Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/i5c-c1Bzu_pEgimt8a3K9Fvk_yU.roa
File: i5c-c1Bzu_pEgimt8a3K9Fvk_yU.roa (raw, json)
Hash identifier: Xz52JSofQJ0gLwHUittNqhEcilzKk07bsFqgkHtOt80=
Subject key identifier: 8B:97:3E:73:50:73:BB:FA:44:82:29:AD:F1:AD:CA:F4:5B:E4:FF:25
Certificate issuer: /CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Certificate serial: 018CC64B83BD18FA444D25203ADAC5F74E0D
Authority key identifier: 29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/i5c-c1Bzu_pEgimt8a3K9Fvk_yU.roa
Signing time: Mon 01 Jan 2024 18:31:26 +0000
ROA not before: Mon 01 Jan 2024 18:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31138
IP address blocks: 83.217.0.0/22 maxlen: 22
2a00:d8c0::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:83:bd:18:fa:44:4d:25:20:3a:da:c5:f7:4e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Validity
Not Before: Jan 1 18:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b973e735073bbfa448229adf1adcaf45be4ff25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3b:62:83:70:ae:67:3b:f5:b2:ee:d1:5f:13:
88:c1:01:3c:5a:ed:09:55:2e:4b:06:97:b6:84:b7:
33:b7:f6:cd:67:ea:d1:06:21:21:85:5f:7b:b4:cb:
d8:26:15:46:8f:a4:d7:2d:cd:1b:65:9f:c2:06:a8:
48:e5:41:cc:a3:54:bd:ee:a2:77:43:5c:0a:b7:b6:
6a:69:96:d8:36:c4:87:74:2b:f2:85:a1:2d:8b:3a:
ed:8f:5d:e8:c6:36:a7:db:45:e3:df:b6:9d:59:68:
09:a4:71:ba:8f:71:7a:15:d1:24:e2:00:ff:c8:fb:
48:e8:87:5d:27:73:88:8f:14:d4:5b:a5:d8:97:d0:
f4:b1:55:7e:7c:f2:4c:2e:9d:e4:eb:67:ed:ed:06:
2c:75:47:2e:59:ea:c4:a2:10:8a:7b:f0:55:ed:48:
1d:4d:a3:3a:57:dd:45:a6:1c:b6:e0:bb:1d:61:78:
65:9e:f3:0a:73:8c:a1:6b:a7:f4:55:a0:93:23:aa:
95:d2:0d:9b:81:6f:c4:d8:ee:b2:3c:4b:ef:ed:0e:
5e:0c:6a:72:5d:1c:94:c2:22:5a:69:b8:f2:27:1f:
e9:15:f4:47:e3:d6:5a:26:70:08:c6:e2:86:2c:e0:
c5:19:5e:5a:75:e4:bb:31:af:2d:69:41:f0:6a:6a:
d1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:97:3E:73:50:73:BB:FA:44:82:29:AD:F1:AD:CA:F4:5B:E4:FF:25
X509v3 Authority Key Identifier:
keyid:29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/i5c-c1Bzu_pEgimt8a3K9Fvk_yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.0.0/22
IPv6:
2a00:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:f7:ec:e7:4d:17:04:1d:9a:9c:d9:c9:99:2f:f8:67:62:ed:
f9:41:24:a8:86:66:f5:fb:cd:7a:09:69:90:89:dc:b7:6b:2f:
de:b5:eb:ef:be:b5:c0:b8:eb:46:31:78:62:6e:15:b3:9b:f6:
e1:8e:c9:0a:8d:d6:ad:75:df:b0:a3:e2:c8:e1:32:3a:a4:d6:
b6:54:17:68:89:81:61:a3:e4:d7:fd:59:ac:4a:db:cd:1c:70:
f7:96:20:87:0f:42:11:e8:a0:94:ec:bc:0f:ca:6c:8c:93:98:
f5:22:9f:4d:21:4e:ba:82:a8:42:5d:5c:dc:c6:a0:7f:b8:f8:
6a:b3:19:b5:f6:ae:c8:23:dd:56:25:b4:34:f6:d7:f7:5d:e1:
37:ad:39:06:8f:16:b1:01:22:e0:1b:03:1b:df:9b:7b:1d:65:
58:7b:9a:1e:77:21:64:0d:92:bd:e5:17:c3:b2:39:0a:32:75:
75:48:17:76:5f:f5:28:d9:e3:51:f1:40:60:bd:1c:a0:8e:fb:
64:f4:fd:70:98:48:79:bb:4b:2e:22:1d:62:ab:9d:b2:cf:ae:
e6:9d:3d:f4:d6:7a:07:93:ea:f2:a6:68:87:bc:8b:b8:77:51:
97:2a:cc:04:e0:c6:50:ed:ed:7a:56:ff:8b:3d:4a:a4:de:2e:
b8:c7:60:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGS4O9GPpETSUgOtrF904NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDBiNjk0YmJhMDk1MzQ0ZTRiZGI5OWY1MWUxZjEwMjNi
ZTU3Y2UwHhcNMjQwMTAxMTgzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk3M2U3MzUwNzNiYmZhNDQ4MjI5YWRmMWFkY2FmNDViZTRmZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhztig3CuZzv1su7RXxOIwQE8Wu0J
VS5LBpe2hLczt/bNZ+rRBiEhhV97tMvYJhVGj6TXLc0bZZ/CBqhI5UHMo1S97qJ3
Q1wKt7ZqaZbYNsSHdCvyhaEtizrtj13oxjan20Xj37adWWgJpHG6j3F6FdEk4gD/
yPtI6IddJ3OIjxTUW6XYl9D0sVV+fPJMLp3k62ft7QYsdUcuWerEohCKe/BV7Ugd
TaM6V91Fphy24LsdYXhlnvMKc4yha6f0VaCTI6qV0g2bgW/E2O6yPEvv7Q5eDGpy
XRyUwiJaabjyJx/pFfRH49ZaJnAIxuKGLODFGV5adeS7Ma8taUHwamrRRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIuXPnNQc7v6RIIprfGtyvRb5P8lMB8GA1UdIwQY
MBaAFClAtpS7oJU0TkvbmfUeHxAjvlfOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VDMmxMdWdsVFJPUzl1WjlSNGZFQ08tVjg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82MTA3ZTQtNDM5My00Y2JlLWE2YzIt
MjdjMWEzNTk3NmRlLzEvaTVjLWMxQnp1X3BFZ2ltdDhhM0s5RnZrX3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82MTA3ZTQtNDM5My00Y2JlLWE2YzItMjdjMWEzNTk3NmRl
LzEvS1VDMmxMdWdsVFJPUzl1WjlSNGZFQ08tVjg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCU9kAMA8E
AgACMAkDBwAqANjAAAAwDQYJKoZIhvcNAQELBQADggEBABr37OdNFwQdmpzZyZkv
+Gdi7flBJKiGZvX7zXoJaZCJ3LdrL9616+++tcC460YxeGJuFbOb9uGOyQqN1q11
37Cj4sjhMjqk1rZUF2iJgWGj5Nf9WaxK280ccPeWIIcPQhHooJTsvA/KbIyTmPUi
n00hTrqCqEJdXNzGoH+4+GqzGbX2rsgj3VYltDT21/dd4TetOQaPFrEBIuAbAxvf
m3sdZVh7mh53IWQNkr3lF8OyOQoydXVIF3Zf9SjZ41HxQGC9HKCO+2T0/XCYSHm7
Sy4iHWKrnbLPruadPfTWegeT6vKmaIe8i7h3UZcqzATgxlDt7XpW/4s9SqTeLrjH
YBg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:56 2025 by rpki-client