Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1a09bb-01de-4be5-bce1-908648a20bc8/1/ikYdLc0hUOEmgtagAIC5bUJ0DlU.roa
File: ikYdLc0hUOEmgtagAIC5bUJ0DlU.roa (raw, json)
Hash identifier: GXSmBMt93j9Y2+A/gh8l44V6TJ/tphQrcRJ1RO2VLzU=
Subject key identifier: 8A:46:1D:2D:CD:21:50:E1:26:82:D6:A0:00:80:B9:6D:42:74:0E:55
Certificate issuer: /CN=d776ae09ab1bc94ace83fa6fd36ac522867b92ea
Certificate serial: 018CC7953B2E43EF5F16F64E4ED06F13DC01
Authority key identifier: D7:76:AE:09:AB:1B:C9:4A:CE:83:FA:6F:D3:6A:C5:22:86:7B:92:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13auCasbyUrOg_pv02rFIoZ7kuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1a09bb-01de-4be5-bce1-908648a20bc8/1/ikYdLc0hUOEmgtagAIC5bUJ0DlU.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202431
IP address blocks: 195.90.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3b:2e:43:ef:5f:16:f6:4e:4e:d0:6f:13:dc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d776ae09ab1bc94ace83fa6fd36ac522867b92ea
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a461d2dcd2150e12682d6a00080b96d42740e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:65:56:c6:43:40:29:d1:e8:b8:42:cf:dd:71:
60:16:d7:53:06:80:f3:35:17:78:1b:c1:df:4f:4f:
65:56:2a:f0:c1:48:17:51:76:fb:8b:01:33:96:ff:
d3:17:9d:26:4e:f7:49:86:c5:ec:be:81:db:fb:80:
53:34:41:07:2e:39:3f:25:75:55:4c:3a:5f:62:fa:
14:53:43:d1:17:1b:1a:1d:ba:17:e8:86:d3:af:fb:
0f:99:1c:2b:85:e7:94:8d:30:e0:94:fa:f3:ee:10:
33:80:db:ea:34:1d:76:84:a8:5e:47:cb:58:fd:11:
54:c0:b2:dd:0e:4a:7f:5f:32:b5:ec:78:a5:75:17:
62:5b:9a:a2:05:49:af:4c:a1:4d:c8:aa:02:48:94:
ad:d2:38:e1:0c:94:89:c3:a0:bf:90:b4:6e:b8:22:
64:5f:24:3a:69:db:c8:62:9e:c3:e0:a4:e3:6c:eb:
a8:3f:14:37:57:08:9f:b2:08:77:10:75:60:c4:ba:
38:da:e4:b2:d8:60:53:c2:57:09:02:f4:45:83:8a:
c4:0e:e4:21:01:ba:43:02:26:1c:36:fd:17:21:ef:
9a:5c:1d:5d:0a:2f:e8:70:f6:2c:a4:8d:ce:af:76:
b9:0b:f9:9b:ab:7a:9c:9f:17:51:89:e2:dc:a1:97:
21:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:46:1D:2D:CD:21:50:E1:26:82:D6:A0:00:80:B9:6D:42:74:0E:55
X509v3 Authority Key Identifier:
keyid:D7:76:AE:09:AB:1B:C9:4A:CE:83:FA:6F:D3:6A:C5:22:86:7B:92:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13auCasbyUrOg_pv02rFIoZ7kuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1a09bb-01de-4be5-bce1-908648a20bc8/1/ikYdLc0hUOEmgtagAIC5bUJ0DlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1a09bb-01de-4be5-bce1-908648a20bc8/1/13auCasbyUrOg_pv02rFIoZ7kuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.102.0/23
Signature Algorithm: sha256WithRSAEncryption
73:f3:42:c5:dd:0d:db:8a:58:38:a6:1e:73:50:f1:2f:d5:24:
85:08:f0:4f:88:d7:44:d7:5e:d8:78:31:b2:df:af:74:20:c7:
1e:fd:2b:c1:4b:2a:50:16:db:1a:c7:a1:9b:e7:cb:a7:79:9f:
f6:7c:2d:79:9b:6d:46:ca:dd:f0:61:07:02:65:69:a2:61:8f:
74:a7:7a:b3:0a:66:ff:36:14:dd:83:55:1d:7b:2a:60:19:0a:
b2:e4:62:15:1c:4f:f9:bb:a7:b5:91:07:90:3d:43:7e:c7:84:
6f:ab:5a:3f:83:2d:32:4d:6a:84:c4:39:5a:e7:fa:25:8e:31:
b3:61:45:d4:ce:08:7b:b9:f9:29:51:be:31:08:a8:cb:fd:a9:
b0:f0:bd:5f:06:dc:10:31:bd:fc:54:4a:91:1a:58:e7:ae:20:
88:91:50:4d:d5:31:ec:b2:9f:ee:a2:be:64:0a:58:4f:bd:fa:
36:dd:59:b2:20:60:46:4e:9b:3c:1c:72:96:bc:bc:dd:ee:bd:
85:cd:d8:59:01:e7:ee:a1:a2:63:c7:ad:26:5d:80:d5:b0:03:
b6:a7:57:b0:8d:80:6a:af:48:68:06:18:2a:49:3a:7e:cb:b0:
51:9e:b5:f8:c9:49:9a:09:62:93:c1:ba:e2:05:49:2c:78:4d:
76:70:4c:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlTsuQ+9fFvZOTtBvE9wBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NzZhZTA5YWIxYmM5NGFjZTgzZmE2ZmQzNmFjNTIyODY3
YjkyZWEwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ2MWQyZGNkMjE1MGUxMjY4MmQ2YTAwMDgwYjk2ZDQyNzQwZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWVWxkNAKdHouELP3XFgFtdTBoDz
NRd4G8HfT09lVirwwUgXUXb7iwEzlv/TF50mTvdJhsXsvoHb+4BTNEEHLjk/JXVV
TDpfYvoUU0PRFxsaHboX6IbTr/sPmRwrheeUjTDglPrz7hAzgNvqNB12hKheR8tY
/RFUwLLdDkp/XzK17HildRdiW5qiBUmvTKFNyKoCSJSt0jjhDJSJw6C/kLRuuCJk
XyQ6advIYp7D4KTjbOuoPxQ3Vwifsgh3EHVgxLo42uSy2GBTwlcJAvRFg4rEDuQh
AbpDAiYcNv0XIe+aXB1dCi/ocPYspI3Or3a5C/mbq3qcnxdRieLcoZchXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpGHS3NIVDhJoLWoACAuW1CdA5VMB8GA1UdIwQY
MBaAFNd2rgmrG8lKzoP6b9NqxSKGe5LqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNhdUNhc2J5VXJPZ19wdjAyckZJb1o3a3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYTA5YmItMDFkZS00YmU1LWJjZTEt
OTA4NjQ4YTIwYmM4LzEvaWtZZExjMGhVT0VtZ3RhZ0FJQzViVUowRGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYTA5YmItMDFkZS00YmU1LWJjZTEtOTA4NjQ4YTIwYmM4
LzEvMTNhdUNhc2J5VXJPZ19wdjAyckZJb1o3a3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1pmMA0G
CSqGSIb3DQEBCwUAA4IBAQBz80LF3Q3bilg4ph5zUPEv1SSFCPBPiNdE117YeDGy
3690IMce/SvBSypQFtsax6Gb58uneZ/2fC15m21Gyt3wYQcCZWmiYY90p3qzCmb/
NhTdg1UdeypgGQqy5GIVHE/5u6e1kQeQPUN+x4Rvq1o/gy0yTWqExDla5/oljjGz
YUXUzgh7ufkpUb4xCKjL/amw8L1fBtwQMb38VEqRGljnriCIkVBN1THssp/uor5k
ClhPvfo23VmyIGBGTps8HHKWvLzd7r2FzdhZAefuoaJjx60mXYDVsAO2p1ewjYBq
r0hoBhgqSTp+y7BRnrX4yUmaCWKTwbriBUkseE12cEyR
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:22 2025 by rpki-client