Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/1IXSAmjacdFd6gumHmkScL3SCco.roa
File: 1IXSAmjacdFd6gumHmkScL3SCco.roa (raw, json)
Hash identifier: WKknGhb1u0Elfl9M6tE0Ox2mh3oi2eKWVuGYATf+T6g=
Subject key identifier: D4:85:D2:02:68:DA:71:D1:5D:EA:0B:A6:1E:69:12:70:BD:D2:09:CA
Certificate issuer: /CN=69a51d445b767ab9b6627702e4a2b3904d203f77
Certificate serial: 018CC56E99FF9C3CC0EC9258211DA270A30D
Authority key identifier: 69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/1IXSAmjacdFd6gumHmkScL3SCco.roa
Signing time: Mon 01 Jan 2024 14:30:09 +0000
ROA not before: Mon 01 Jan 2024 14:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 193.134.200.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:99:ff:9c:3c:c0:ec:92:58:21:1d:a2:70:a3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a51d445b767ab9b6627702e4a2b3904d203f77
Validity
Not Before: Jan 1 14:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d485d20268da71d15dea0ba61e691270bdd209ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ee:43:60:cd:1d:d2:f7:cf:0c:8c:04:0d:12:
7d:3f:8d:37:36:fd:58:cf:47:b0:52:8c:7c:f0:bd:
9f:ec:c4:89:e1:30:89:94:63:af:16:9a:f8:9c:fd:
77:65:d7:14:06:86:be:80:09:30:4c:dd:09:1e:61:
1e:3e:24:0d:de:e6:e1:06:a9:e4:d9:69:ea:93:14:
1e:e4:fd:8c:57:6e:bc:a5:24:82:92:26:64:8c:d5:
ff:4a:60:c1:b3:d7:49:37:9d:e7:18:b7:6f:0d:25:
91:26:ea:12:c5:9c:16:bd:90:a8:79:02:f6:eb:c1:
94:6a:2c:15:e4:76:bd:cd:84:04:7b:8b:12:c4:c4:
dc:9f:ac:ab:53:c3:b2:a8:3b:f6:b3:b4:b2:e0:8e:
c4:42:c7:1a:98:c5:9f:b3:78:7c:ce:81:55:92:c8:
85:c9:75:eb:03:6b:70:4a:a9:da:04:86:58:15:6e:
fb:57:18:7a:b7:ac:b9:3d:e8:c6:50:f8:32:f2:ef:
3f:e5:f5:03:92:76:18:38:b4:12:13:3e:95:5f:fa:
09:3a:87:7e:ba:8c:5f:73:37:46:d7:76:2d:10:c2:
19:70:95:c5:f8:87:70:e8:29:05:ea:6d:67:09:ad:
db:21:37:d1:ef:f1:d5:95:03:f3:dc:89:b9:b5:f9:
5c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:85:D2:02:68:DA:71:D1:5D:EA:0B:A6:1E:69:12:70:BD:D2:09:CA
X509v3 Authority Key Identifier:
keyid:69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/1IXSAmjacdFd6gumHmkScL3SCco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.200.0/21
Signature Algorithm: sha256WithRSAEncryption
14:d1:f4:54:ff:23:2d:d0:5f:17:4c:3a:76:e8:31:ec:2b:e3:
76:57:93:68:8d:13:7b:1d:6f:14:ab:31:2a:85:29:2b:55:27:
b7:87:db:cf:a7:cd:9f:65:a6:f6:c9:47:d0:22:1a:f9:de:4a:
8d:6d:2e:df:fc:19:59:e7:a0:4e:22:b6:5a:c0:cf:fe:f8:44:
94:f3:f8:53:42:6b:85:e6:2f:0f:83:8a:91:1f:38:a4:45:57:
a0:26:ab:ee:ea:b9:2e:09:c9:63:9e:ce:38:6a:4f:59:92:d8:
e2:3f:8f:84:26:e3:d1:67:93:05:2c:6c:1d:18:cd:5e:fb:76:
7d:78:dc:34:7a:fc:65:d5:8c:18:29:75:3f:a4:90:41:7a:45:
46:b1:64:92:c0:cb:bc:5a:95:de:af:b1:39:ac:a5:bf:60:a8:
d5:d8:72:13:64:a9:b9:65:ad:28:c7:f9:9b:7d:8b:c7:18:23:
1b:2f:eb:37:e6:68:ae:e9:e0:d3:a2:ad:7a:fe:94:c4:1a:97:
d2:03:72:d2:fc:ed:83:01:1d:df:a8:b2:5b:18:5e:71:3f:9d:
3b:e4:69:9d:77:6c:16:0a:c6:11:06:f5:ac:40:46:f6:71:f8:
c5:ca:b7:5e:35:76:30:1a:51:3a:6a:cc:95:01:d1:1f:2a:33:
4b:c4:79:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbpn/nDzA7JJYIR2icKMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTUxZDQ0NWI3NjdhYjliNjYyNzcwMmU0YTJiMzkwNGQy
MDNmNzcwHhcNMjQwMTAxMTQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg1ZDIwMjY4ZGE3MWQxNWRlYTBiYTYxZTY5MTI3MGJkZDIwOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu5DYM0d0vfPDIwEDRJ9P403Nv1Y
z0ewUox88L2f7MSJ4TCJlGOvFpr4nP13ZdcUBoa+gAkwTN0JHmEePiQN3ubhBqnk
2WnqkxQe5P2MV268pSSCkiZkjNX/SmDBs9dJN53nGLdvDSWRJuoSxZwWvZCoeQL2
68GUaiwV5Ha9zYQEe4sSxMTcn6yrU8OyqDv2s7Sy4I7EQscamMWfs3h8zoFVksiF
yXXrA2twSqnaBIZYFW77Vxh6t6y5PejGUPgy8u8/5fUDknYYOLQSEz6VX/oJOod+
uoxfczdG13YtEMIZcJXF+Idw6CkF6m1nCa3bITfR7/HVlQPz3Im5tflcWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSF0gJo2nHRXeoLph5pEnC90gnKMB8GA1UdIwQY
MBaAFGmlHURbdnq5tmJ3AuSis5BNID93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDkt
NzA1MjBlYTc2MzY5LzEvMUlYU0FtamFjZEZkNmd1bUhta1NjTDNTQ2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDktNzA1MjBlYTc2MzY5
LzEvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYbIMA0G
CSqGSIb3DQEBCwUAA4IBAQAU0fRU/yMt0F8XTDp26DHsK+N2V5NojRN7HW8UqzEq
hSkrVSe3h9vPp82fZab2yUfQIhr53kqNbS7f/BlZ56BOIrZawM/++ESU8/hTQmuF
5i8Pg4qRHzikRVegJqvu6rkuCcljns44ak9ZktjiP4+EJuPRZ5MFLGwdGM1e+3Z9
eNw0evxl1YwYKXU/pJBBekVGsWSSwMu8WpXer7E5rKW/YKjV2HITZKm5Za0ox/mb
fYvHGCMbL+s35miu6eDToq16/pTEGpfSA3LS/O2DAR3fqLJbGF5xP5075Gmdd2wW
CsYRBvWsQEb2cfjFyrdeNXYwGlE6asyVAdEfKjNLxHli
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:56 2025 by rpki-client