Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/i1H1LUzCiMT-80mjV4NSkBD6NOI.roa
File: i1H1LUzCiMT-80mjV4NSkBD6NOI.roa (raw, json)
Hash identifier: kCbqphlCAmY10suDlTZF4Sfjnl9OG/fc7gFtjKSBdc0=
Subject key identifier: 8B:51:F5:2D:4C:C2:88:C4:FE:F3:49:A3:57:83:52:90:10:FA:34:E2
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6BFD42186B468748FE3D9FFD52645
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/i1H1LUzCiMT-80mjV4NSkBD6NOI.roa
Signing time: Mon 01 Jan 2024 06:29:42 +0000
ROA not before: Mon 01 Jan 2024 06:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204168
IP address blocks: 92.52.204.0/22 maxlen: 22
185.38.124.0/22 maxlen: 22
185.93.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 07 Feb 2024 08:05:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:bf:d4:21:86:b4:68:74:8f:e3:d9:ff:d5:26:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b51f52d4cc288c4fef349a35783529010fa34e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:32:b0:c7:50:2b:f3:e0:38:32:40:f4:ae:
97:1d:a7:09:ac:d4:27:cb:be:0f:95:b5:58:4a:01:
49:a5:49:40:f0:a7:84:f1:d1:a3:15:51:f8:a0:8c:
ec:0a:b1:67:da:db:75:b6:fd:f1:1b:9e:09:2c:5e:
5a:af:fb:a2:3c:36:3c:83:9d:18:47:44:31:b8:61:
93:4d:74:8a:d0:7f:02:5a:1d:2a:67:03:bb:a7:64:
ec:2b:55:ec:88:6a:aa:37:f2:2e:51:2d:af:4a:c4:
c2:a1:81:4c:d0:7c:4f:5e:fc:69:c1:3a:f5:78:19:
81:79:13:b5:71:fe:25:cf:15:62:7f:0e:81:cd:13:
35:9e:1d:83:82:f3:30:19:64:ae:2f:2b:d9:b5:52:
c1:47:f8:e8:5f:20:d7:1b:ba:91:b0:b3:0c:10:1b:
42:09:8b:7e:21:ae:15:44:3d:2c:98:f7:51:b9:ff:
12:1a:45:84:29:91:82:f4:d1:e8:88:34:65:50:0e:
45:62:4b:06:dc:7f:a6:03:ae:44:d5:22:cf:14:b7:
3f:5f:98:13:7b:37:df:e6:dc:b0:73:d9:54:28:53:
17:7d:fc:33:2c:24:02:b5:c0:a6:e2:ea:e1:4d:87:
19:63:6c:e1:99:64:a3:c5:0f:d5:07:51:35:19:2a:
f7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:51:F5:2D:4C:C2:88:C4:FE:F3:49:A3:57:83:52:90:10:FA:34:E2
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/i1H1LUzCiMT-80mjV4NSkBD6NOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.52.204.0/22
185.38.124.0/22
185.93.64.0/22
Signature Algorithm: sha256WithRSAEncryption
39:29:a3:0d:c0:1f:16:49:88:54:c6:14:7b:80:b6:f2:15:e6:
54:33:1e:7d:d9:cb:b4:b4:58:e7:56:13:86:14:f7:ca:96:3f:
10:21:b8:7c:5c:fc:7d:c7:66:55:0f:6b:f1:a9:39:88:b2:e0:
56:5f:ed:47:89:74:85:e8:bd:79:72:91:ee:35:45:a4:d1:9d:
2c:df:6d:3c:91:1f:6b:bc:8e:94:a9:90:80:90:d7:63:40:5b:
27:43:81:ea:0d:f6:79:b2:e2:be:70:27:03:98:08:7e:76:6b:
84:c1:41:62:da:f6:e7:98:50:7d:07:7d:1a:2c:90:54:88:fb:
e9:7d:db:a0:2b:b8:20:61:72:3e:96:b1:65:32:46:cd:dd:57:
5c:09:07:0b:1e:4f:61:00:61:c0:4d:df:9b:7c:66:1f:1d:e6:
85:ae:d9:8b:10:1f:7a:66:9e:b8:d3:f9:05:70:76:1c:ad:6b:
55:cd:2f:cb:0d:ef:de:19:ca:d0:1c:e0:f9:16:f3:68:de:6a:
e8:29:59:53:8f:d7:dc:cb:5e:00:5f:32:34:35:a1:d4:29:17:
e0:00:cd:4f:6b:f0:4f:dc:11:70:a5:26:20:90:8e:12:1b:55:
e9:a4:4c:a8:46:84:5b:0a:42:9d:7b:d7:79:f6:f4:94:8e:f1:
1b:03:70:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtr/UIYa0aHSP49n/1SZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjUxZjUyZDRjYzI4OGM0ZmVmMzQ5YTM1NzgzNTI5MDEwZmEzNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9YysMdQK/PgODJA9K6XHacJrNQn
y74PlbVYSgFJpUlA8KeE8dGjFVH4oIzsCrFn2tt1tv3xG54JLF5ar/uiPDY8g50Y
R0QxuGGTTXSK0H8CWh0qZwO7p2TsK1XsiGqqN/IuUS2vSsTCoYFM0HxPXvxpwTr1
eBmBeRO1cf4lzxVifw6BzRM1nh2DgvMwGWSuLyvZtVLBR/joXyDXG7qRsLMMEBtC
CYt+Ia4VRD0smPdRuf8SGkWEKZGC9NHoiDRlUA5FYksG3H+mA65E1SLPFLc/X5gT
ezff5tywc9lUKFMXffwzLCQCtcCm4urhTYcZY2zhmWSjxQ/VB1E1GSr3fwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFItR9S1MwojE/vNJo1eDUpAQ+jTiMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaTFIMUxVekNpTVQtODBtalY0TlNrQkQ2Tk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDTMAwQC
uSZ8AwQCuV1AMA0GCSqGSIb3DQEBCwUAA4IBAQA5KaMNwB8WSYhUxhR7gLbyFeZU
Mx592cu0tFjnVhOGFPfKlj8QIbh8XPx9x2ZVD2vxqTmIsuBWX+1HiXSF6L15cpHu
NUWk0Z0s3208kR9rvI6UqZCAkNdjQFsnQ4HqDfZ5suK+cCcDmAh+dmuEwUFi2vbn
mFB9B30aLJBUiPvpfdugK7ggYXI+lrFlMkbN3VdcCQcLHk9hAGHATd+bfGYfHeaF
rtmLEB96Zp640/kFcHYcrWtVzS/LDe/eGcrQHOD5FvNo3mroKVlTj9fcy14AXzI0
NaHUKRfgAM1Pa/BP3BFwpSYgkI4SG1XppEyoRoRbCkKde9d59vSUjvEbA3C9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org