Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/iKI5RgMZxu7__wgKS1DsKDYOpjE.roa
File: iKI5RgMZxu7__wgKS1DsKDYOpjE.roa (raw, json)
Hash identifier: aXmrvfdN6GEOP1YxjVK5atbF96yriXZAbanqlxpF/Ik=
Subject key identifier: 88:A2:39:46:03:19:C6:EE:FF:FF:08:0A:4B:50:EC:28:36:0E:A6:31
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018E7B2D8740E6E6B4C09CD37BE7E3F4BC27
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/iKI5RgMZxu7__wgKS1DsKDYOpjE.roa
Signing time: Tue 26 Mar 2024 14:32:45 +0000
ROA not before: Tue 26 Mar 2024 14:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215311
IP address blocks: 83.147.17.0/24 maxlen: 24
83.147.18.0/24 maxlen: 24
83.147.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:2d:87:40:e6:e6:b4:c0:9c:d3:7b:e7:e3:f4:bc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Mar 26 14:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88a239460319c6eeffff080a4b50ec28360ea631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:49:aa:ae:86:4c:0a:af:52:f2:f7:2c:d3:26:
10:a1:23:ba:11:d8:cb:50:3b:bd:ce:12:9d:88:f4:
2e:e8:32:14:d6:b0:98:5d:28:e1:e2:3a:c3:17:d2:
09:d1:f6:7b:86:2b:f3:46:10:7c:fe:f4:d3:f4:4e:
60:56:14:92:5f:0b:f6:6a:9f:e0:be:d2:b6:73:c5:
4d:a1:2a:18:91:8d:03:59:97:93:e3:fb:7e:91:4b:
36:92:39:74:a6:2f:19:73:3f:7a:13:7c:36:26:5a:
8e:2f:ad:58:4f:ed:a3:b4:97:3c:de:3e:95:ed:fc:
62:09:b7:ba:07:50:82:6a:cf:ca:f3:22:6c:61:23:
1f:89:bb:22:3b:20:fc:00:19:ff:03:9b:91:d9:3a:
84:8d:bb:39:0f:8d:dd:19:e6:d7:78:b7:34:b7:d7:
1d:d7:7c:64:f4:d1:83:2d:24:33:88:66:96:17:47:
17:ef:b8:67:cd:11:77:4c:e9:e7:e7:b3:35:8c:86:
07:34:03:d6:14:e7:56:a0:65:5d:4f:66:7e:93:04:
39:25:62:75:71:b8:5e:e2:94:8c:be:ed:fb:f9:7b:
ad:93:ba:89:e0:e8:2d:d0:4c:f2:c9:3f:d7:cd:ea:
8f:29:62:a0:56:e3:ab:dc:81:bc:c7:c0:51:22:02:
65:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A2:39:46:03:19:C6:EE:FF:FF:08:0A:4B:50:EC:28:36:0E:A6:31
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/iKI5RgMZxu7__wgKS1DsKDYOpjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.17.0-83.147.19.255
Signature Algorithm: sha256WithRSAEncryption
b0:ca:e0:0e:55:fb:bd:69:66:72:42:ec:ab:27:4f:7d:2a:ab:
98:1a:a7:85:88:7b:2b:de:94:25:dc:0e:c4:6b:31:e0:4c:6b:
49:c2:95:b8:25:00:e2:38:9a:72:1f:7a:77:9e:a4:57:2a:ed:
b9:71:0a:42:16:02:82:65:b1:e2:67:69:b4:db:b7:d0:09:d8:
2f:e7:82:f2:31:6c:6f:bf:2c:42:13:22:d7:48:05:5d:e5:3a:
91:ce:22:38:80:ad:da:03:93:6a:c2:8d:cc:d0:d4:24:16:55:
72:34:2d:7b:40:6e:3d:9a:f6:12:ad:0f:e7:51:1f:f3:5c:d8:
90:2f:64:d4:af:6f:8e:3e:32:89:3e:ff:0a:1b:c5:e8:f1:f6:
14:33:fc:e1:7b:12:45:76:25:b4:ea:9f:0c:ce:d0:66:ed:40:
00:e8:db:2a:8a:37:bd:9f:82:79:d2:2c:d2:1e:b5:07:ad:ff:
dc:cc:17:6d:16:89:78:c4:e8:9b:ea:3c:7c:41:0d:e0:8c:95:
c9:79:e4:fb:00:11:01:42:5e:7f:59:55:39:98:20:c3:04:af:
22:5a:87:18:0e:65:d4:a3:d7:15:d9:54:bd:62:63:ee:6a:1c:
cf:5e:c2:ad:14:c3:7c:25:dd:5b:2c:dc:87:3a:64:33:87:52:
65:44:65:f5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY57LYdA5ua0wJzTe+fj9LwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwMzI2MTQzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEyMzk0NjAzMTljNmVlZmZmZjA4MGE0YjUwZWMyODM2MGVhNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0mqroZMCq9S8vcs0yYQoSO6EdjL
UDu9zhKdiPQu6DIU1rCYXSjh4jrDF9IJ0fZ7hivzRhB8/vTT9E5gVhSSXwv2ap/g
vtK2c8VNoSoYkY0DWZeT4/t+kUs2kjl0pi8Zcz96E3w2JlqOL61YT+2jtJc83j6V
7fxiCbe6B1CCas/K8yJsYSMfibsiOyD8ABn/A5uR2TqEjbs5D43dGebXeLc0t9cd
13xk9NGDLSQziGaWF0cX77hnzRF3TOnn57M1jIYHNAPWFOdWoGVdT2Z+kwQ5JWJ1
cbhe4pSMvu37+Xutk7qJ4Ogt0EzyyT/XzeqPKWKgVuOr3IG8x8BRIgJlVwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIiiOUYDGcbu//8ICktQ7Cg2DqYxMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvaUtJNVJnTVp4dTdfX3dnS1MxRHNLRFlPcGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABTkxED
BAJTkxAwDQYJKoZIhvcNAQELBQADggEBALDK4A5V+71pZnJC7KsnT30qq5gap4WI
eyvelCXcDsRrMeBMa0nClbglAOI4mnIfeneepFcq7blxCkIWAoJlseJnabTbt9AJ
2C/ngvIxbG+/LEITItdIBV3lOpHOIjiArdoDk2rCjczQ1CQWVXI0LXtAbj2a9hKt
D+dRH/Nc2JAvZNSvb44+Mok+/wobxejx9hQz/OF7EkV2JbTqnwzO0GbtQADo2yqK
N72fgnnSLNIetQet/9zMF20WiXjE6JvqPHxBDeCMlcl55PsAEQFCXn9ZVTmYIMME
ryJahxgOZdSj1xXZVL1iY+5qHM9ewq0Uw3wl3Vss3Ic6ZDOHUmVEZfU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:28 2025 by rpki-client