Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/yH3vj653QK4mci0dGSva4G4MfLg.roa
File: yH3vj653QK4mci0dGSva4G4MfLg.roa (raw, json)
Hash identifier: 75EpJlxL/V0QxjX9JzTW0/pgmCHrsP4gpgcrfF1jzeo=
Subject key identifier: C8:7D:EF:8F:AE:77:40:AE:26:72:2D:1D:19:2B:DA:E0:6E:0C:7C:B8
Certificate issuer: /CN=c68ec9c7f1ecc27cb2ec713c2764a0214fce7828
Certificate serial: 018CC4931AEF2A8481CF9DE39E46DBC205E1
Authority key identifier: C6:8E:C9:C7:F1:EC:C2:7C:B2:EC:71:3C:27:64:A0:21:4F:CE:78:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/yH3vj653QK4mci0dGSva4G4MfLg.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210236
IP address blocks: 194.110.160.0/22 maxlen: 24
2a05:3a40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1a:ef:2a:84:81:cf:9d:e3:9e:46:db:c2:05:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68ec9c7f1ecc27cb2ec713c2764a0214fce7828
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c87def8fae7740ae26722d1d192bdae06e0c7cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:7e:84:c6:b4:ec:11:93:b6:2e:89:ea:2d:
b4:70:74:51:58:79:92:31:1d:e3:56:c6:a6:e8:a5:
2e:c1:92:f9:30:35:0f:31:71:30:53:8d:b9:b5:58:
10:72:9b:93:b1:48:22:6c:b7:80:a9:de:aa:bf:10:
ca:dc:1d:72:db:ce:b4:ef:1b:26:43:21:f6:61:13:
c8:9b:50:04:04:7b:7b:90:54:60:73:ec:d5:c4:79:
82:c3:ab:cf:46:d5:fd:35:39:0c:67:97:99:a7:ba:
49:1e:ae:c6:bd:15:49:64:dc:2e:39:94:fa:d8:82:
30:5e:98:04:5c:71:fa:ec:f7:6e:f3:30:de:d7:40:
e4:a9:ad:57:dd:33:09:5a:a5:75:3e:7a:25:31:dc:
1a:09:9b:bf:26:9c:14:3a:32:cf:e4:79:b2:3e:98:
3d:17:3a:67:08:cd:b3:a6:f6:a6:37:5a:bd:eb:8b:
f8:d4:ee:29:b1:f7:42:7f:25:b8:44:37:df:a1:7f:
37:fc:e5:66:c3:1d:20:e0:fb:b6:34:95:80:f9:0c:
51:e6:e9:37:cb:fa:41:17:4c:50:b8:6f:96:d4:25:
55:29:35:46:40:b6:32:4f:f5:c1:6c:76:0f:b6:b7:
c2:f7:8e:ac:97:2c:00:c6:fa:01:f1:fa:07:64:4b:
3c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7D:EF:8F:AE:77:40:AE:26:72:2D:1D:19:2B:DA:E0:6E:0C:7C:B8
X509v3 Authority Key Identifier:
keyid:C6:8E:C9:C7:F1:EC:C2:7C:B2:EC:71:3C:27:64:A0:21:4F:CE:78:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/yH3vj653QK4mci0dGSva4G4MfLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.160.0/22
IPv6:
2a05:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
b3:2d:5c:de:f4:8e:eb:de:ea:14:6b:f3:19:a8:40:66:0d:d8:
18:12:2b:99:3d:e4:30:9f:e1:00:d7:a6:8e:da:4f:9c:0b:e1:
d6:f3:c5:e1:f1:49:98:ee:d6:16:bd:52:a3:a8:1a:79:d1:d4:
59:16:f4:f8:ba:ed:ac:ec:4f:5e:b5:f9:bb:ba:bd:ef:58:4e:
42:1a:60:fc:a3:c6:85:3b:a5:be:af:00:93:64:45:6d:42:7f:
15:66:ec:10:61:5f:60:23:8d:ca:18:da:7c:3e:43:e6:c2:fd:
a2:a7:9f:c3:5f:f2:36:2a:2d:6e:03:ef:48:08:59:bb:1e:00:
b2:2b:3a:81:4d:ad:ff:0a:78:e5:fe:a6:1b:4e:33:3e:d2:ee:
ae:45:c4:77:aa:6a:9b:58:5f:56:eb:1c:29:6d:5a:30:bc:b3:
95:50:f0:ba:94:b0:42:f2:da:5a:0f:1e:9c:b3:9d:6c:2d:17:
49:19:2a:1f:9f:96:af:d5:82:12:c8:13:63:17:01:99:d2:7c:
51:e9:cb:7a:f8:5a:63:22:97:58:44:09:6d:2d:77:72:5c:30:
27:c5:c9:77:58:3a:60:dc:d2:47:8b:38:b8:78:1d:11:5d:4e:
c1:fc:5e:f6:12:8d:77:65:ac:8c:bc:ae:ed:de:c3:0d:43:d6:
f4:44:ea:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkxrvKoSBz53jnkbbwgXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGVjOWM3ZjFlY2MyN2NiMmVjNzEzYzI3NjRhMDIxNGZj
ZTc4MjgwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdkZWY4ZmFlNzc0MGFlMjY3MjJkMWQxOTJiZGFlMDZlMGM3Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq95+hMa07BGTti6J6i20cHRRWHmS
MR3jVsam6KUuwZL5MDUPMXEwU425tVgQcpuTsUgibLeAqd6qvxDK3B1y28607xsm
QyH2YRPIm1AEBHt7kFRgc+zVxHmCw6vPRtX9NTkMZ5eZp7pJHq7GvRVJZNwuOZT6
2IIwXpgEXHH67Pdu8zDe10Dkqa1X3TMJWqV1PnolMdwaCZu/JpwUOjLP5HmyPpg9
FzpnCM2zpvamN1q964v41O4psfdCfyW4RDffoX83/OVmwx0g4Pu2NJWA+QxR5uk3
y/pBF0xQuG+W1CVVKTVGQLYyT/XBbHYPtrfC946slywAxvoB8foHZEs86wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMh974+ud0CuJnItHRkr2uBuDHy4MB8GA1UdIwQY
MBaAFMaOycfx7MJ8suxxPCdkoCFPzngoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG83SnhfSHN3bnl5N0hFOEoyU2dJVV9PZUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kNzRjOWUtMDRmMC00ZTYzLWFmMzAt
ODYzMmVlOTQxNDViLzEveUgzdmo2NTNRSzRtY2kwZEdTdmE0RzRNZkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kNzRjOWUtMDRmMC00ZTYzLWFmMzAtODYzMmVlOTQxNDVi
LzEveG83SnhfSHN3bnl5N0hFOEoyU2dJVV9PZUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwm6gMA0E
AgACMAcDBQAqBTpAMA0GCSqGSIb3DQEBCwUAA4IBAQCzLVze9I7r3uoUa/MZqEBm
DdgYEiuZPeQwn+EA16aO2k+cC+HW88Xh8UmY7tYWvVKjqBp50dRZFvT4uu2s7E9e
tfm7ur3vWE5CGmD8o8aFO6W+rwCTZEVtQn8VZuwQYV9gI43KGNp8PkPmwv2ip5/D
X/I2Ki1uA+9ICFm7HgCyKzqBTa3/Cnjl/qYbTjM+0u6uRcR3qmqbWF9W6xwpbVow
vLOVUPC6lLBC8tpaDx6cs51sLRdJGSofn5av1YISyBNjFwGZ0nxR6ct6+FpjIpdY
RAltLXdyXDAnxcl3WDpg3NJHizi4eB0RXU7B/F72Eo13ZayMvK7t3sMNQ9b0ROpi
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:59 2025 by rpki-client