Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/YJ2L5D_sPnBdsTpNEkXxwHUYKwo.roa
File: YJ2L5D_sPnBdsTpNEkXxwHUYKwo.roa (raw, json)
Hash identifier: G4cNioErTsb/zdUn/WesPmmeW+Z3YpAPoZAgTyip23k=
Subject key identifier: 60:9D:8B:E4:3F:EC:3E:70:5D:B1:3A:4D:12:45:F1:C0:75:18:2B:0A
Certificate issuer: /CN=bc063d650534aa9f06931fd8ed6e0bb276ebd3bf
Certificate serial: 018CC794827F0CD4BD192831F6B14BE39195
Authority key identifier: BC:06:3D:65:05:34:AA:9F:06:93:1F:D8:ED:6E:0B:B2:76:EB:D3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/YJ2L5D_sPnBdsTpNEkXxwHUYKwo.roa
Signing time: Tue 02 Jan 2024 00:30:47 +0000
ROA not before: Tue 02 Jan 2024 00:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35349
IP address blocks: 185.239.248.0/22 maxlen: 22
2a0c:6780::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:82:7f:0c:d4:bd:19:28:31:f6:b1:4b:e3:91:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc063d650534aa9f06931fd8ed6e0bb276ebd3bf
Validity
Not Before: Jan 2 00:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609d8be43fec3e705db13a4d1245f1c075182b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2a:c0:ab:02:ff:ae:45:ab:74:14:9e:4f:5e:
34:38:62:21:37:1c:60:ca:b5:7e:86:99:be:86:c3:
86:9d:57:88:1e:0b:8b:46:ff:60:e3:f8:da:98:86:
ac:32:c3:83:be:3b:0c:44:a8:9b:67:6b:18:44:86:
7f:17:c8:2e:39:8e:2a:1b:c4:7d:02:38:ec:4c:4c:
fa:fd:09:65:43:89:ea:21:47:02:f1:23:ca:70:28:
13:fe:7c:5f:f6:ae:d5:fa:25:2a:54:5b:83:0f:6d:
cf:c1:d6:80:14:43:cb:08:09:8b:31:58:03:57:29:
de:74:ce:c8:12:bb:01:3c:75:b8:e9:2a:9f:06:5c:
89:00:85:eb:03:7e:81:8a:46:aa:7d:3f:72:e0:8d:
16:00:8d:f1:97:49:23:d6:f2:16:9a:dd:38:ef:a4:
11:3a:e5:a0:4b:65:fc:e7:99:47:e9:0f:97:80:5b:
d5:91:84:ff:8c:51:29:2b:bb:08:37:f9:af:c7:3b:
5e:28:f3:c2:b6:fd:73:e8:35:29:ff:70:a8:1a:57:
79:6d:a2:e8:3e:41:f5:d6:54:39:af:d2:71:03:75:
5b:fd:16:37:b3:be:09:29:a8:d2:c1:84:7f:83:92:
ab:6c:ab:a1:a2:be:04:7f:7e:7f:bb:83:d3:38:3b:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9D:8B:E4:3F:EC:3E:70:5D:B1:3A:4D:12:45:F1:C0:75:18:2B:0A
X509v3 Authority Key Identifier:
keyid:BC:06:3D:65:05:34:AA:9F:06:93:1F:D8:ED:6E:0B:B2:76:EB:D3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/YJ2L5D_sPnBdsTpNEkXxwHUYKwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.248.0/22
IPv6:
2a0c:6780::/29
Signature Algorithm: sha256WithRSAEncryption
7d:97:24:be:29:6a:cc:52:2c:fe:95:4e:7f:d6:d3:cf:47:75:
e8:59:8b:30:63:cb:6f:67:92:e0:ae:d3:31:27:71:57:b0:ed:
cd:9d:ac:b3:09:0b:cc:4a:d9:e3:48:13:d4:57:55:d0:cb:e0:
10:d5:ad:c1:f9:d9:92:9d:30:29:43:d4:3b:17:74:cd:3a:08:
c1:c7:83:db:79:cc:31:1d:cc:70:d5:cd:74:2e:ac:2e:86:0f:
fc:a6:c7:79:15:6c:d5:99:61:65:9b:bb:3d:0a:ce:33:1c:e7:
c3:b1:0b:ff:89:69:ae:f0:c4:56:de:d9:ca:09:58:8d:64:93:
42:6f:9f:84:55:2c:18:43:e3:83:12:2c:c4:93:51:61:2a:00:
15:7e:e0:b5:5d:5d:80:8f:8e:a9:31:4b:39:3c:ac:32:23:29:
51:cf:59:24:c7:55:fd:e8:c6:af:22:fd:7e:4d:ed:5b:09:ca:
67:32:4c:c0:77:00:1a:5e:34:ae:a3:fc:f0:41:e2:1a:ba:68:
64:3f:ab:98:f8:19:fd:e0:fd:58:d0:b9:fa:d1:d2:a6:49:4c:
d3:ed:1d:8b:f7:0a:3c:b1:3b:e4:27:77:21:7d:ed:51:0c:8c:
26:0c:f0:97:be:4e:ef:7b:55:b6:56:75:6c:7e:cc:36:35:64:
de:27:94:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlIJ/DNS9GSgx9rFL45GVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMDYzZDY1MDUzNGFhOWYwNjkzMWZkOGVkNmUwYmIyNzZl
YmQzYmYwHhcNMjQwMTAyMDAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDlkOGJlNDNmZWMzZTcwNWRiMTNhNGQxMjQ1ZjFjMDc1MTgyYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSrAqwL/rkWrdBSeT140OGIhNxxg
yrV+hpm+hsOGnVeIHguLRv9g4/jamIasMsODvjsMRKibZ2sYRIZ/F8guOY4qG8R9
AjjsTEz6/QllQ4nqIUcC8SPKcCgT/nxf9q7V+iUqVFuDD23PwdaAFEPLCAmLMVgD
VynedM7IErsBPHW46SqfBlyJAIXrA36BikaqfT9y4I0WAI3xl0kj1vIWmt0476QR
OuWgS2X855lH6Q+XgFvVkYT/jFEpK7sIN/mvxzteKPPCtv1z6DUp/3CoGld5baLo
PkH11lQ5r9JxA3Vb/RY3s74JKajSwYR/g5KrbKuhor4Ef35/u4PTODvC2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGCdi+Q/7D5wXbE6TRJF8cB1GCsKMB8GA1UdIwQY
MBaAFLwGPWUFNKqfBpMf2O1uC7J269O/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkFZOVpRVTBxcDhHa3hfWTdXNExzbmJyMDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8xNzk0ZTgtODk5OC00NTE0LWI3ZTEt
MjE2ZDI4OWYxNzY0LzEvWUoyTDVEX3NQbkJkc1RwTkVrWHh3SFVZS3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8xNzk0ZTgtODk5OC00NTE0LWI3ZTEtMjE2ZDI4OWYxNzY0
LzEvdkFZOVpRVTBxcDhHa3hfWTdXNExzbmJyMDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue/4MA0E
AgACMAcDBQMqDGeAMA0GCSqGSIb3DQEBCwUAA4IBAQB9lyS+KWrMUiz+lU5/1tPP
R3XoWYswY8tvZ5LgrtMxJ3FXsO3NnayzCQvMStnjSBPUV1XQy+AQ1a3B+dmSnTAp
Q9Q7F3TNOgjBx4PbecwxHcxw1c10Lqwuhg/8psd5FWzVmWFlm7s9Cs4zHOfDsQv/
iWmu8MRW3tnKCViNZJNCb5+EVSwYQ+ODEizEk1FhKgAVfuC1XV2Aj46pMUs5PKwy
IylRz1kkx1X96MavIv1+Te1bCcpnMkzAdwAaXjSuo/zwQeIaumhkP6uY+Bn94P1Y
0Ln60dKmSUzT7R2L9wo8sTvkJ3chfe1RDIwmDPCXvk7ve1W2VnVsfsw2NWTeJ5Ss
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:22:52 2025 by rpki-client