Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IgHdX8d2X3UIch2mx3hKc9Peqeg.roa
File: IgHdX8d2X3UIch2mx3hKc9Peqeg.roa (raw, json)
Hash identifier: p2rJ6SQhJp8bVDJHXZhJwLEheBisT6ndFOQvpT2UCj8=
Subject key identifier: 22:01:DD:5F:C7:76:5F:75:08:72:1D:A6:C7:78:4A:73:D3:DE:A9:E8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019391034265C1DDF317870968712EE89F12
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IgHdX8d2X3UIch2mx3hKc9Peqeg.roa
Signing time: Wed 04 Dec 2024 09:32:10 +0000
ROA not before: Wed 04 Dec 2024 09:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199902
IP address blocks: 192.36.83.0/24 maxlen: 24
192.36.97.0/24 maxlen: 24
192.71.188.0/24 maxlen: 24
192.71.190.0/24 maxlen: 24
192.71.191.0/24 maxlen: 24
192.121.3.0/24 maxlen: 24
192.121.120.0/24 maxlen: 24
2a01:280:301::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:03:42:65:c1:dd:f3:17:87:09:68:71:2e:e8:9f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 4 09:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2201dd5fc7765f7508721da6c7784a73d3dea9e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a6:a4:f3:06:eb:44:a8:b8:eb:06:ea:ba:eb:
2c:b3:d2:18:9e:5d:dc:61:21:64:ce:a2:ff:27:fa:
b8:c4:25:3f:7f:66:46:91:8a:0a:fc:f5:ea:5b:d1:
57:b2:7a:61:69:0f:33:bd:c4:6f:00:ca:87:8a:bc:
5e:a6:0c:eb:c9:6b:c9:1a:c6:e4:22:65:3e:c2:e5:
5a:eb:78:43:e0:4d:a9:47:89:d4:67:bd:9c:ba:3d:
74:bf:0e:cb:c9:b1:df:03:63:1f:c9:03:48:8b:c0:
ec:8a:c7:e0:e3:ff:ba:cc:3d:a0:7d:5b:7b:01:c7:
cf:5e:8d:21:7c:76:01:08:84:14:c8:1d:d0:77:77:
96:fe:7b:62:71:2b:93:3f:f9:6e:de:0a:dc:f9:be:
11:8f:49:17:eb:0f:df:24:9f:37:5c:59:00:a2:25:
dd:18:e5:06:73:18:88:7d:29:7b:57:cc:6f:2c:88:
b1:c5:cb:ae:f1:6e:84:c2:36:42:05:58:1f:87:6b:
68:3d:3c:f4:27:81:d9:4f:57:40:f5:e0:99:a9:03:
87:6c:b8:a9:d8:b8:51:6d:01:46:c4:de:66:f3:eb:
f8:79:4c:3a:a2:4a:4f:74:6c:9c:c3:91:75:f2:4f:
24:be:2f:80:13:3b:83:0e:ec:0c:1e:a7:f0:6c:9c:
88:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:01:DD:5F:C7:76:5F:75:08:72:1D:A6:C7:78:4A:73:D3:DE:A9:E8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IgHdX8d2X3UIch2mx3hKc9Peqeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.83.0/24
192.36.97.0/24
192.71.188.0/24
192.71.190.0/23
192.121.3.0/24
192.121.120.0/24
IPv6:
2a01:280:301::/48
Signature Algorithm: sha256WithRSAEncryption
c7:ad:24:32:84:ed:29:64:35:9e:e4:2d:f3:f7:b5:98:85:02:
fa:c4:ec:72:b6:d1:c5:ad:77:83:5a:31:81:c1:8a:45:88:71:
6b:5c:1a:a1:3c:6c:6f:45:86:ab:fc:7f:7b:e9:9b:22:12:03:
82:02:4e:3a:1a:48:9d:06:cd:9b:b5:78:db:d9:3f:ca:8c:44:
5d:24:96:eb:34:b7:7e:f7:e0:d0:8c:25:1b:26:31:bf:16:df:
b9:bc:8f:af:91:4e:48:56:c4:fc:a5:3c:af:75:3d:28:51:e9:
c0:c1:79:36:86:67:97:b7:c6:c2:d1:71:1c:80:11:bb:f2:0b:
02:47:44:d2:1c:6a:ea:ca:59:3d:f7:51:63:58:27:ac:c2:d1:
a1:44:86:b6:96:52:00:62:61:63:01:70:3c:78:61:de:d3:5a:
db:da:a6:43:2a:60:44:6f:52:30:93:19:2d:23:8d:c4:4f:94:
e2:eb:a7:a1:1d:5a:15:01:df:90:c4:34:52:3a:75:54:fb:49:
9e:b4:71:d3:89:7e:43:67:46:06:47:0a:1c:6c:61:a1:13:7b:
4f:76:fb:c4:d2:fa:e9:0b:34:f2:8b:6a:9d:19:f5:81:48:0d:
6d:70:4f:bd:63:4d:61:03:01:bb:00:71:2e:12:a9:58:b9:d7:
1c:5a:01:d1
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZORA0Jlwd3zF4cJaHEu6J8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMjA0MDkzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjAxZGQ1ZmM3NzY1Zjc1MDg3MjFkYTZjNzc4NGE3M2QzZGVhOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qak8wbrRKi46wbquusss9IYnl3c
YSFkzqL/J/q4xCU/f2ZGkYoK/PXqW9FXsnphaQ8zvcRvAMqHirxepgzryWvJGsbk
ImU+wuVa63hD4E2pR4nUZ72cuj10vw7LybHfA2MfyQNIi8Dsisfg4/+6zD2gfVt7
AcfPXo0hfHYBCIQUyB3Qd3eW/nticSuTP/lu3grc+b4Rj0kX6w/fJJ83XFkAoiXd
GOUGcxiIfSl7V8xvLIixxcuu8W6EwjZCBVgfh2toPTz0J4HZT1dA9eCZqQOHbLip
2LhRbQFGxN5m8+v4eUw6okpPdGycw5F18k8kvi+AEzuDDuwMHqfwbJyIWwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCIB3V/Hdl91CHIdpsd4SnPT3qnoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSWdIZFg4ZDJYM1VJY2gybXgzaEtjOVBlcWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAwCRTAwQA
wCRhAwQAwEe8AwQBwEe+AwQAwHkDAwQAwHl4MA8EAgACMAkDBwAqAQKAAwEwDQYJ
KoZIhvcNAQELBQADggEBAMetJDKE7SlkNZ7kLfP3tZiFAvrE7HK20cWtd4NaMYHB
ikWIcWtcGqE8bG9Fhqv8f3vpmyISA4ICTjoaSJ0GzZu1eNvZP8qMRF0klus0t373
4NCMJRsmMb8W37m8j6+RTkhWxPylPK91PShR6cDBeTaGZ5e3xsLRcRyAEbvyCwJH
RNIcaurKWT33UWNYJ6zC0aFEhraWUgBiYWMBcDx4Yd7TWtvapkMqYERvUjCTGS0j
jcRPlOLrp6EdWhUB35DENFI6dVT7SZ60cdOJfkNnRgZHChxsYaETe092+8TS+ukL
NPKLap0Z9YFIDW1wT71jTWEDAbsAcS4SqVi51xxaAdE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:59 2025 by rpki-client