Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/iERNJrCsV3GM7sxIXaoD3X-JG9E.roa
File: iERNJrCsV3GM7sxIXaoD3X-JG9E.roa (raw, json)
Hash identifier: 8XvlLDb97XWncFD3ReeuW7cKuyjs6a1VGmsV9PkpF1g=
Subject key identifier: 88:44:4D:26:B0:AC:57:71:8C:EE:CC:48:5D:AA:03:DD:7F:89:1B:D1
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEF772A9145D5D76FCB9DF7B001C89
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/iERNJrCsV3GM7sxIXaoD3X-JG9E.roa
Signing time: Tue 26 Nov 2024 13:35:17 +0000
ROA not before: Tue 26 Nov 2024 13:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396570
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:f7:72:a9:14:5d:5d:76:fc:b9:df:7b:00:1c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88444d26b0ac57718ceecc485daa03dd7f891bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1e:dc:39:ac:57:23:fd:3e:0e:f7:df:75:c9:
c5:05:b7:53:4e:50:46:db:20:95:0e:b4:27:db:c7:
9f:77:1c:67:3e:d6:8a:a9:fb:9c:c1:e7:f0:32:b1:
e5:c0:cb:71:35:5d:f2:22:f6:81:fa:f3:a0:53:09:
2c:09:20:65:62:38:63:e0:ee:38:13:aa:6c:3d:5e:
1d:e0:32:6c:a4:c3:43:4a:7c:05:07:55:aa:25:31:
4d:70:93:c4:b8:0e:ed:25:c2:46:37:19:1c:4a:5a:
38:c9:0e:02:78:5b:65:26:d6:94:08:5f:6b:7d:e8:
ed:c0:27:6f:94:56:47:4b:81:e7:84:81:97:16:15:
36:a3:28:25:05:20:78:11:57:31:0f:3a:0f:e7:f7:
f7:56:80:95:42:6f:fa:8b:58:27:80:82:00:4d:86:
a1:53:93:b6:c0:7f:a9:bb:09:12:e1:b9:71:e0:58:
b0:7b:b1:62:d1:a7:2a:5e:2b:99:dd:cf:b4:39:c5:
6a:2e:0d:b1:66:6b:fe:ba:14:35:29:ec:16:98:81:
39:eb:b5:17:f0:c6:6a:0e:79:3f:46:14:0c:57:94:
a7:57:df:e0:76:e9:75:7d:b1:ae:e3:ba:4c:6d:42:
69:c4:1e:06:11:b3:77:89:ed:31:86:3b:49:48:27:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:44:4D:26:B0:AC:57:71:8C:EE:CC:48:5D:AA:03:DD:7F:89:1B:D1
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/iERNJrCsV3GM7sxIXaoD3X-JG9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
04:c9:72:37:dc:18:53:5f:91:e3:89:a1:c1:ad:88:bc:8d:bc:
48:27:85:43:97:6e:26:30:69:84:d2:fc:5a:e7:dd:cc:df:ba:
43:9a:5f:f7:88:6c:8e:cc:4d:bb:ea:4e:7b:72:9d:52:a7:a8:
af:b4:dc:e3:fc:2c:cf:01:7e:dc:52:0d:4f:cb:b5:09:0a:2c:
a5:99:f6:03:ab:40:1f:a0:0e:b9:6a:02:cc:ea:45:64:d3:1c:
b5:ec:ba:44:d5:47:3c:31:39:eb:77:f0:7c:23:b8:d0:60:9b:
ee:59:5d:84:cc:49:b3:01:25:41:5a:9e:70:82:37:5f:a4:90:
17:5e:17:27:d6:85:14:46:1d:e8:37:da:5a:c4:ae:25:00:4f:
c4:0c:e0:a5:45:32:d8:56:54:7d:55:e6:88:28:17:50:61:8b:
28:c9:65:3d:37:82:bd:2e:22:ac:41:c7:23:99:40:ef:e7:0c:
35:db:27:9c:cd:2b:81:4f:ad:58:62:69:01:f7:a0:1b:fd:7d:
b1:46:e3:49:b3:2d:59:39:60:4f:c5:08:4a:c5:2c:39:79:b6:
06:65:8d:a2:8d:86:5f:29:2e:4f:8c:69:bd:bd:f5:48:a2:f7:
12:bb:5c:91:27:52:8f:24:a7:02:44:b6:f0:2a:15:d9:d8:40:
93:24:4c:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorvdyqRRdXXb8ud97AByJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQ0NGQyNmIwYWM1NzcxOGNlZWNjNDg1ZGFhMDNkZDdmODkxYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR7cOaxXI/0+DvffdcnFBbdTTlBG
2yCVDrQn28efdxxnPtaKqfucwefwMrHlwMtxNV3yIvaB+vOgUwksCSBlYjhj4O44
E6psPV4d4DJspMNDSnwFB1WqJTFNcJPEuA7tJcJGNxkcSlo4yQ4CeFtlJtaUCF9r
fejtwCdvlFZHS4HnhIGXFhU2oyglBSB4EVcxDzoP5/f3VoCVQm/6i1gngIIATYah
U5O2wH+puwkS4blx4Fiwe7Fi0acqXiuZ3c+0OcVqLg2xZmv+uhQ1KewWmIE567UX
8MZqDnk/RhQMV5SnV9/gdul1fbGu47pMbUJpxB4GEbN3ie0xhjtJSCdMVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIhETSawrFdxjO7MSF2qA91/iRvRMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvaUVSTkpyQ3NWM0dNN3N4SVhhb0QzWC1KRzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAATJcjfcGFNfkeOJocGtiLyNvEgnhUOX
biYwaYTS/Frn3czfukOaX/eIbI7MTbvqTntynVKnqK+03OP8LM8BftxSDU/LtQkK
LKWZ9gOrQB+gDrlqAszqRWTTHLXsukTVRzwxOet38HwjuNBgm+5ZXYTMSbMBJUFa
nnCCN1+kkBdeFyfWhRRGHeg32lrEriUAT8QM4KVFMthWVH1V5ogoF1BhiyjJZT03
gr0uIqxBxyOZQO/nDDXbJ5zNK4FPrVhiaQH3oBv9fbFG40mzLVk5YE/FCErFLDl5
tgZljaKNhl8pLk+Mab299Uii9xK7XJEnUo8kpwJEtvAqFdnYQJMkTLo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:33 2025 by rpki-client