Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/IzHwNm-BEQTEBYULoYhnNcicmo0.roa
File: IzHwNm-BEQTEBYULoYhnNcicmo0.roa (raw, json)
Hash identifier: yQ54dHkz7MXvYm3+yZl/AUTutqPwCCn9suLHijKfXJI=
Subject key identifier: 23:31:F0:36:6F:81:11:04:C4:05:85:0B:A1:88:67:35:C8:9C:9A:8D
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018CC9BB028D8314F3DB83BD0DE0BD6BBCCC
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/IzHwNm-BEQTEBYULoYhnNcicmo0.roa
Signing time: Tue 02 Jan 2024 10:32:05 +0000
ROA not before: Tue 02 Jan 2024 10:32:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 192.109.200.0/24 maxlen: 24
192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 07:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:02:8d:83:14:f3:db:83:bd:0d:e0:bd:6b:bc:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 2 10:32:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2331f0366f811104c405850ba1886735c89c9a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:70:29:d9:61:0b:c5:b3:48:6b:10:59:6e:11:
dc:50:65:fc:aa:f5:2c:60:9d:f5:24:10:8b:e0:56:
fc:3f:e4:32:55:02:f4:53:bd:2e:3d:39:76:fa:1b:
ee:11:e5:3b:ed:5d:99:e3:2b:d5:32:c3:fa:3c:65:
6c:6c:3a:13:51:f3:22:fa:2d:91:13:97:94:0b:76:
69:59:7d:01:0c:29:ec:9d:2b:6c:ac:2e:d1:f3:7d:
57:4d:ad:5e:07:16:ce:10:e1:c6:11:9a:34:71:d7:
6c:38:d4:26:ce:06:d9:d2:d5:80:1d:a9:42:da:fb:
c7:7b:54:5f:2a:d0:fc:f7:38:11:9e:05:72:bb:49:
c5:d2:93:9e:13:17:2f:06:43:dc:c5:ab:e3:8e:54:
34:81:1b:e6:d8:5a:20:3f:a1:15:6e:f6:5e:f1:38:
da:92:ab:be:ab:73:92:1e:c1:7a:37:af:12:14:d3:
f3:a7:3b:3e:7d:a6:94:d0:fe:ef:49:42:42:92:a5:
e6:3a:0c:0c:56:03:4f:56:08:3d:e8:81:ac:55:80:
2f:c3:07:2a:16:d7:50:dd:66:a3:ef:d6:64:b3:f6:
eb:84:24:eb:1c:b0:03:3c:6b:9d:ea:68:51:50:d6:
a2:54:3b:50:22:06:63:11:e0:a2:34:e4:a5:8b:3c:
ca:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:31:F0:36:6F:81:11:04:C4:05:85:0B:A1:88:67:35:C8:9C:9A:8D
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/IzHwNm-BEQTEBYULoYhnNcicmo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:81:60:37:a4:2c:73:be:f5:01:ae:15:f8:18:57:30:54:6a:
ff:2f:80:ef:d2:37:76:79:55:14:46:37:72:0d:b6:ad:ad:d3:
c6:b3:8f:53:7e:62:82:b9:3f:13:8b:d2:ee:71:77:2b:e5:80:
a8:41:6d:cf:52:fc:b1:a2:30:d5:d7:01:d1:24:5d:89:9d:e9:
ec:6a:26:04:2b:44:8b:2b:9a:f8:a3:b5:db:c8:a1:fb:e9:9b:
0a:41:61:70:7e:97:9c:56:03:0b:c7:80:ed:43:9f:32:5b:fc:
5c:e1:3b:f7:27:e4:86:1a:70:27:a3:1c:39:16:5b:66:e0:80:
56:d1:0c:21:d9:b5:33:bd:28:6d:d1:06:3a:26:de:b7:a8:c9:
8d:ca:bf:3c:ce:5b:d3:83:45:33:d2:22:53:be:0b:18:2e:b5:
1a:21:15:e2:53:8b:80:08:76:89:76:1b:76:d8:d4:ad:82:0a:
20:49:86:f4:45:5e:a4:c2:0d:40:62:8d:00:45:98:93:81:2e:
ad:5b:e6:1d:cc:a8:30:e8:93:d5:70:3b:02:af:32:de:73:2a:
45:91:2c:8c:1a:76:88:ff:37:d6:42:2b:88:9a:2a:af:77:b9:
0c:93:22:f9:60:ae:55:4c:9f:40:15:57:4e:eb:a2:87:65:95:
9e:10:73:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJuwKNgxTz24O9DeC9a7zMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjQwMTAyMTAzMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMxZjAzNjZmODExMTA0YzQwNTg1MGJhMTg4NjczNWM4OWM5YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3Ap2WELxbNIaxBZbhHcUGX8qvUs
YJ31JBCL4Fb8P+QyVQL0U70uPTl2+hvuEeU77V2Z4yvVMsP6PGVsbDoTUfMi+i2R
E5eUC3ZpWX0BDCnsnStsrC7R831XTa1eBxbOEOHGEZo0cddsONQmzgbZ0tWAHalC
2vvHe1RfKtD89zgRngVyu0nF0pOeExcvBkPcxavjjlQ0gRvm2FogP6EVbvZe8Tja
kqu+q3OSHsF6N68SFNPzpzs+faaU0P7vSUJCkqXmOgwMVgNPVgg96IGsVYAvwwcq
FtdQ3Waj79Zks/brhCTrHLADPGud6mhRUNaiVDtQIgZjEeCiNOSlizzKmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMx8DZvgREExAWFC6GIZzXInJqNMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvSXpId05tLUJFUVRFQllVTG9ZaG5OY2ljbW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG2LAwQA
wG3IMA0GCSqGSIb3DQEBCwUAA4IBAQBMgWA3pCxzvvUBrhX4GFcwVGr/L4Dv0jd2
eVUURjdyDbatrdPGs49TfmKCuT8Ti9LucXcr5YCoQW3PUvyxojDV1wHRJF2Jnens
aiYEK0SLK5r4o7XbyKH76ZsKQWFwfpecVgMLx4DtQ58yW/xc4Tv3J+SGGnAnoxw5
Fltm4IBW0Qwh2bUzvSht0QY6Jt63qMmNyr88zlvTg0Uz0iJTvgsYLrUaIRXiU4uA
CHaJdht22NStggogSYb0RV6kwg1AYo0ARZiTgS6tW+YdzKgw6JPVcDsCrzLecypF
kSyMGnaI/zfWQiuImiqvd7kMkyL5YK5VTJ9AFVdO66KHZZWeEHOF
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:40:55 2025 by rpki-client