:cb:35:84:83:9b:31:a4:7e:5c:
26:44:fb:93:1e:84:23:02:ef:dc:e8:5f:ff:8b:2e:d0:1a:01:
8d:fb:96:42:ac:bb:f5:18:45:fb:fe:ea:35:7d:84:75:f5:88:
8a:d6:e0:1c:08:57:29:40:00:8f:d3:fa:42:45:27:96:6d:b6:
02:5f:6a:53:0e:39:50:00:bb:fa:84:1a:1d:ec:38:b1:85:4b:
32:57:70:9e:09:f2:1e:c5:b8:5a:b3:a3:33:8d:ea:75:58:07:
8f:9e:55:3d:92:b1:68:38:98:d2:7c:e0:31:ad:da:ba:ee:78:
a7:c0:e3:46:b3:06:c8:f7:9a:86:f2:f7:91:04:5a:a8:19:c8:
26:ac:f8:d6:31:b0:11:cc:9d:46:f1:38:df:45:f7:ea:58:93:
98:e0:c7:6b:50:2d:34:32:d8:8f:c0:15:08:de:dd:d1:b0:33:
83:d2:6c:42:03:35:54:bd:c9:6b:63:02:68:e2:8c:f5:c1:55:
21:58:93:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK6egu8YFerS7UfNkkGEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxOWNiYjg4ZDJiMWE4OTY2NTg1MDY3Nzg2NjJlNzVjNzMy
YTY3ZTcwHhcNMjQwMTAyMTIzNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVmMDkyYWZkODhkNDUyNjA4NzVlZGM2NjNhYzIxMzhlYjI0ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCOYT8EwGfdsABF+m8KK9OaGGuLU
+vEtI2mR3/gRZWtTbHtne9aUMw766sDWhShdrQ1eeTNKjlfcfbw/krOFZWwAYrua
8auoytGWTK1cmCgRefHozNdvQEUw70cpIqGHpuq3n46HA6gMf/XIcDWLkWq+QJuc
jVeVMqIXQIjS1eRyRYXM5Sj2HBkNFANGZZVU4EfslcwgHd0oArBw0FNzmDXjGnhT
c9+sudma2ttRUVfT2rFX8I8bmNrBVNQtLiaURnu/fPnxT/SwiRjgvNtyzzzHRCq+
K8E6X3Qlkp25OQSFohGy3Vk1XgxjfzbFVvjSUJaTgu/7FGI226OXI54QXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDvCSr9iNRSYIde3GY6whOOsk6mMB8GA1UdIwQY
MBaAFOGcu4jSsaiWZYUGd4Zi51xzKmfnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYt
ZWZlYTYzZDA2ZjgwLzEvSU84Skt2MkkxRkpnaDE3Y1pqckNFNDZ5VHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYtZWZlYTYzZDA2Zjgw
LzEvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudxYMA0G
CSqGSIb3DQEBCwUAA4IBAQBstC74eapC+NaBsNL/IoXu+2q7h4mUcPiK50ZkiJdq
Q0IEpZqO2c90G8y3ZKjhxgVj0cYezgLTpxrYl9fIVEPLNYSDmzGkflwmRPuTHoQj
Au/c6F//iy7QGgGN+5ZCrLv1GEX7/uo1fYR19YiK1uAcCFcpQACP0/pCRSeWbbYC
X2pTDjlQALv6hBod7DixhUsyV3CeCfIexbhas6Mzjep1WAePnlU9krFoOJjSfOAx
rdq67ninwONGswbI95qG8veRBFqoGcgmrPjWMbARzJ1G8TjfRffqWJOY4MdrUC00
MtiPwBUI3t3RsDOD0mxCAzVUvclrYwJo4oz1wVUhWJMx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:11 2024 by rpki-client on console-ams.rpki-client.org