Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/iJlX-PzIorf82sxh0Yz4BKag2yk.roa
File: iJlX-PzIorf82sxh0Yz4BKag2yk.roa (raw, json)
Hash identifier: q38LdSwVNh/EiaZdPIYrqERuusKZVZTObSRnc/SvBR4=
Subject key identifier: 88:99:57:F8:FC:C8:A2:B7:FC:DA:CC:61:D1:8C:F8:04:A6:A0:DB:29
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0193863F85624FAC7BEADAC0A92162BEBF8F
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/iJlX-PzIorf82sxh0Yz4BKag2yk.roa
Signing time: Mon 02 Dec 2024 07:22:09 +0000
ROA not before: Mon 02 Dec 2024 07:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215579
IP address blocks: 152.89.194.0/23 maxlen: 23
152.89.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 09:12:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:3f:85:62:4f:ac:7b:ea:da:c0:a9:21:62:be:bf:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Dec 2 07:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=889957f8fcc8a2b7fcdacc61d18cf804a6a0db29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e5:03:2f:29:eb:e6:d3:b9:76:84:03:a9:96:
ce:e9:09:61:5d:ef:94:ac:97:4d:08:90:6c:16:d0:
d9:54:12:58:bf:8f:3a:9e:74:31:87:40:cf:54:99:
de:32:68:48:03:e9:53:5a:26:88:a8:2c:d2:03:92:
d3:47:5b:40:a4:9d:de:7c:ef:52:39:dc:6b:de:d7:
8c:e2:9d:b4:10:91:44:0b:3a:d6:7e:8e:53:f4:4f:
09:28:c7:22:2c:a7:5f:c3:69:a9:d3:bb:be:cf:47:
8e:93:1f:cb:f5:75:f0:35:09:f4:ed:ca:97:be:69:
c8:c0:91:1b:ff:e3:9e:1c:e4:eb:60:7d:67:3c:95:
9d:c4:97:1f:bf:76:46:37:4e:b5:bd:ae:51:ba:a3:
6b:cb:6c:d1:52:25:4f:05:d1:70:5a:52:5b:f8:e0:
20:93:19:75:7f:0f:f9:3c:ef:74:a2:cb:72:a8:e9:
70:98:90:31:25:e5:6b:75:f5:f5:08:1b:c5:37:1e:
e5:ce:d3:79:7d:ed:62:2d:60:5c:cb:fc:85:86:7e:
29:9f:09:1c:26:61:38:d1:ae:06:33:93:fb:18:68:
63:a9:ea:f0:ca:31:f4:7a:f3:36:71:07:12:b2:c4:
1f:da:fe:25:fa:1f:4a:75:6d:e7:49:bd:0a:ac:67:
53:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:99:57:F8:FC:C8:A2:B7:FC:DA:CC:61:D1:8C:F8:04:A6:A0:DB:29
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/iJlX-PzIorf82sxh0Yz4BKag2yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/23
Signature Algorithm: sha256WithRSAEncryption
59:63:32:df:02:25:32:84:93:71:b5:b9:29:09:87:07:85:3d:
71:4d:b5:3b:fd:9d:2c:5c:b7:01:92:a9:ff:8a:c6:f5:56:77:
6f:22:e3:7b:dc:0d:5d:58:f6:96:8c:58:bf:70:b0:74:d7:2c:
04:35:74:79:02:9a:78:95:29:3e:9b:c1:2b:c6:11:be:b5:ff:
fa:20:11:19:3e:3d:07:93:f6:e1:d8:12:bd:36:df:8a:7c:e3:
8e:f6:27:ab:29:76:59:f6:62:48:75:f6:9c:d0:1a:33:b8:35:
6a:02:ac:96:20:e0:70:ed:20:a5:3d:2b:0c:54:1f:3a:46:76:
16:26:69:12:2b:fd:e5:ca:fd:5a:14:07:1d:c4:27:6f:83:96:
08:dc:96:47:b7:bb:f7:91:12:16:9d:a1:d7:39:01:0f:97:ec:
6b:8d:19:85:83:ac:e4:0e:e4:9f:2e:e6:2f:df:87:39:5f:ba:
4d:5e:19:eb:b7:f8:90:9a:69:b5:57:f8:de:40:cc:5a:ca:cf:
a4:0e:f7:ba:41:47:76:25:1c:04:5f:0e:75:62:fe:84:84:a1:
20:11:ce:af:37:22:60:99:41:72:ee:a1:d6:64:42:da:35:24:
3d:a6:15:ba:69:cc:c9:80:27:0c:69:2b:19:68:d7:5b:b3:30:
f5:42:81:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOGP4ViT6x76trAqSFivr+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQxMjAyMDcyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODk5NTdmOGZjYzhhMmI3ZmNkYWNjNjFkMThjZjgwNGE2YTBkYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuUDLynr5tO5doQDqZbO6QlhXe+U
rJdNCJBsFtDZVBJYv486nnQxh0DPVJneMmhIA+lTWiaIqCzSA5LTR1tApJ3efO9S
Odxr3teM4p20EJFECzrWfo5T9E8JKMciLKdfw2mp07u+z0eOkx/L9XXwNQn07cqX
vmnIwJEb/+OeHOTrYH1nPJWdxJcfv3ZGN061va5RuqNry2zRUiVPBdFwWlJb+OAg
kxl1fw/5PO90ostyqOlwmJAxJeVrdfX1CBvFNx7lztN5fe1iLWBcy/yFhn4pnwkc
JmE40a4GM5P7GGhjqerwyjH0evM2cQcSssQf2v4l+h9KdW3nSb0KrGdTXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiZV/j8yKK3/NrMYdGM+ASmoNspMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvaUpsWC1QeklvcmY4MnN4aDBZejRCS2FnMnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQBZYzLfAiUyhJNxtbkpCYcHhT1xTbU7/Z0sXLcBkqn/
isb1VndvIuN73A1dWPaWjFi/cLB01ywENXR5App4lSk+m8ErxhG+tf/6IBEZPj0H
k/bh2BK9Nt+KfOOO9ierKXZZ9mJIdfac0BozuDVqAqyWIOBw7SClPSsMVB86RnYW
JmkSK/3lyv1aFAcdxCdvg5YI3JZHt7v3kRIWnaHXOQEPl+xrjRmFg6zkDuSfLuYv
34c5X7pNXhnrt/iQmmm1V/jeQMxays+kDve6QUd2JRwEXw51Yv6EhKEgEc6vNyJg
mUFy7qHWZELaNSQ9phW6aczJgCcMaSsZaNdbszD1QoGM
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:49:25 2025 by rpki-client