Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/1ibbX8BdFNR0MhxxeGznhbAdxzM.roa
File: 1ibbX8BdFNR0MhxxeGznhbAdxzM.roa (raw, json)
Hash identifier: x/Pep95KVjl+l4KJmm9MhXA5gIadJe1gR8B4+B29XC4=
Subject key identifier: D6:26:DB:5F:C0:5D:14:D4:74:32:1C:71:78:6C:E7:85:B0:1D:C7:33
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571155EE4192FDB1FA1795AAD6AAEEA95
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/1ibbX8BdFNR0MhxxeGznhbAdxzM.roa
Signing time: Mon 02 Jan 2023 06:05:03 +0000
ROA not before: Mon 02 Jan 2023 06:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206937
IP address blocks: 157.25.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:5e:e4:19:2f:db:1f:a1:79:5a:ad:6a:ae:ea:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d626db5fc05d14d474321c71786ce785b01dc733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:c9:95:a2:13:b0:30:5b:6c:33:4c:46:8c:
df:01:ed:99:52:ec:25:6a:21:34:f6:3a:6b:a1:0f:
2f:1d:79:ae:6e:6e:b3:ec:99:cf:64:33:98:57:e5:
96:1f:e7:81:47:2c:ce:b3:63:f1:10:1c:5e:26:93:
f9:5e:49:2a:b7:d4:bc:5f:2d:9a:99:01:66:89:c0:
94:c6:e4:18:2b:86:fa:46:12:6c:9d:00:a3:dd:a0:
0e:33:b4:d2:54:31:92:0e:ef:9b:c4:73:af:4d:5d:
58:0c:c0:e2:bd:26:73:93:4c:9b:17:ad:ba:59:b5:
de:72:07:7c:3b:4d:58:76:22:0c:7b:0a:21:51:d5:
e9:0e:c5:80:6b:7e:c4:b4:90:22:7a:b5:d5:dd:91:
85:4d:0c:27:77:7e:3b:f2:d8:b0:eb:42:e6:4c:e6:
1c:17:e0:1b:e4:66:74:f0:60:da:a8:b8:73:ff:f5:
ec:6f:15:18:a7:ac:62:78:aa:62:83:cf:1d:58:c8:
ea:26:8d:5d:57:8e:a5:14:93:74:a2:d7:1a:ac:d4:
38:64:97:3a:d1:9b:b9:b6:45:1a:25:0d:cc:b3:5a:
de:7c:c6:9b:d4:da:75:b6:07:f1:2f:74:b4:46:ea:
60:f8:3c:e3:0d:9f:ab:3b:d6:71:5d:ea:90:77:6c:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:26:DB:5F:C0:5D:14:D4:74:32:1C:71:78:6C:E7:85:B0:1D:C7:33
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/1ibbX8BdFNR0MhxxeGznhbAdxzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:9d:99:96:c1:3d:d5:24:9a:1e:48:a0:5d:9a:e6:0e:46:7c:
be:84:12:6b:9e:57:b1:23:66:86:34:ef:a2:34:5b:ad:bf:1e:
0d:b0:c0:f3:0e:f8:ae:aa:65:b7:69:c7:d2:72:f9:fe:de:c0:
50:e0:57:ce:f5:52:c0:71:11:f8:42:06:08:40:7a:0b:8d:71:
46:f4:44:a2:7a:b5:0f:96:98:54:47:d4:37:73:6a:27:3a:d6:
d6:d1:cf:11:c8:54:01:f1:f5:bd:8a:a2:c0:f5:6a:0e:70:47:
7a:23:71:cf:c0:2c:41:4c:6b:e1:a5:67:db:9f:d7:7e:09:fb:
39:fe:5d:fe:19:30:c0:56:04:f2:56:d9:f8:9b:47:a5:0b:5f:
e9:8f:22:99:a0:b3:71:df:d0:21:65:d0:0d:6a:9c:21:f3:5b:
86:a8:dc:fc:63:90:3c:a3:0e:97:35:fd:a2:74:e8:4e:58:ca:
4d:b2:f4:d4:11:32:d4:40:4b:c6:be:f3:ca:47:0f:92:c2:fb:
32:86:2d:c2:cd:ed:d4:9c:57:f6:97:ea:52:2b:1e:61:85:a1:
f1:39:fd:27:9d:ac:07:2b:12:e4:4c:5f:b7:48:d4:89:94:2a:
5b:ff:e9:ac:fd:92:5e:15:99:da:37:7d:0a:0a:54:bb:c5:f0:
38:e4:5e:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFV7kGS/bH6F5Wq1qruqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI2ZGI1ZmMwNWQxNGQ0NzQzMjFjNzE3ODZjZTc4NWIwMWRjNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+/JlaITsDBbbDNMRozfAe2ZUuwl
aiE09jproQ8vHXmubm6z7JnPZDOYV+WWH+eBRyzOs2PxEBxeJpP5Xkkqt9S8Xy2a
mQFmicCUxuQYK4b6RhJsnQCj3aAOM7TSVDGSDu+bxHOvTV1YDMDivSZzk0ybF626
WbXecgd8O01YdiIMewohUdXpDsWAa37EtJAierXV3ZGFTQwnd3478tiw60LmTOYc
F+Ab5GZ08GDaqLhz//XsbxUYp6xieKpig88dWMjqJo1dV46lFJN0otcarNQ4ZJc6
0Zu5tkUaJQ3Ms1refMab1Np1tgfxL3S0Rupg+DzjDZ+rO9ZxXeqQd2ypAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYm21/AXRTUdDIccXhs54WwHcczMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvMWliYlg4QmRGTlIwTWh4eGVHem5oYkFkeHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRmWMA0G
CSqGSIb3DQEBCwUAA4IBAQBunZmWwT3VJJoeSKBdmuYORny+hBJrnlexI2aGNO+i
NFutvx4NsMDzDviuqmW3acfScvn+3sBQ4FfO9VLAcRH4QgYIQHoLjXFG9ESierUP
lphUR9Q3c2onOtbW0c8RyFQB8fW9iqLA9WoOcEd6I3HPwCxBTGvhpWfbn9d+Cfs5
/l3+GTDAVgTyVtn4m0elC1/pjyKZoLNx39AhZdANapwh81uGqNz8Y5A8ow6XNf2i
dOhOWMpNsvTUETLUQEvGvvPKRw+Swvsyhi3Cze3UnFf2l+pSKx5hhaHxOf0nnawH
KxLkTF+3SNSJlCpb/+ms/ZJeFZnaN30KClS7xfA45F6b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org