Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/IkGykXF7jdU-dr8jGq6qhJgahrY.roa
File: IkGykXF7jdU-dr8jGq6qhJgahrY.roa (raw, json)
Hash identifier: ITsdO+dx08bCsAEj+umOKNTPosD5xPkZ2QW9pG4jAYQ=
Subject key identifier: 22:41:B2:91:71:7B:8D:D5:3E:76:BF:23:1A:AE:AA:84:98:1A:86:B6
Certificate issuer: /CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Certificate serial: 019418EA59F1586780AF5DFB0FAC3BD7D30E
Authority key identifier: 5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/IkGykXF7jdU-dr8jGq6qhJgahrY.roa
Signing time: Mon 30 Dec 2024 18:53:19 +0000
ROA not before: Mon 30 Dec 2024 18:53:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213857
IP address blocks: 185.228.200.0/22 maxlen: 23
2a0b:7180::/32 maxlen: 33
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:ea:59:f1:58:67:80:af:5d:fb:0f:ac:3b:d7:d3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Validity
Not Before: Dec 30 18:53:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2241b291717b8dd53e76bf231aaeaa84981a86b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:da:bc:fe:b8:85:87:e3:a7:04:f3:0a:59:
20:fa:51:7a:29:1e:30:60:2c:dc:f2:6d:57:52:cb:
5d:77:af:88:6f:85:14:a2:aa:22:eb:2e:9f:15:6b:
29:a8:31:ee:07:5c:25:32:d2:fb:ff:8d:40:b7:55:
f1:85:09:40:30:f7:8f:19:d7:95:c5:b1:55:c3:fa:
8d:39:99:8b:a2:40:5b:e1:e3:1d:0a:1e:20:c4:b2:
64:ff:54:ba:4c:2b:65:b7:cc:78:93:89:e1:33:56:
a0:19:07:fd:a9:b9:59:fd:17:05:44:72:a4:ef:1f:
88:3f:7e:34:52:c0:b0:00:23:b9:89:64:51:ed:17:
9c:66:b6:65:37:e3:b9:36:50:86:6c:33:d1:9d:a8:
67:72:9a:b4:08:43:34:b4:e7:6e:4b:e0:29:0e:19:
40:11:29:e4:e2:e1:e4:ef:73:84:41:fe:c4:f2:db:
1f:ff:0d:24:65:a3:60:8f:2e:fc:c3:43:e0:1b:a0:
8e:70:b5:a0:5b:67:79:6d:d4:1d:b3:d4:3e:fa:db:
cf:d9:55:d7:74:85:54:ec:b3:93:ce:b0:d1:ec:67:
2f:75:c6:8e:57:75:d4:80:dd:95:1a:02:89:6f:4f:
17:7c:a3:a8:6a:0a:52:e9:c7:19:ca:fb:c7:82:b3:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:41:B2:91:71:7B:8D:D5:3E:76:BF:23:1A:AE:AA:84:98:1A:86:B6
X509v3 Authority Key Identifier:
keyid:5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/IkGykXF7jdU-dr8jGq6qhJgahrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.200.0/22
IPv6:
2a0b:7180::/32
Signature Algorithm: sha256WithRSAEncryption
1d:96:2a:53:2f:70:6d:98:51:cd:7a:c1:ae:18:87:2f:d2:03:
4e:f3:f7:96:3d:fd:24:9c:18:6c:a7:34:b3:7c:97:b6:de:6d:
89:d4:e9:9c:c8:5c:dd:f2:16:89:61:e1:42:c4:5d:d5:bf:dc:
f6:90:cb:56:e1:27:ee:12:02:e0:d6:c1:f4:b2:8f:4a:d6:e0:
a7:eb:8a:4e:79:f7:ab:b4:17:0b:eb:80:55:74:57:7f:7e:bc:
f0:ee:a2:51:4c:e0:cd:df:a0:11:6a:33:53:c3:d7:d4:1f:a9:
b8:55:06:34:41:70:49:9a:f2:52:96:bc:10:ce:3f:b5:07:96:
37:a8:72:86:d9:d9:02:d3:4f:9b:a0:7d:38:14:14:d8:42:3b:
6f:9e:d0:49:a5:02:fe:20:ce:55:b6:76:74:d8:71:7f:ef:77:
88:01:72:1f:26:ae:47:72:f7:14:48:28:a0:ba:29:a3:46:31:
41:77:12:9a:c5:1a:83:f8:23:5c:1b:fb:ac:20:ef:43:74:81:
be:98:07:7d:12:9f:6d:3e:49:dc:3f:6e:b2:36:2f:ae:cf:71:
37:a3:e6:1a:1c:03:94:04:ba:1c:dd:6d:8b:dc:58:8d:64:07:
e6:55:a7:06:87:49:4d:f5:4c:1a:4a:6f:92:8e:9a:a2:d9:9f:
49:89:6c:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQY6lnxWGeAr137D6w719MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjJiYTlhYmY4MWQ2Y2Y4MDMzY2RjZGViYzhkZjhmN2Uy
MmMyOGMwHhcNMjQxMjMwMTg1MzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQxYjI5MTcxN2I4ZGQ1M2U3NmJmMjMxYWFlYWE4NDk4MWE4NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuHavP64hYfjpwTzClkg+lF6KR4w
YCzc8m1XUstdd6+Ib4UUoqoi6y6fFWspqDHuB1wlMtL7/41At1XxhQlAMPePGdeV
xbFVw/qNOZmLokBb4eMdCh4gxLJk/1S6TCtlt8x4k4nhM1agGQf9qblZ/RcFRHKk
7x+IP340UsCwACO5iWRR7RecZrZlN+O5NlCGbDPRnahncpq0CEM0tOduS+ApDhlA
ESnk4uHk73OEQf7E8tsf/w0kZaNgjy78w0PgG6COcLWgW2d5bdQds9Q++tvP2VXX
dIVU7LOTzrDR7GcvdcaOV3XUgN2VGgKJb08XfKOoagpS6ccZyvvHgrN8FwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCJBspFxe43VPna/IxquqoSYGoa2MB8GA1UdIwQY
MBaAFFqyupq/gdbPgDPNzevI349+IsKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEt
NmRmYmJkZTUyZGVhLzEvSWtHeWtYRjdqZFUtZHI4akdxNnFoSmdhaHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEtNmRmYmJkZTUyZGVh
LzEvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueTIMA0E
AgACMAcDBQAqC3GAMA0GCSqGSIb3DQEBCwUAA4IBAQAdlipTL3BtmFHNesGuGIcv
0gNO8/eWPf0knBhspzSzfJe23m2J1OmcyFzd8haJYeFCxF3Vv9z2kMtW4SfuEgLg
1sH0so9K1uCn64pOefertBcL64BVdFd/frzw7qJRTODN36ARajNTw9fUH6m4VQY0
QXBJmvJSlrwQzj+1B5Y3qHKG2dkC00+boH04FBTYQjtvntBJpQL+IM5VtnZ02HF/
73eIAXIfJq5HcvcUSCiguimjRjFBdxKaxRqD+CNcG/usIO9DdIG+mAd9Ep9tPknc
P26yNi+uz3E3o+YaHAOUBLoc3W2L3FiNZAfmVacGh0lN9UwaSm+Sjpqi2Z9JiWxk
-----END CERTIFICATE-----
Generated at Thu May 15 14:57:06 2025 by rpki-client