Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/IQ9mkXsk_VOOFgsv0t7hacRUbKA.roa
File: IQ9mkXsk_VOOFgsv0t7hacRUbKA.roa (raw, json)
Hash identifier: qwhUX4sWkekXHdNCZorv7/myQdgQ4C6MzSsXdZ5LuRo=
Subject key identifier: 21:0F:66:91:7B:24:FD:53:8E:16:0B:2F:D2:DE:E1:69:C4:54:6C:A0
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018CC64A7350EFD8D4A7EA0FE05532B2FF43
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/IQ9mkXsk_VOOFgsv0t7hacRUbKA.roa
Signing time: Mon 01 Jan 2024 18:30:17 +0000
ROA not before: Mon 01 Jan 2024 18:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 158
IP address blocks: 194.237.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:73:50:ef:d8:d4:a7:ea:0f:e0:55:32:b2:ff:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 18:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=210f66917b24fd538e160b2fd2dee169c4546ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d1:1f:ad:2b:6d:ee:d9:24:e7:2c:2f:07:fc:
ee:c7:f7:69:85:06:91:6b:40:4c:83:e9:38:76:f8:
8f:b6:b1:5a:ca:95:67:0a:fd:50:ba:e6:40:9e:f7:
b4:e0:0c:11:ba:0f:0b:50:7e:bc:be:d7:a6:49:5e:
2f:40:79:56:4e:ff:9a:26:2d:e5:3e:f4:5d:4e:f3:
17:c6:ff:b0:59:29:e4:94:4e:bd:19:94:18:63:f6:
19:07:b0:66:5f:4c:3b:4a:f3:07:f5:ab:97:29:d9:
97:3c:b1:b2:ea:f7:2d:9e:0e:ee:5a:57:69:f1:19:
7f:27:9e:18:02:3d:e4:35:0a:35:d2:f8:56:7c:9f:
5a:dc:19:34:7f:cb:af:e6:e3:8b:90:a3:f6:d3:1e:
22:d6:6b:bf:9d:64:c0:22:f9:2d:f8:b8:f6:14:cd:
ba:da:22:a4:75:82:f6:b5:20:7d:8b:35:aa:01:f0:
81:35:f0:99:2e:5b:3a:43:86:98:94:b5:88:b3:92:
12:40:9d:87:6a:64:08:f8:73:6b:33:62:02:50:6c:
2f:41:66:87:a5:73:15:3d:e8:b9:ce:14:bf:cc:68:
0a:58:d5:8c:a9:3b:8d:c6:84:e0:3a:ec:aa:ca:84:
8a:af:64:47:a9:9e:01:3d:b4:1d:d0:0e:5a:ab:4b:
8f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0F:66:91:7B:24:FD:53:8E:16:0B:2F:D2:DE:E1:69:C4:54:6C:A0
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/IQ9mkXsk_VOOFgsv0t7hacRUbKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.237.142.0/24
Signature Algorithm: sha256WithRSAEncryption
36:40:39:fa:16:1e:6f:0d:69:6a:ee:3b:b2:e7:b5:e4:b0:18:
25:e6:0b:fa:39:a2:99:92:62:dd:7f:05:6f:cc:82:ee:38:b1:
8c:ef:3b:54:6e:71:b6:a1:30:7f:46:9b:4d:f9:8b:c0:ff:4e:
45:2f:10:dd:0d:38:b6:25:84:42:5f:85:75:c0:30:c2:b3:75:
e7:e3:45:4d:d3:16:5c:a8:f6:5b:e9:ad:2d:88:09:24:98:be:
38:59:04:16:3c:fa:ae:cf:ed:11:ee:45:91:ad:77:fe:9b:c2:
69:52:59:be:72:ba:c6:4e:13:10:90:ef:2c:db:df:ec:ba:cb:
2a:b0:bf:0f:dc:df:91:e8:d8:2a:a3:94:3b:d4:b3:a4:fd:97:
da:eb:b4:e9:15:17:b0:7b:08:e2:ee:cd:d9:9f:35:78:86:db:
af:d2:bf:b8:1d:e8:ff:51:40:ec:6c:48:4b:28:93:2c:92:3f:
b9:9f:0e:6e:b7:09:c9:55:06:d6:22:72:d0:55:99:10:b6:25:
98:ce:31:13:84:05:f4:80:b4:58:45:67:59:39:f2:6a:97:30:
69:22:f9:e1:9f:a5:d3:d7:48:0d:4f:0e:14:f3:a1:7f:d4:32:
44:e2:74:46:5b:d5:19:f6:08:b6:a2:36:15:6b:a9:14:57:cb:
8d:83:ab:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSnNQ79jUp+oP4FUysv9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwMTAxMTgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBmNjY5MTdiMjRmZDUzOGUxNjBiMmZkMmRlZTE2OWM0NTQ2Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntEfrStt7tkk5ywvB/zux/dphQaR
a0BMg+k4dviPtrFaypVnCv1QuuZAnve04AwRug8LUH68vtemSV4vQHlWTv+aJi3l
PvRdTvMXxv+wWSnklE69GZQYY/YZB7BmX0w7SvMH9auXKdmXPLGy6vctng7uWldp
8Rl/J54YAj3kNQo10vhWfJ9a3Bk0f8uv5uOLkKP20x4i1mu/nWTAIvkt+Lj2FM26
2iKkdYL2tSB9izWqAfCBNfCZLls6Q4aYlLWIs5ISQJ2HamQI+HNrM2ICUGwvQWaH
pXMVPei5zhS/zGgKWNWMqTuNxoTgOuyqyoSKr2RHqZ4BPbQd0A5aq0uPNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEPZpF7JP1TjhYLL9Le4WnEVGygMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvSVE5bWtYc2tfVk9PRmdzdjB0N2hhY1JVYktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwu2OMA0G
CSqGSIb3DQEBCwUAA4IBAQA2QDn6Fh5vDWlq7juy57XksBgl5gv6OaKZkmLdfwVv
zILuOLGM7ztUbnG2oTB/RptN+YvA/05FLxDdDTi2JYRCX4V1wDDCs3Xn40VN0xZc
qPZb6a0tiAkkmL44WQQWPPquz+0R7kWRrXf+m8JpUlm+crrGThMQkO8s29/sussq
sL8P3N+R6Ngqo5Q71LOk/Zfa67TpFRewewji7s3ZnzV4htuv0r+4Hej/UUDsbEhL
KJMskj+5nw5utwnJVQbWInLQVZkQtiWYzjEThAX0gLRYRWdZOfJqlzBpIvnhn6XT
10gNTw4U86F/1DJE4nRGW9UZ9gi2ojYVa6kUV8uNg6sf
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:16 2025 by rpki-client