Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/iyfQ4fQn8FUSvWOQoTRQwotwxhs.roa
File: iyfQ4fQn8FUSvWOQoTRQwotwxhs.roa (raw, json)
Hash identifier: 0EHWFey/1Qz7WrE2ehGnf95LJeN8UUGRJFFSyYNNKqo=
Subject key identifier: 8B:27:D0:E1:F4:27:F0:55:12:BD:63:90:A1:34:50:C2:8B:70:C6:1B
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018CCA2BDF33F09CA1EFE9109C366D0D9317
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/iyfQ4fQn8FUSvWOQoTRQwotwxhs.roa
Signing time: Tue 02 Jan 2024 12:35:21 +0000
ROA not before: Tue 02 Jan 2024 12:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197520
IP address blocks: 193.151.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:df:33:f0:9c:a1:ef:e9:10:9c:36:6d:0d:93:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 12:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b27d0e1f427f05512bd6390a13450c28b70c61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4d:17:42:d1:8a:d8:0e:1f:d1:b8:d2:a3:f6:
ca:f2:ca:c8:b8:05:29:54:af:3b:8c:75:a5:ce:f9:
39:08:a7:ab:2b:99:35:4c:38:e0:cb:6c:be:76:5a:
dd:e8:cc:f4:98:cf:c4:8e:5b:6f:14:be:84:8c:53:
7d:84:c3:18:d7:c3:89:c9:44:9f:5a:c1:2f:34:14:
02:f0:a0:be:7d:47:01:fd:d6:9c:4c:43:ec:e5:e5:
42:ca:b3:91:90:6b:98:5f:72:82:e5:b5:9b:ad:18:
5c:1f:f0:e3:4a:32:0a:b1:11:7d:1e:45:ab:10:e2:
5d:cb:39:96:35:3a:87:a0:12:a6:f1:47:58:70:16:
31:e5:ec:65:fb:6b:f1:8e:c3:85:06:60:ef:fe:c8:
f6:64:92:d1:d6:77:a7:32:e1:40:0f:77:69:26:48:
39:ff:5c:41:1c:27:46:5a:47:da:f3:15:c5:6c:d2:
5f:9f:dc:89:d3:e5:c6:46:8c:58:cd:58:6b:70:f8:
fc:10:42:1b:6b:ac:fa:04:60:65:a1:07:00:04:e6:
33:89:1f:11:0e:c6:10:b8:21:e0:eb:f4:17:7f:ee:
e1:d7:d1:6b:3f:23:ce:5c:3b:fb:38:c4:9a:c2:13:
5e:5f:b8:4b:b2:46:cd:23:3b:d3:05:00:d1:af:59:
f4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:27:D0:E1:F4:27:F0:55:12:BD:63:90:A1:34:50:C2:8B:70:C6:1B
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/iyfQ4fQn8FUSvWOQoTRQwotwxhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.164.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0b:e8:70:f7:4a:41:24:34:3b:f9:88:68:6f:cf:b8:7b:80:
b0:fe:02:ce:b2:d3:ec:6a:07:da:4f:97:45:64:92:39:ba:9c:
cb:66:44:93:fb:71:de:93:57:15:b3:26:4b:48:f6:12:03:86:
d5:fd:49:c6:d2:6d:5f:28:66:e5:9e:28:d5:9c:27:65:58:0f:
19:cd:21:df:e0:c3:2e:95:d6:05:24:96:63:35:4b:e2:a0:1e:
10:ed:1a:59:01:df:c7:76:0f:e9:a8:f2:a2:05:e8:d1:13:36:
fe:ce:b5:6e:b2:bd:39:c3:53:d3:73:41:1c:87:b5:3c:76:68:
89:a2:dd:eb:f2:5d:df:f8:e1:23:39:45:11:a8:9b:26:43:e0:
61:ed:62:dd:7c:6b:d0:38:f7:11:ea:05:f8:99:d7:66:4f:f6:
64:ce:03:5c:ce:d8:87:0d:76:b6:04:0d:91:37:18:cc:30:99:
55:21:8c:cd:a0:48:9d:9f:22:6c:1e:6c:59:71:45:5b:6b:ef:
5f:75:b5:a7:74:c5:1f:88:cd:c0:f7:af:f4:b4:ad:78:b6:05:
53:11:3c:91:1d:2a:f1:82:eb:0a:2c:fb:63:b1:ae:f4:78:dd:
76:60:b3:85:d8:ed:25:9a:39:d7:36:17:49:6a:26:86:e0:7a:
08:66:59:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK98z8Jyh7+kQnDZtDZMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwMTAyMTIzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjI3ZDBlMWY0MjdmMDU1MTJiZDYzOTBhMTM0NTBjMjhiNzBjNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg00XQtGK2A4f0bjSo/bK8srIuAUp
VK87jHWlzvk5CKerK5k1TDjgy2y+dlrd6Mz0mM/EjltvFL6EjFN9hMMY18OJyUSf
WsEvNBQC8KC+fUcB/dacTEPs5eVCyrORkGuYX3KC5bWbrRhcH/DjSjIKsRF9HkWr
EOJdyzmWNTqHoBKm8UdYcBYx5exl+2vxjsOFBmDv/sj2ZJLR1nenMuFAD3dpJkg5
/1xBHCdGWkfa8xXFbNJfn9yJ0+XGRoxYzVhrcPj8EEIba6z6BGBloQcABOYziR8R
DsYQuCHg6/QXf+7h19FrPyPOXDv7OMSawhNeX7hLskbNIzvTBQDRr1n0hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsn0OH0J/BVEr1jkKE0UMKLcMYbMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvaXlmUTRmUW44RlVTdldPUW9UUlF3b3R3eGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZekMA0G
CSqGSIb3DQEBCwUAA4IBAQAEC+hw90pBJDQ7+Yhob8+4e4Cw/gLOstPsagfaT5dF
ZJI5upzLZkST+3Hek1cVsyZLSPYSA4bV/UnG0m1fKGblnijVnCdlWA8ZzSHf4MMu
ldYFJJZjNUvioB4Q7RpZAd/Hdg/pqPKiBejREzb+zrVusr05w1PTc0Ech7U8dmiJ
ot3r8l3f+OEjOUURqJsmQ+Bh7WLdfGvQOPcR6gX4mddmT/ZkzgNcztiHDXa2BA2R
NxjMMJlVIYzNoEidnyJsHmxZcUVba+9fdbWndMUfiM3A96/0tK14tgVTETyRHSrx
gusKLPtjsa70eN12YLOF2O0lmjnXNhdJaiaG4HoIZlk/
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:02:38 2025 by rpki-client