Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/33fb90-189b-4e31-b92a-0c18d8597328/1/IvhsguSvRJBn9msutzOif8QTQGw.roa
File: IvhsguSvRJBn9msutzOif8QTQGw.roa (raw, json)
Hash identifier: lc9Q4tSAFqRYBisGAkegcvO3Q2xLC84rQKnj7W9rufU=
Subject key identifier: 22:F8:6C:82:E4:AF:44:90:67:F6:6B:2E:B7:33:A2:7F:C4:13:40:6C
Certificate issuer: /CN=af02fb56b459c7a21a79b68b4e118ab876fc96a5
Certificate serial: 018CC5DC5A65B762883034E2F17CDEC2411C
Authority key identifier: AF:02:FB:56:B4:59:C7:A2:1A:79:B6:8B:4E:11:8A:B8:76:FC:96:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwL7VrRZx6IaebaLThGKuHb8lqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/33fb90-189b-4e31-b92a-0c18d8597328/1/IvhsguSvRJBn9msutzOif8QTQGw.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39460
IP address blocks: 195.66.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5a:65:b7:62:88:30:34:e2:f1:7c:de:c2:41:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af02fb56b459c7a21a79b68b4e118ab876fc96a5
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22f86c82e4af449067f66b2eb733a27fc413406c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:d0:4b:ba:73:4e:d3:be:12:95:87:0f:02:
43:2d:ce:4e:ec:ea:ef:3e:91:e3:7a:99:f5:7d:e0:
09:c0:56:22:70:98:ac:10:35:60:c0:c9:ce:3b:64:
2c:c1:13:68:48:1e:d7:d3:b9:33:c9:9a:7c:48:36:
3e:ec:a9:c8:86:f4:0b:e2:89:88:40:bc:25:d9:90:
fe:57:dc:a8:d4:f8:23:01:70:4e:07:f4:3f:f0:0d:
c4:d9:45:c5:97:fa:84:b5:65:2f:80:4f:a2:1a:50:
2a:78:82:1a:d8:5e:7f:80:07:d8:56:0a:b3:3b:a6:
d3:fd:9c:e2:d2:e6:e5:84:54:a5:cc:c4:b5:7e:aa:
d7:0c:85:d8:e0:2c:67:90:23:41:c8:18:42:bd:e9:
9b:44:8e:04:50:a3:f5:9e:57:ad:f8:22:3a:ef:04:
ab:bb:08:a7:5b:09:85:8e:8f:55:fb:07:28:26:75:
bb:5e:6c:65:e8:77:dd:12:fc:53:2d:e5:14:0f:74:
5a:87:f0:6d:9d:84:ce:e6:68:a1:a5:c2:e0:89:80:
38:7b:57:4d:6e:fb:6b:f2:43:2e:44:72:34:e5:87:
a8:f7:f2:ff:54:93:d0:c8:0f:75:bd:73:88:38:4f:
d8:ba:03:72:a6:67:53:8e:ce:11:a5:66:7c:6c:3a:
3d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F8:6C:82:E4:AF:44:90:67:F6:6B:2E:B7:33:A2:7F:C4:13:40:6C
X509v3 Authority Key Identifier:
keyid:AF:02:FB:56:B4:59:C7:A2:1A:79:B6:8B:4E:11:8A:B8:76:FC:96:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwL7VrRZx6IaebaLThGKuHb8lqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/33fb90-189b-4e31-b92a-0c18d8597328/1/IvhsguSvRJBn9msutzOif8QTQGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/33fb90-189b-4e31-b92a-0c18d8597328/1/rwL7VrRZx6IaebaLThGKuHb8lqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.92.0/24
Signature Algorithm: sha256WithRSAEncryption
64:f6:4e:8b:92:cb:de:cc:22:a8:aa:b1:b2:5b:a0:7e:96:95:
f1:fa:72:b0:50:5e:05:06:12:25:d9:2c:74:02:00:f3:45:d0:
26:eb:7a:b1:fd:60:b5:13:6e:71:7e:d2:54:a6:e6:2d:1d:55:
5c:d9:ba:7e:26:d1:bf:83:ff:77:60:30:98:5c:ff:38:10:c3:
4a:ee:4d:03:b7:37:aa:8b:b6:0a:a9:9b:86:aa:f0:41:59:df:
89:a4:2d:d9:25:8b:05:df:b1:c0:bc:79:13:c3:ee:8b:31:7d:
e7:e5:79:db:9e:b3:08:4f:c4:16:35:f1:86:f8:d4:cd:4a:82:
7d:f5:64:37:b8:31:46:b3:f4:96:4d:2f:ca:92:69:75:46:ee:
dc:24:76:07:8f:76:e3:39:05:f8:dc:4c:a5:bd:f7:63:91:5d:
f0:79:49:07:2b:74:bd:73:36:5c:a3:b7:33:8c:5d:1f:4c:fc:
13:33:d5:53:e6:2d:38:4a:7a:44:c3:b8:f9:ec:55:e9:cf:da:
d2:2b:98:16:cf:cc:2e:bc:59:66:88:bc:ae:ec:51:fa:33:f5:
c6:4b:45:80:e7:49:37:38:48:85:89:75:80:f1:bd:ab:35:4a:
ff:0c:2f:f3:c1:6b:c3:08:d1:b8:7e:f9:71:bc:38:d6:4c:35:
71:a0:6f:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Fplt2KIMDTi8XzewkEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDJmYjU2YjQ1OWM3YTIxYTc5YjY4YjRlMTE4YWI4NzZm
Yzk2YTUwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY4NmM4MmU0YWY0NDkwNjdmNjZiMmViNzMzYTI3ZmM0MTM0MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzjQS7pzTtO+EpWHDwJDLc5O7Orv
PpHjepn1feAJwFYicJisEDVgwMnOO2QswRNoSB7X07kzyZp8SDY+7KnIhvQL4omI
QLwl2ZD+V9yo1PgjAXBOB/Q/8A3E2UXFl/qEtWUvgE+iGlAqeIIa2F5/gAfYVgqz
O6bT/Zzi0ublhFSlzMS1fqrXDIXY4CxnkCNByBhCvembRI4EUKP1nlet+CI67wSr
uwinWwmFjo9V+wcoJnW7Xmxl6HfdEvxTLeUUD3Rah/BtnYTO5mihpcLgiYA4e1dN
bvtr8kMuRHI05Yeo9/L/VJPQyA91vXOIOE/YugNypmdTjs4RpWZ8bDo9mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCL4bILkr0SQZ/ZrLrczon/EE0BsMB8GA1UdIwQY
MBaAFK8C+1a0WceiGnm2i04Rirh2/JalMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndMN1ZyUlp4NklhZWJhTFRoR0t1SGI4bHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zM2ZiOTAtMTg5Yi00ZTMxLWI5MmEt
MGMxOGQ4NTk3MzI4LzEvSXZoc2d1U3ZSSkJuOW1zdXR6T2lmOFFUUUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zM2ZiOTAtMTg5Yi00ZTMxLWI5MmEtMGMxOGQ4NTk3MzI4
LzEvcndMN1ZyUlp4NklhZWJhTFRoR0t1SGI4bHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JcMA0G
CSqGSIb3DQEBCwUAA4IBAQBk9k6LksvezCKoqrGyW6B+lpXx+nKwUF4FBhIl2Sx0
AgDzRdAm63qx/WC1E25xftJUpuYtHVVc2bp+JtG/g/93YDCYXP84EMNK7k0Dtzeq
i7YKqZuGqvBBWd+JpC3ZJYsF37HAvHkTw+6LMX3n5XnbnrMIT8QWNfGG+NTNSoJ9
9WQ3uDFGs/SWTS/Kkml1Ru7cJHYHj3bjOQX43EylvfdjkV3weUkHK3S9czZco7cz
jF0fTPwTM9VT5i04SnpEw7j57FXpz9rSK5gWz8wuvFlmiLyu7FH6M/XGS0WA50k3
OEiFiXWA8b2rNUr/DC/zwWvDCNG4fvlxvDjWTDVxoG84
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:54 2025 by rpki-client