Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/ixQgI5YjtTLfgJuOGhz9L-NB540.roa
File: ixQgI5YjtTLfgJuOGhz9L-NB540.roa (raw, json)
Hash identifier: FyfM+JWLBLwPxBXmSfGR5UKDIaXEuKYXhf8m7vi1mok=
Subject key identifier: 8B:14:20:23:96:23:B5:32:DF:80:9B:8E:1A:1C:FD:2F:E3:41:E7:8D
Certificate issuer: /CN=53550b2382e00fa7df194e6485fe1425836213ff
Certificate serial: 018CCA991FD09501D7D92B18B17AE35CF127
Authority key identifier: 53:55:0B:23:82:E0:0F:A7:DF:19:4E:64:85:FE:14:25:83:62:13:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1ULI4LgD6ffGU5khf4UJYNiE_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/ixQgI5YjtTLfgJuOGhz9L-NB540.roa
Signing time: Tue 02 Jan 2024 14:34:41 +0000
ROA not before: Tue 02 Jan 2024 14:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13244
IP address blocks: 194.153.171.0/24 maxlen: 24
194.9.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:1f:d0:95:01:d7:d9:2b:18:b1:7a:e3:5c:f1:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53550b2382e00fa7df194e6485fe1425836213ff
Validity
Not Before: Jan 2 14:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b1420239623b532df809b8e1a1cfd2fe341e78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6a:cc:87:e8:f7:2e:15:50:75:9c:2d:de:d2:
c3:63:c7:15:ab:6a:37:59:f5:88:a1:c2:e5:30:67:
7c:4c:f4:6c:73:d2:b5:8f:26:1f:fa:38:a9:00:04:
1a:8a:22:1d:ce:17:46:58:1a:6a:f1:70:53:db:c1:
e2:d0:f6:c0:41:b5:5f:8a:5f:e6:d2:4e:79:e1:bc:
40:38:3d:bf:15:dc:3b:46:ab:e1:03:98:9c:4f:7c:
78:84:dd:28:57:fc:d3:e9:ee:2d:40:f6:11:b0:b5:
11:cf:29:7c:d2:fd:02:eb:a7:31:fd:55:0c:ed:2a:
3c:d7:16:73:e8:05:f4:b6:73:31:5c:a7:ca:fa:4d:
07:71:bb:68:f9:16:2a:53:7c:dc:f4:3b:aa:75:42:
0a:73:77:fa:ff:5f:92:86:6c:f7:96:43:31:d0:15:
9e:92:e8:ac:0c:b4:1f:97:78:e5:6a:4c:de:3f:b6:
11:46:75:6e:b7:3b:d9:a4:b1:47:f3:19:29:c2:de:
77:34:68:9a:c4:9a:92:07:2a:83:3f:63:e4:57:6c:
57:bc:99:6e:89:d5:73:1d:95:13:46:47:1e:3d:0b:
f5:f0:b5:1a:d0:1c:1e:45:af:55:8d:0a:f1:2c:de:
02:7e:6a:32:74:98:53:2d:09:81:cd:f6:4c:10:a2:
45:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:14:20:23:96:23:B5:32:DF:80:9B:8E:1A:1C:FD:2F:E3:41:E7:8D
X509v3 Authority Key Identifier:
keyid:53:55:0B:23:82:E0:0F:A7:DF:19:4E:64:85:FE:14:25:83:62:13:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1ULI4LgD6ffGU5khf4UJYNiE_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/ixQgI5YjtTLfgJuOGhz9L-NB540.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.170.0/24
194.153.171.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:63:cd:17:a9:c8:00:b9:85:20:7d:fc:2e:b7:52:28:b3:8a:
9c:b3:b5:8d:42:6a:26:0b:cf:e5:d4:db:4f:af:60:7a:8f:68:
13:8e:a9:95:88:58:1a:90:4f:01:37:c3:63:57:b8:45:72:9b:
8c:fe:f3:4f:db:94:08:85:56:44:72:51:21:4c:14:0c:9a:40:
7d:f5:69:bb:75:4c:66:00:ec:8a:d4:5a:6d:01:b2:78:4e:44:
28:03:ba:aa:e4:cd:53:17:39:bf:83:7c:a1:8a:ec:81:3b:97:
c6:db:5f:1d:62:99:82:fa:dd:44:5b:2e:63:86:2d:68:9b:26:
d6:cb:52:98:91:c6:1b:a8:71:34:ff:e2:52:19:98:1c:83:28:
3c:ce:7c:8e:aa:35:fe:be:73:f1:21:ab:5f:ce:c5:fd:73:49:
fa:22:d0:c3:2b:7c:b2:a1:e5:99:ca:08:40:20:88:59:1c:d9:
1d:de:55:ed:96:a4:b9:4d:cd:b0:cf:81:2b:34:f0:b0:21:d4:
13:d0:b2:fe:ba:ac:5c:d6:43:19:b0:4c:45:24:58:ca:5b:d1:
30:b9:b9:b5:5c:71:31:db:ea:a6:1e:2a:9f:25:f0:58:71:40:
ef:76:8f:55:ab:19:2d:b6:f6:97:05:7b:6d:06:b0:5b:0f:76:
79:3c:df:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmR/QlQHX2SsYsXrjXPEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTUwYjIzODJlMDBmYTdkZjE5NGU2NDg1ZmUxNDI1ODM2
MjEzZmYwHhcNMjQwMTAyMTQzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjE0MjAyMzk2MjNiNTMyZGY4MDliOGUxYTFjZmQyZmUzNDFlNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGrMh+j3LhVQdZwt3tLDY8cVq2o3
WfWIocLlMGd8TPRsc9K1jyYf+jipAAQaiiIdzhdGWBpq8XBT28Hi0PbAQbVfil/m
0k554bxAOD2/Fdw7RqvhA5icT3x4hN0oV/zT6e4tQPYRsLURzyl80v0C66cx/VUM
7So81xZz6AX0tnMxXKfK+k0Hcbto+RYqU3zc9DuqdUIKc3f6/1+Shmz3lkMx0BWe
kuisDLQfl3jlakzeP7YRRnVutzvZpLFH8xkpwt53NGiaxJqSByqDP2PkV2xXvJlu
idVzHZUTRkcePQv18LUa0BweRa9VjQrxLN4CfmoydJhTLQmBzfZMEKJFNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIsUICOWI7Uy34Cbjhoc/S/jQeeNMB8GA1UdIwQY
MBaAFFNVCyOC4A+n3xlOZIX+FCWDYhP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFVTEk0TGdENmZmR1U1a2hmNFVKWU5pRV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jNWJiNmItNjQyNS00NTNhLWI5NDIt
ODljNTNkNjMwNzY1LzEvaXhRZ0k1WWp0VExmZ0p1T0doejlMLU5CNTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jNWJiNmItNjQyNS00NTNhLWI5NDItODljNTNkNjMwNzY1
LzEvVTFVTEk0TGdENmZmR1U1a2hmNFVKWU5pRV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgmqAwQA
wpmrMA0GCSqGSIb3DQEBCwUAA4IBAQBeY80XqcgAuYUgffwut1Ios4qcs7WNQmom
C8/l1NtPr2B6j2gTjqmViFgakE8BN8NjV7hFcpuM/vNP25QIhVZEclEhTBQMmkB9
9Wm7dUxmAOyK1FptAbJ4TkQoA7qq5M1TFzm/g3yhiuyBO5fG218dYpmC+t1EWy5j
hi1omybWy1KYkcYbqHE0/+JSGZgcgyg8znyOqjX+vnPxIatfzsX9c0n6ItDDK3yy
oeWZyghAIIhZHNkd3lXtlqS5Tc2wz4ErNPCwIdQT0LL+uqxc1kMZsExFJFjKW9Ew
ubm1XHEx2+qmHiqfJfBYcUDvdo9VqxkttvaXBXttBrBbD3Z5PN9x
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:08:28 2025 by rpki-client