Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/iIxer1NgmCEq4wAukqZkAguBlPc.roa
File: iIxer1NgmCEq4wAukqZkAguBlPc.roa (raw, json)
Hash identifier: QcDTQ3RCIZgyY21AEpdy5i539TxscCYo+equwgYUa2Q=
Subject key identifier: 88:8C:5E:AF:53:60:98:21:2A:E3:00:2E:92:A6:64:02:0B:81:94:F7
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018F18900E8F7C309CEBA44C911D1E86515A
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/iIxer1NgmCEq4wAukqZkAguBlPc.roa
Signing time: Fri 26 Apr 2024 04:00:44 +0000
ROA not before: Fri 26 Apr 2024 04:00:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 2a09:e2c0::/30 maxlen: 30
2a10:4102::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 May 2024 09:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:18:90:0e:8f:7c:30:9c:eb:a4:4c:91:1d:1e:86:51:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Apr 26 04:00:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=888c5eaf536098212ae3002e92a664020b8194f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f2:eb:c6:35:e7:ef:9e:5c:1e:4e:17:e2:a0:
53:02:84:d1:a3:00:09:8d:9e:a4:e5:a5:ae:a5:d0:
78:76:0e:55:d5:ad:9f:44:db:2f:c5:46:0d:8b:8e:
89:b0:43:9e:41:05:34:7c:76:8a:7e:79:41:31:0c:
0d:d4:20:35:17:27:82:d7:f4:9e:28:00:75:b1:0b:
ed:2d:0c:b3:79:13:4a:4c:6a:d3:ca:c6:47:99:0b:
8b:8c:9f:ba:65:0b:19:fe:db:ca:f6:b3:01:17:b1:
09:75:7e:3e:e9:4e:d1:55:ef:d7:26:b4:42:fc:20:
79:d4:73:37:40:dd:ff:63:e5:1e:1e:8e:0a:42:b1:
ac:df:fa:b1:9b:f0:4e:04:43:ba:a2:40:fd:e7:3d:
11:47:8d:ea:3f:3b:b0:09:d4:de:ca:49:d1:13:15:
53:b6:3e:22:a7:d3:8d:1b:48:55:ca:39:e4:f3:1b:
21:a8:c0:8d:39:49:86:58:db:a9:6a:84:4f:8d:11:
a5:4d:5f:5e:af:5f:a0:47:57:4a:67:a1:90:a7:a9:
9b:94:b5:c4:0a:16:ae:d1:aa:ff:f7:5b:28:c8:00:
8b:44:db:6f:20:d6:a4:22:77:fa:b6:2e:dd:a9:62:
73:b8:4f:67:40:c8:d2:30:ea:0d:6b:68:33:93:3f:
08:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8C:5E:AF:53:60:98:21:2A:E3:00:2E:92:A6:64:02:0B:81:94:F7
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/iIxer1NgmCEq4wAukqZkAguBlPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e2c0::/30
2a10:4102::/32
Signature Algorithm: sha256WithRSAEncryption
74:21:c4:5d:11:8e:2f:7c:94:fc:72:f9:22:6e:f7:5f:41:dc:
6b:4b:ba:c0:cd:b4:7a:b9:da:ef:66:43:8f:9a:99:1e:30:3c:
09:29:54:84:2e:bc:07:7f:6f:47:23:60:3e:06:9b:bc:25:ca:
53:66:59:ac:e4:08:ab:5e:ee:6c:31:39:8d:cf:ee:48:92:1b:
5a:a6:4f:60:1b:76:e7:ef:61:8b:be:11:c1:c5:d5:28:d7:5b:
f3:99:81:74:c7:96:f5:dc:d0:fa:f8:f7:5e:4e:1f:4f:65:57:
61:7a:60:6f:88:1f:b4:b2:90:39:66:66:5d:af:d0:7d:e8:7d:
74:66:8f:d1:c9:84:1c:10:6d:c6:84:f6:28:d2:51:68:e9:63:
9a:5e:a6:76:3c:b2:a8:6b:66:fc:cb:d3:c4:c4:fa:27:c1:c3:
56:d3:b0:4a:59:64:05:ea:55:82:c3:c6:a4:b4:8b:86:b9:87:
04:6c:9d:2e:a9:df:6d:f5:3a:13:fd:16:af:7d:4f:21:77:81:
cb:32:db:44:64:f5:c2:32:4e:da:cc:2c:69:fb:de:1f:d7:62:
25:b0:ad:27:5d:07:82:ea:ed:c5:56:fe:63:c5:b3:10:b1:ea:
bb:ee:e5:d6:6b:7b:f4:dd:da:3a:9f:ed:28:74:30:1b:5c:57:
77:53:a5:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8YkA6PfDCc66RMkR0ehlFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNDI2MDQwMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhjNWVhZjUzNjA5ODIxMmFlMzAwMmU5MmE2NjQwMjBiODE5NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/LrxjXn755cHk4X4qBTAoTRowAJ
jZ6k5aWupdB4dg5V1a2fRNsvxUYNi46JsEOeQQU0fHaKfnlBMQwN1CA1FyeC1/Se
KAB1sQvtLQyzeRNKTGrTysZHmQuLjJ+6ZQsZ/tvK9rMBF7EJdX4+6U7RVe/XJrRC
/CB51HM3QN3/Y+UeHo4KQrGs3/qxm/BOBEO6okD95z0RR43qPzuwCdTeyknRExVT
tj4ip9ONG0hVyjnk8xshqMCNOUmGWNupaoRPjRGlTV9er1+gR1dKZ6GQp6mblLXE
Chau0ar/91soyACLRNtvINakInf6ti7dqWJzuE9nQMjSMOoNa2gzkz8IewIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIiMXq9TYJghKuMALpKmZAILgZT3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvaUl4ZXIxTmdtQ0VxNHdBdWtxWmtBZ3VCbFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUCKgniwAMF
ACoQQQIwDQYJKoZIhvcNAQELBQADggEBAHQhxF0Rji98lPxy+SJu919B3GtLusDN
tHq52u9mQ4+amR4wPAkpVIQuvAd/b0cjYD4Gm7wlylNmWazkCKte7mwxOY3P7kiS
G1qmT2AbdufvYYu+EcHF1SjXW/OZgXTHlvXc0Pr4915OH09lV2F6YG+IH7SykDlm
Zl2v0H3ofXRmj9HJhBwQbcaE9ijSUWjpY5pepnY8sqhrZvzL08TE+ifBw1bTsEpZ
ZAXqVYLDxqS0i4a5hwRsnS6p3231OhP9Fq99TyF3gcsy20Rk9cIyTtrMLGn73h/X
YiWwrSddB4Lq7cVW/mPFsxCx6rvu5dZre/Td2jqf7Sh0MBtcV3dTpdg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:13 2025 by rpki-client