Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/I1IBzR_T_4eCE4lEuDiLPhwH24o.roa
File: I1IBzR_T_4eCE4lEuDiLPhwH24o.roa (raw, json)
Hash identifier: oq4AqHNly3zNBlJvas9f2ptyqXnzkWJCK9RazuyZaD4=
Subject key identifier: 23:52:01:CD:1F:D3:FF:87:82:13:89:44:B8:38:8B:3E:1C:07:DB:8A
Certificate issuer: /CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Certificate serial: 018CF28C7646AF3914799D5EAE3FEA49859A
Authority key identifier: 0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/I1IBzR_T_4eCE4lEuDiLPhwH24o.roa
Signing time: Wed 10 Jan 2024 08:45:40 +0000
ROA not before: Wed 10 Jan 2024 08:45:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 87.238.242.0/24 maxlen: 24
87.238.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:8c:76:46:af:39:14:79:9d:5e:ae:3f:ea:49:85:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Validity
Not Before: Jan 10 08:45:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=235201cd1fd3ff8782138944b8388b3e1c07db8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ea:be:13:5f:cb:1b:7d:66:6b:7d:77:ab:49:
34:44:16:61:f7:bf:3c:bf:f8:3b:90:42:8e:e3:ea:
a6:cc:75:93:b4:a0:76:76:26:5a:35:4d:46:d6:72:
14:35:14:7f:13:77:7c:49:d9:44:a1:30:88:dc:cd:
81:1e:51:ce:6d:44:29:34:f8:66:65:98:73:d5:4d:
af:f0:b0:d4:8e:a8:ca:5e:8c:79:c4:a1:b5:17:04:
14:97:5e:e1:3f:88:1d:ef:3d:58:d3:30:21:ce:7a:
e2:35:12:96:9d:aa:e8:b8:bb:82:4b:6f:c9:e8:b9:
7d:2d:58:50:33:f8:81:60:0b:5b:5c:6b:1c:b2:f9:
5d:a4:a1:14:3f:ff:89:45:fc:dc:7f:02:4f:e0:11:
50:02:db:fa:b3:fc:44:47:91:6c:aa:d0:28:03:9d:
17:a3:74:33:22:1e:ac:50:b4:b8:c2:87:79:0b:f9:
11:0f:4f:0b:62:1f:21:38:98:b2:f1:c6:68:24:97:
3e:58:ee:8c:6b:8c:34:d4:7b:4d:40:06:60:eb:4d:
d4:89:d9:96:70:f3:da:ba:d0:d7:ca:9e:37:a7:3c:
35:3d:b1:25:09:09:7e:a8:cf:fd:ce:90:b6:66:3f:
d1:fb:f7:80:97:d8:d1:ef:33:5f:3a:85:0c:de:5e:
93:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:52:01:CD:1F:D3:FF:87:82:13:89:44:B8:38:8B:3E:1C:07:DB:8A
X509v3 Authority Key Identifier:
keyid:0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/I1IBzR_T_4eCE4lEuDiLPhwH24o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/C28enwlQ5POcnF_uP4aKJOs2HvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.241.0-87.238.242.255
Signature Algorithm: sha256WithRSAEncryption
3f:a3:ec:ea:8b:01:6d:c8:6d:9e:68:d4:f7:13:41:f6:8b:48:
6b:28:6b:8c:0c:8a:7c:8f:d6:e7:92:9f:08:5e:39:d9:72:e0:
dc:1a:12:72:ca:b9:03:af:93:9b:cb:c6:2e:1a:ca:f2:63:08:
1d:7f:a0:07:dd:e8:d5:e5:84:d6:0e:0c:fe:f3:87:54:c5:0c:
bb:38:e2:aa:77:18:9c:8b:2a:bf:ca:2f:a2:6e:27:c3:f9:ca:
a3:a0:eb:ca:85:cf:29:ff:f3:a8:da:a7:2a:d2:37:70:f1:20:
31:62:8c:ad:c8:47:d7:c4:89:d6:ce:6e:4b:98:6f:a2:94:93:
48:d2:56:6c:c3:e9:6c:0c:53:c2:b7:12:b3:1e:11:54:fe:d5:
c5:59:d2:05:2b:ac:e8:22:37:c9:93:2d:7a:d3:2b:52:31:90:
e0:e4:7e:3d:93:6d:b0:76:b6:90:16:ad:50:ac:61:8c:10:f8:
52:e1:73:9d:dd:49:23:4c:00:5e:d2:b9:a8:87:f7:14:4d:60:
6f:9b:06:38:10:50:70:a8:22:d3:16:be:7e:4c:63:2b:bd:1e:
1e:a0:2b:a6:1e:41:f8:ed:d9:9d:42:fd:13:38:86:c3:bf:25:
ae:a9:5e:a8:2e:81:15:7f:04:aa:7c:a4:6c:3a:7c:82:74:43:
a3:25:93:46
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzyjHZGrzkUeZ1erj/qSYWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmYxZTlmMDk1MGU0ZjM5YzljNWZlZTNmODY4YTI0ZWIz
NjFlZjEwHhcNMjQwMTEwMDg0NTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzUyMDFjZDFmZDNmZjg3ODIxMzg5NDRiODM4OGIzZTFjMDdkYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeq+E1/LG31ma313q0k0RBZh9788
v/g7kEKO4+qmzHWTtKB2diZaNU1G1nIUNRR/E3d8SdlEoTCI3M2BHlHObUQpNPhm
ZZhz1U2v8LDUjqjKXox5xKG1FwQUl17hP4gd7z1Y0zAhznriNRKWnarouLuCS2/J
6Ll9LVhQM/iBYAtbXGscsvldpKEUP/+JRfzcfwJP4BFQAtv6s/xER5FsqtAoA50X
o3QzIh6sULS4wod5C/kRD08LYh8hOJiy8cZoJJc+WO6Ma4w01HtNQAZg603UidmW
cPPautDXyp43pzw1PbElCQl+qM/9zpC2Zj/R+/eAl9jR7zNfOoUM3l6TcQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCNSAc0f0/+HghOJRLg4iz4cB9uKMB8GA1UdIwQY
MBaAFAtvHp8JUOTznJxf7j+GiiTrNh7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAt
MDgxYmNiYWM0ZGFmLzEvSTFJQnpSX1RfNGVDRTRsRXVEaUxQaHdIMjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAtMDgxYmNiYWM0ZGFm
LzEvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABX7vED
BABX7vIwDQYJKoZIhvcNAQELBQADggEBAD+j7OqLAW3IbZ5o1PcTQfaLSGsoa4wM
inyP1ueSnwheOdly4NwaEnLKuQOvk5vLxi4ayvJjCB1/oAfd6NXlhNYODP7zh1TF
DLs44qp3GJyLKr/KL6JuJ8P5yqOg68qFzyn/86japyrSN3DxIDFijK3IR9fEidbO
bkuYb6KUk0jSVmzD6WwMU8K3ErMeEVT+1cVZ0gUrrOgiN8mTLXrTK1IxkODkfj2T
bbB2tpAWrVCsYYwQ+FLhc53dSSNMAF7SuaiH9xRNYG+bBjgQUHCoItMWvn5MYyu9
Hh6gK6YeQfjt2Z1C/RM4hsO/Ja6pXqgugRV/BKp8pGw6fIJ0Q6Mlk0Y=
-----END CERTIFICATE-----
Generated at Sat May 10 03:53:51 2025 by rpki-client