Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/iI8cZ9xBPbkj4WY_R-7SktWaLsc.roa
File: iI8cZ9xBPbkj4WY_R-7SktWaLsc.roa (raw, json)
Hash identifier: AC8heocx0e0YMbvHbJRzxlqK5x0ALO3cjgNjdQxfWak=
Subject key identifier: 88:8F:1C:67:DC:41:3D:B9:23:E1:66:3F:47:EE:D2:92:D5:9A:2E:C7
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 018FE366AB2E01CF9F1B98378893836EB270
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/iI8cZ9xBPbkj4WY_R-7SktWaLsc.roa
Signing time: Tue 04 Jun 2024 13:18:27 +0000
ROA not before: Tue 04 Jun 2024 13:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133335
IP address blocks: 25.129.196.0/23 maxlen: 23
25.129.198.0/23 maxlen: 23
2a08:600:e0::/47 maxlen: 47
2a08:600:ee::/47 maxlen: 47
Validation: Failed, certificate revoked on Tue 04 Jun 2024 15:40:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:66:ab:2e:01:cf:9f:1b:98:37:88:93:83:6e:b2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Jun 4 13:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=888f1c67dc413db923e1663f47eed292d59a2ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f8:67:02:75:da:49:16:ea:20:10:fb:12:00:
3b:c0:5b:7c:4c:32:93:62:ff:14:b7:4e:d4:63:42:
71:c8:ee:89:81:01:a5:98:44:a9:2d:fc:60:ad:bd:
72:49:09:d4:94:5c:af:e4:5f:9c:f0:94:34:ea:33:
ef:b4:1f:ef:f0:40:22:c8:ee:04:64:54:e3:3f:e7:
d8:79:c5:20:ed:95:76:e1:f2:63:1b:60:82:c1:31:
5d:d6:fd:d3:b0:96:cf:45:69:52:77:6d:ee:26:9d:
43:a8:39:bc:f9:9c:d7:ae:12:25:a9:5c:c5:6d:eb:
19:ad:73:2c:71:a4:a8:24:9c:9a:e5:28:b7:23:5d:
e3:25:1f:f5:24:22:ad:3f:12:0f:a9:22:0f:90:d7:
87:31:a4:6f:df:42:b9:73:3d:a0:c6:28:8d:ac:2d:
95:71:5e:1d:57:f4:0d:9c:3e:ca:de:94:27:ac:48:
01:9e:47:e9:a2:42:85:58:0d:43:6e:b9:93:19:90:
16:51:83:e1:db:98:85:b7:b1:c2:6c:1a:01:1a:ee:
fd:fb:c8:6a:97:70:16:0c:88:23:1b:00:84:8f:e6:
50:f7:52:e5:c3:f3:17:e7:9a:01:63:a1:a1:ec:20:
ab:89:dc:ef:1c:13:32:fa:8d:8f:46:fe:5f:f4:aa:
4c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8F:1C:67:DC:41:3D:B9:23:E1:66:3F:47:EE:D2:92:D5:9A:2E:C7
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/iI8cZ9xBPbkj4WY_R-7SktWaLsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.129.196.0/22
IPv6:
2a08:600:e0::/47
2a08:600:ee::/47
Signature Algorithm: sha256WithRSAEncryption
0f:b4:39:cc:ce:e7:77:8a:db:59:41:0a:fb:75:90:27:79:b6:
00:9a:98:af:de:bf:2d:ed:95:6a:36:7f:06:0c:cb:cf:eb:98:
7c:51:67:75:13:5e:89:89:e1:b5:af:52:e4:eb:25:5f:5d:a5:
70:4b:17:8f:b5:6e:19:6d:b5:77:76:7e:d6:7c:bf:34:7b:c0:
d1:67:31:53:61:3b:55:4a:4f:b5:be:5f:d5:ee:68:52:32:7b:
2d:6b:23:2c:2f:69:b7:52:a9:65:46:43:e3:74:43:c2:06:99:
0f:cc:d8:28:54:36:49:b7:00:3f:d4:d5:97:71:a5:ef:51:85:
c7:43:99:aa:dc:c3:7b:66:09:7c:45:cb:4d:d3:b5:f7:6b:8e:
6b:8a:ca:87:e6:56:2f:a5:05:bb:14:85:a9:3f:14:ee:f6:36:
54:5f:eb:e5:2c:d1:d1:33:46:46:51:77:43:03:5e:b8:79:a0:
16:a6:43:e4:1f:c5:95:7d:3e:d7:d9:78:65:98:e7:92:8c:9d:
bb:93:a9:18:14:41:b0:97:8d:fb:b5:d3:b6:f1:25:0b:c0:c7:
6a:29:5a:31:8e:87:da:26:a8:27:f4:67:38:93:78:d7:79:71:
0e:ef:fa:d1:aa:40:8d:a4:88:d4:b0:4f:2c:5e:cf:9e:fe:85:
6b:a0:3d:c9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/jZqsuAc+fG5g3iJODbrJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjQwNjA0MTMxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhmMWM2N2RjNDEzZGI5MjNlMTY2M2Y0N2VlZDI5MmQ1OWEyZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPhnAnXaSRbqIBD7EgA7wFt8TDKT
Yv8Ut07UY0JxyO6JgQGlmESpLfxgrb1ySQnUlFyv5F+c8JQ06jPvtB/v8EAiyO4E
ZFTjP+fYecUg7ZV24fJjG2CCwTFd1v3TsJbPRWlSd23uJp1DqDm8+ZzXrhIlqVzF
besZrXMscaSoJJya5Si3I13jJR/1JCKtPxIPqSIPkNeHMaRv30K5cz2gxiiNrC2V
cV4dV/QNnD7K3pQnrEgBnkfpokKFWA1DbrmTGZAWUYPh25iFt7HCbBoBGu79+8hq
l3AWDIgjGwCEj+ZQ91Llw/MX55oBY6Gh7CCridzvHBMy+o2PRv5f9KpM4QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIiPHGfcQT25I+FmP0fu0pLVmi7HMB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEvaUk4Y1o5eEJQYmtqNFdZX1ItN1NrdFdhTHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCGYHEMBgE
AgACMBIDBwEqCAYAAOADBwEqCAYAAO4wDQYJKoZIhvcNAQELBQADggEBAA+0OczO
53eK21lBCvt1kCd5tgCamK/evy3tlWo2fwYMy8/rmHxRZ3UTXomJ4bWvUuTrJV9d
pXBLF4+1bhlttXd2ftZ8vzR7wNFnMVNhO1VKT7W+X9XuaFIyey1rIywvabdSqWVG
Q+N0Q8IGmQ/M2ChUNkm3AD/U1Zdxpe9RhcdDmarcw3tmCXxFy03TtfdrjmuKyofm
Vi+lBbsUhak/FO72NlRf6+Us0dEzRkZRd0MDXrh5oBamQ+QfxZV9PtfZeGWY55KM
nbuTqRgUQbCXjfu107bxJQvAx2opWjGOh9omqCf0ZziTeNd5cQ7v+tGqQI2kiNSw
Tyxez57+hWugPck=
-----END CERTIFICATE-----
Generated at Mon May 5 08:12:28 2025 by rpki-client