Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/yK7u38DhUl4DwHL9gffG5_49hGE.roa
File: yK7u38DhUl4DwHL9gffG5_49hGE.roa (raw, json)
Hash identifier: AAOb4bodaqHQvkDWB0qyZgKPY4xInSGBuRXNFLzIDdw=
Subject key identifier: C8:AE:EE:DF:C0:E1:52:5E:03:C0:72:FD:81:F7:C6:E7:FE:3D:84:61
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 018CC4933E1128647F105BAB419E6CB406D3
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/yK7u38DhUl4DwHL9gffG5_49hGE.roa
Signing time: Mon 01 Jan 2024 10:30:33 +0000
ROA not before: Mon 01 Jan 2024 10:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201719
IP address blocks: 147.78.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 10:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3e:11:28:64:7f:10:5b:ab:41:9e:6c:b4:06:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 10:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8aeeedfc0e1525e03c072fd81f7c6e7fe3d8461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:04:35:9f:47:5a:61:b3:7e:66:f5:99:03:
f5:1b:59:82:a4:e3:7a:b9:40:4b:ae:01:de:15:a9:
61:7f:f4:01:a7:08:95:5d:e3:7c:f6:b6:59:5c:a2:
4b:62:83:81:55:32:43:21:a8:92:17:f3:cb:61:4c:
54:b5:3f:2a:08:db:bc:48:d0:62:b1:77:78:ed:0d:
e0:4b:86:10:50:01:51:33:d3:c5:61:a3:af:42:1a:
f4:15:0d:ec:33:33:42:b0:bd:f5:ae:ba:ad:3e:0b:
d5:ff:10:8d:7f:8a:f6:cf:27:23:0c:60:fd:04:1f:
6a:df:1e:12:58:f9:e2:f0:f0:68:63:67:b2:08:4e:
eb:39:f5:cf:3d:1e:ce:56:37:e2:b4:3b:e0:7b:31:
97:ad:3c:07:b8:9a:89:8d:2d:64:c0:5f:f5:43:d8:
9e:e4:71:e2:7d:cd:fc:b6:25:70:40:55:e0:05:0b:
95:b3:d5:fd:ca:0d:51:71:e0:cc:a4:39:95:3d:74:
9f:e1:d1:8b:22:6d:a0:ab:4a:5a:42:29:09:9d:07:
c4:08:b5:f2:a6:df:e9:9c:02:53:42:e3:84:a6:4b:
9c:b9:94:35:e9:5e:91:d5:1c:12:2d:44:ad:e5:96:
eb:ab:cf:98:34:c0:dd:c8:e9:d5:59:f9:a1:c2:6a:
f5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AE:EE:DF:C0:E1:52:5E:03:C0:72:FD:81:F7:C6:E7:FE:3D:84:61
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/yK7u38DhUl4DwHL9gffG5_49hGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.217.0/24
Signature Algorithm: sha256WithRSAEncryption
13:a5:e4:c7:5b:1d:39:87:52:aa:ed:a4:e4:93:b3:bf:98:5d:
89:04:e6:19:a6:ab:38:1d:e3:72:b6:75:2d:4c:11:f6:24:a2:
e4:21:86:e5:45:4e:35:36:c5:d0:39:04:6c:8c:57:b1:32:c7:
1a:f0:e3:21:24:43:2e:34:8a:a6:da:bb:c4:b9:9b:a2:4d:ac:
13:f4:8b:96:aa:68:d7:34:5b:dc:09:30:16:70:a9:ee:dc:51:
99:33:18:54:1d:d2:ff:d0:5e:d0:b6:60:8e:07:23:da:95:21:
54:f8:b6:dd:b7:3a:54:19:22:8b:52:fa:c4:f7:4c:ea:d9:26:
40:91:f0:49:57:96:7d:2a:ab:8e:1b:71:3c:ba:0d:78:39:3d:
72:79:a3:67:42:37:94:e1:a7:6b:b0:dd:48:c3:d3:ab:3f:26:
f5:f1:81:0f:95:fa:23:8c:21:db:d2:78:49:32:b7:6c:a9:a6:
a3:bb:37:60:16:b8:7c:20:f6:1d:62:44:f0:ad:e8:c6:3d:29:
f5:32:30:08:d8:62:f0:37:23:e6:b3:92:5c:f7:37:91:d9:4e:
bf:ba:10:fc:0a:47:be:4d:23:38:d3:97:aa:31:72:ad:59:0a:
7a:cb:17:f5:b7:b5:61:22:93:a9:de:d6:dc:8e:3f:f5:fc:b6:
25:aa:83:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkz4RKGR/EFurQZ5stAbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjQwMTAxMTAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGFlZWVkZmMwZTE1MjVlMDNjMDcyZmQ4MWY3YzZlN2ZlM2Q4NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQEENZ9HWmGzfmb1mQP1G1mCpON6
uUBLrgHeFalhf/QBpwiVXeN89rZZXKJLYoOBVTJDIaiSF/PLYUxUtT8qCNu8SNBi
sXd47Q3gS4YQUAFRM9PFYaOvQhr0FQ3sMzNCsL31rrqtPgvV/xCNf4r2zycjDGD9
BB9q3x4SWPni8PBoY2eyCE7rOfXPPR7OVjfitDvgezGXrTwHuJqJjS1kwF/1Q9ie
5HHifc38tiVwQFXgBQuVs9X9yg1RceDMpDmVPXSf4dGLIm2gq0paQikJnQfECLXy
pt/pnAJTQuOEpkucuZQ16V6R1RwSLUSt5Zbrq8+YNMDdyOnVWfmhwmr1bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiu7t/A4VJeA8By/YH3xuf+PYRhMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEveUs3dTM4RGhVbDREd0hMOWdmZkc1XzQ5aEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk07ZMA0G
CSqGSIb3DQEBCwUAA4IBAQATpeTHWx05h1Kq7aTkk7O/mF2JBOYZpqs4HeNytnUt
TBH2JKLkIYblRU41NsXQOQRsjFexMsca8OMhJEMuNIqm2rvEuZuiTawT9IuWqmjX
NFvcCTAWcKnu3FGZMxhUHdL/0F7QtmCOByPalSFU+LbdtzpUGSKLUvrE90zq2SZA
kfBJV5Z9KquOG3E8ug14OT1yeaNnQjeU4adrsN1Iw9OrPyb18YEPlfojjCHb0nhJ
MrdsqaajuzdgFrh8IPYdYkTwrejGPSn1MjAI2GLwNyPms5Jc9zeR2U6/uhD8Cke+
TSM405eqMXKtWQp6yxf1t7VhIpOp3tbcjj/1/LYlqoO4
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:19:03 2025 by rpki-client