Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/izFJUDKQmlN_37asauMKNsHdQyA.roa
File: izFJUDKQmlN_37asauMKNsHdQyA.roa (raw, json)
Hash identifier: M6PCIIxftbKOUfsNEdsZS25r0YSe2s/GZpbNg4vCB4c=
Subject key identifier: 8B:31:49:50:32:90:9A:53:7F:DF:B6:AC:6A:E3:0A:36:C1:DD:43:20
Certificate issuer: /CN=6ce2ee84ccf56cdc00fc2caa5929279dae14888a
Certificate serial: 018CC3489F0F273A8C5D102E1F01EC6D1DF4
Authority key identifier: 6C:E2:EE:84:CC:F5:6C:DC:00:FC:2C:AA:59:29:27:9D:AE:14:88:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOLuhMz1bNwA_CyqWSknna4UiIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/izFJUDKQmlN_37asauMKNsHdQyA.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12450
IP address blocks: 185.162.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 19 Apr 2024 10:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9f:0f:27:3a:8c:5d:10:2e:1f:01:ec:6d:1d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce2ee84ccf56cdc00fc2caa5929279dae14888a
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b31495032909a537fdfb6ac6ae30a36c1dd4320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6b:5b:5a:80:76:67:d6:c0:60:dc:4d:7a:62:
53:a5:d1:29:50:7b:61:b6:18:87:dc:00:66:26:d4:
90:45:05:af:cb:9e:fb:7e:49:e2:d0:81:b0:68:16:
fd:b4:ec:a2:0f:22:83:4a:a5:cd:f8:5b:a3:aa:6c:
ba:76:c5:fb:97:12:2b:d1:97:e1:8d:70:f0:a0:89:
89:ed:e3:21:69:c4:a9:2c:1f:c3:fb:13:4e:b9:35:
ec:bb:a3:fd:ac:5b:eb:fd:87:d8:26:21:0d:6d:21:
ae:34:c5:80:09:38:33:15:41:8b:84:e7:48:ad:8a:
a5:de:0c:5d:6c:7f:03:44:ee:40:db:8e:08:d1:c8:
71:21:b5:1e:b1:ba:11:af:7a:d4:dc:06:a7:07:ca:
7b:ed:44:06:bf:2f:59:7d:4a:67:0c:99:3b:b7:41:
25:53:bf:50:55:39:10:ae:25:74:8c:10:2e:f8:32:
cb:9e:3a:50:17:d1:d0:ad:34:84:07:3a:d7:9a:cc:
ea:e4:55:26:53:4e:b2:ce:35:f3:c5:55:66:b4:31:
17:02:54:3d:24:ad:db:e7:7a:d1:cc:ab:2a:87:f8:
b6:bf:b5:aa:10:44:bf:06:18:41:0f:07:f5:1f:4a:
de:55:68:21:c4:4a:08:68:1c:11:a1:6a:a8:c3:41:
2f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:31:49:50:32:90:9A:53:7F:DF:B6:AC:6A:E3:0A:36:C1:DD:43:20
X509v3 Authority Key Identifier:
keyid:6C:E2:EE:84:CC:F5:6C:DC:00:FC:2C:AA:59:29:27:9D:AE:14:88:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOLuhMz1bNwA_CyqWSknna4UiIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/izFJUDKQmlN_37asauMKNsHdQyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.132.0/22
Signature Algorithm: sha256WithRSAEncryption
07:db:86:e4:c5:3e:22:fd:a5:ee:71:4b:d0:ae:09:84:fb:86:
26:28:be:7f:5f:5f:86:da:8a:f7:df:a4:7b:5a:91:49:8a:f4:
55:c5:d0:3d:ba:61:fa:9f:f7:89:7a:f8:3e:a2:ad:14:f7:cd:
84:59:c3:67:e3:d4:14:2b:43:72:f5:bf:74:45:51:9d:a3:45:
32:65:f8:b7:9f:73:56:20:f4:b2:4f:36:37:78:b6:04:a4:cf:
b1:16:92:61:53:ad:b5:c3:ba:7d:e7:47:c0:6d:33:5c:be:a0:
f8:a7:f4:59:c6:d2:78:b0:5d:93:28:d3:53:a3:c8:26:64:eb:
3e:c0:45:95:f2:84:0a:71:f7:7d:77:17:76:38:05:45:b1:ab:
d0:a8:c0:41:95:82:82:7d:53:9a:66:eb:2a:49:56:b2:80:be:
52:5b:0f:54:af:a5:26:ea:0c:ec:22:b2:3c:cd:4c:07:60:09:
ea:13:a6:29:ab:9f:da:75:5b:62:f0:29:5e:d9:81:1a:15:ee:
42:c9:1c:91:09:43:87:c3:9e:04:7e:bc:ca:a2:0e:ff:22:4b:
6b:f1:52:d7:51:cf:34:f4:e1:bb:5f:f6:70:eb:f6:13:79:e5:
0e:42:00:95:42:5f:63:7f:b1:08:29:21:bc:4b:47:cf:e7:1c:
25:dc:84:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJ8PJzqMXRAuHwHsbR30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTJlZTg0Y2NmNTZjZGMwMGZjMmNhYTU5MjkyNzlkYWUx
NDg4OGEwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMxNDk1MDMyOTA5YTUzN2ZkZmI2YWM2YWUzMGEzNmMxZGQ0MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWtbWoB2Z9bAYNxNemJTpdEpUHth
thiH3ABmJtSQRQWvy577fkni0IGwaBb9tOyiDyKDSqXN+Fujqmy6dsX7lxIr0Zfh
jXDwoImJ7eMhacSpLB/D+xNOuTXsu6P9rFvr/YfYJiENbSGuNMWACTgzFUGLhOdI
rYql3gxdbH8DRO5A244I0chxIbUesboRr3rU3AanB8p77UQGvy9ZfUpnDJk7t0El
U79QVTkQriV0jBAu+DLLnjpQF9HQrTSEBzrXmszq5FUmU06yzjXzxVVmtDEXAlQ9
JK3b53rRzKsqh/i2v7WqEES/BhhBDwf1H0reVWghxEoIaBwRoWqow0EvJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsxSVAykJpTf9+2rGrjCjbB3UMgMB8GA1UdIwQY
MBaAFGzi7oTM9WzcAPwsqlkpJ52uFIiKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9MdWhNejFiTndBX0N5cVdTa25uYTRVaUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83ZDZmMmYtOTg0ZC00OTYxLWE2M2It
NDk1YzZmMmM1MTczLzEvaXpGSlVES1FtbE5fMzdhc2F1TUtOc0hkUXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83ZDZmMmYtOTg0ZC00OTYxLWE2M2ItNDk1YzZmMmM1MTcz
LzEvYk9MdWhNejFiTndBX0N5cVdTa25uYTRVaUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaKEMA0G
CSqGSIb3DQEBCwUAA4IBAQAH24bkxT4i/aXucUvQrgmE+4YmKL5/X1+G2or336R7
WpFJivRVxdA9umH6n/eJevg+oq0U982EWcNn49QUK0Ny9b90RVGdo0UyZfi3n3NW
IPSyTzY3eLYEpM+xFpJhU621w7p950fAbTNcvqD4p/RZxtJ4sF2TKNNTo8gmZOs+
wEWV8oQKcfd9dxd2OAVFsavQqMBBlYKCfVOaZusqSVaygL5SWw9Ur6Um6gzsIrI8
zUwHYAnqE6Ypq5/adVti8Cle2YEaFe5CyRyRCUOHw54EfrzKog7/Iktr8VLXUc80
9OG7X/Zw6/YTeeUOQgCVQl9jf7EIKSG8S0fP5xwl3ISv
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:26:05 2025 by rpki-client