Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/IyqKogxxysAFCXBCp-L5xgXb15g.roa
File: IyqKogxxysAFCXBCp-L5xgXb15g.roa (raw, json)
Hash identifier: 5g9zCRHNOExpHFifTaTgW4qgaGM9PbHekFJvVWql624=
Subject key identifier: 23:2A:8A:A2:0C:71:CA:C0:05:09:70:42:A7:E2:F9:C6:05:DB:D7:98
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01957F4D3108A355F84362053D797FA7251F
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/IyqKogxxysAFCXBCp-L5xgXb15g.roa
Signing time: Mon 10 Mar 2025 09:05:20 +0000
ROA not before: Mon 10 Mar 2025 09:05:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 217.147.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 14:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:4d:31:08:a3:55:f8:43:62:05:3d:79:7f:a7:25:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 10 09:05:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=232a8aa20c71cac005097042a7e2f9c605dbd798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ab:3e:55:0b:88:71:30:7e:10:b9:d2:55:27:
ce:45:4a:e3:0c:86:0b:e6:56:9f:71:a4:ce:6b:62:
25:4e:e0:20:0b:2d:00:73:04:8b:e4:f9:2e:11:25:
50:f1:4e:17:ad:2b:43:ca:8c:3c:55:f2:58:84:c5:
76:2c:e5:87:95:b9:e7:bb:f4:b0:c0:ed:3f:14:bc:
9e:87:90:cf:d6:28:d4:89:89:43:1a:aa:1c:cd:e7:
fc:0e:b8:86:61:ce:ce:91:21:ee:02:1f:d7:27:de:
42:0b:b6:08:20:d6:aa:18:d4:8d:a6:41:7c:b2:98:
f5:bd:98:83:eb:82:f8:ed:35:8a:40:71:0a:4c:8c:
73:5c:3b:b7:df:8a:ed:6d:77:3b:3f:2f:ef:66:42:
b1:71:1d:b0:3e:8e:00:28:c2:05:3e:83:e2:78:6c:
0e:41:6d:5c:c4:d6:a8:14:05:7f:56:3b:56:ea:f7:
dc:8f:71:78:07:8f:1c:46:5c:d0:57:27:86:9b:c9:
2f:90:9b:21:65:eb:d2:b3:a3:7b:93:e3:cf:a4:54:
bf:e9:91:af:fa:f0:8d:4d:33:64:1c:97:4d:70:dc:
69:45:bf:93:d2:fb:d7:92:97:d3:cc:0f:5d:d5:71:
64:aa:80:f8:6b:7d:1e:73:7e:4f:e7:b0:a5:35:fc:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2A:8A:A2:0C:71:CA:C0:05:09:70:42:A7:E2:F9:C6:05:DB:D7:98
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/IyqKogxxysAFCXBCp-L5xgXb15g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.12.0/22
Signature Algorithm: sha256WithRSAEncryption
11:49:9f:f3:35:40:c6:9b:9d:60:d1:3e:6c:1f:d1:bb:c5:ae:
a1:bb:96:2e:18:9c:0a:2f:62:25:dd:e3:c6:dc:77:8b:fb:a4:
03:f0:bf:a4:ba:66:53:95:f0:0c:58:b1:21:32:4e:cf:7c:1e:
62:31:fd:dd:4a:41:80:3f:0f:c7:85:93:78:dc:23:60:aa:d4:
0c:43:a4:90:7b:31:15:ba:4f:91:55:59:ea:b5:3f:9d:c3:2b:
5a:bf:1d:9f:d0:f3:fb:40:08:c8:1d:ae:e4:18:0f:69:55:68:
3a:4e:45:d0:8a:f9:f2:d6:5d:d6:66:49:12:f9:b5:f0:81:6e:
4b:68:86:c8:c8:e7:f0:01:31:91:09:25:99:75:cd:64:42:42:
d1:22:8e:d3:52:b1:49:71:d6:f6:66:af:5f:b7:24:48:02:7b:
e9:18:98:37:2b:85:97:33:01:38:c2:b6:b4:1e:ee:e4:23:a4:
5d:6a:c9:a6:d7:5c:35:93:b5:c2:58:c3:2b:af:8f:5d:1f:94:
bb:7d:19:9d:fd:71:67:ad:1e:cf:b9:80:ab:f6:c6:21:b1:8d:
d9:6e:6a:00:bb:05:de:e8:1e:17:8b:4e:93:ac:19:60:a0:25:
3b:30:6c:7b:a6:30:03:44:e0:0f:a9:b4:57:9e:7a:cd:35:71:
8d:ea:7e:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV/TTEIo1X4Q2IFPXl/pyUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMzEwMDkwNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJhOGFhMjBjNzFjYWMwMDUwOTcwNDJhN2UyZjljNjA1ZGJkNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6s+VQuIcTB+ELnSVSfORUrjDIYL
5lafcaTOa2IlTuAgCy0AcwSL5PkuESVQ8U4XrStDyow8VfJYhMV2LOWHlbnnu/Sw
wO0/FLyeh5DP1ijUiYlDGqoczef8DriGYc7OkSHuAh/XJ95CC7YIINaqGNSNpkF8
spj1vZiD64L47TWKQHEKTIxzXDu334rtbXc7Py/vZkKxcR2wPo4AKMIFPoPieGwO
QW1cxNaoFAV/VjtW6vfcj3F4B48cRlzQVyeGm8kvkJshZevSs6N7k+PPpFS/6ZGv
+vCNTTNkHJdNcNxpRb+T0vvXkpfTzA9d1XFkqoD4a30ec35P57ClNfzUNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMqiqIMccrABQlwQqfi+cYF29eYMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvSXlxS29neHh5c0FGQ1hCQ3AtTDV4Z1hiMTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZMMMA0G
CSqGSIb3DQEBCwUAA4IBAQARSZ/zNUDGm51g0T5sH9G7xa6hu5YuGJwKL2Il3ePG
3HeL+6QD8L+kumZTlfAMWLEhMk7PfB5iMf3dSkGAPw/HhZN43CNgqtQMQ6SQezEV
uk+RVVnqtT+dwytavx2f0PP7QAjIHa7kGA9pVWg6TkXQivny1l3WZkkS+bXwgW5L
aIbIyOfwATGRCSWZdc1kQkLRIo7TUrFJcdb2Zq9ftyRIAnvpGJg3K4WXMwE4wra0
Hu7kI6Rdasmm11w1k7XCWMMrr49dH5S7fRmd/XFnrR7PuYCr9sYhsY3ZbmoAuwXe
6B4Xi06TrBlgoCU7MGx7pjADROAPqbRXnnrNNXGN6n6B
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:32 2025 by rpki-client