Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/YZ8zjakoVlc3IpOFGqXEi33WtYA.roa
File: YZ8zjakoVlc3IpOFGqXEi33WtYA.roa (raw, json)
Hash identifier: IFbXs097sYS7UHgUKxOeBhlJEbVWz7u48nzdodc9SF8=
Subject key identifier: 61:9F:33:8D:A9:28:56:57:37:22:93:85:1A:A5:C4:8B:7D:D6:B5:80
Certificate issuer: /CN=32b1b94b073c547991c20f842eadec167ec19e34
Certificate serial: 019395F742DECCF9624E66C5062F3A26DBD4
Authority key identifier: 32:B1:B9:4B:07:3C:54:79:91:C2:0F:84:2E:AD:EC:16:7E:C1:9E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/YZ8zjakoVlc3IpOFGqXEi33WtYA.roa
Signing time: Thu 05 Dec 2024 08:37:09 +0000
ROA not before: Thu 05 Dec 2024 08:37:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48555
IP address blocks: 176.56.144.0/24 maxlen: 24
176.56.146.0/24 maxlen: 24
176.56.148.0/24 maxlen: 24
176.56.150.0/24 maxlen: 24
185.63.236.0/24 maxlen: 24
185.63.237.0/24 maxlen: 24
185.63.238.0/24 maxlen: 24
185.63.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:95:f7:42:de:cc:f9:62:4e:66:c5:06:2f:3a:26:db:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32b1b94b073c547991c20f842eadec167ec19e34
Validity
Not Before: Dec 5 08:37:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=619f338da9285657372293851aa5c48b7dd6b580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:3d:5d:25:9c:68:39:eb:bc:6e:c4:36:d1:e9:
66:09:e0:f6:49:97:02:1e:06:d7:48:bc:67:45:6b:
4c:84:20:ff:6e:6b:3b:41:27:7f:25:8a:a6:81:d5:
5e:6c:ef:4f:9c:b0:5e:b3:af:4d:58:3f:a9:b5:d1:
8c:73:e3:e1:ab:a7:0b:80:79:f6:82:17:04:5a:61:
ea:58:57:21:5f:8a:7c:db:bd:d0:a1:ce:44:e5:65:
c3:49:0f:7f:98:e3:90:e3:6c:b1:b4:9d:d6:b9:18:
58:c3:5e:0e:91:34:3b:ac:69:bb:69:69:b6:28:ed:
c7:aa:4c:9e:88:67:35:f3:a3:f6:3e:a8:bd:a0:81:
89:72:36:56:7d:36:60:5f:26:21:eb:71:f7:60:9b:
bc:c9:0a:88:92:12:44:b3:c8:e4:97:08:6e:4a:9d:
04:3b:42:e9:ff:e8:94:c4:58:7f:6e:b4:a8:a4:a5:
51:b2:ec:d3:40:f4:a4:74:2e:4d:f4:5a:82:46:96:
1b:89:0e:50:e2:f1:cf:59:b0:c6:38:00:ad:eb:55:
b0:98:0a:f0:e6:c3:eb:a1:41:50:84:e1:b6:60:cc:
ac:e0:d7:24:cd:62:55:f2:51:e5:51:82:3e:5e:33:
cb:84:41:c1:d9:96:84:ac:62:ad:07:92:85:7b:2a:
ad:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9F:33:8D:A9:28:56:57:37:22:93:85:1A:A5:C4:8B:7D:D6:B5:80
X509v3 Authority Key Identifier:
keyid:32:B1:B9:4B:07:3C:54:79:91:C2:0F:84:2E:AD:EC:16:7E:C1:9E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/YZ8zjakoVlc3IpOFGqXEi33WtYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.144.0/24
176.56.146.0/24
176.56.148.0/24
176.56.150.0/24
185.63.236.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:1c:4a:ce:6a:c9:7b:28:0e:5a:94:f2:8e:fd:45:43:98:62:
ff:36:9d:e0:9e:05:a6:7c:36:42:a5:13:ba:4b:c3:df:7c:71:
da:32:30:c0:94:d4:c9:2b:a9:a8:c1:8d:d1:25:b4:fa:80:86:
90:59:30:1f:f5:78:62:62:f4:87:91:a2:e0:0e:f2:23:07:d8:
0c:28:24:3a:e7:19:fc:3f:e1:16:0f:4d:85:1c:39:b3:7e:1d:
e4:dd:3a:8d:45:45:58:2a:74:f8:6b:23:f0:e3:2c:b8:4b:b5:
95:d6:dc:cd:01:42:01:73:b6:03:3f:c9:04:56:b1:78:d0:a4:
2b:c9:82:b5:5f:1d:30:05:f3:6f:e7:95:bc:d4:b1:34:52:2d:
9b:e5:5d:77:01:ca:e5:c4:8d:bd:ff:d7:0e:29:3e:f1:4b:3e:
59:c7:67:9b:64:cf:95:69:6f:55:2a:33:89:11:07:d5:f4:54:
84:07:5a:42:32:28:45:31:a2:90:c9:61:71:bb:73:28:43:fe:
4a:70:e6:c5:8c:5a:2b:32:e7:09:3f:9a:9e:33:c6:a5:08:76:
77:ba:7b:5d:3f:88:59:bb:68:e1:fd:cf:5e:cf:9f:e1:93:f6:
d3:07:cf:6b:18:a7:2b:51:b8:69:6c:1f:2c:19:b8:d6:71:c8:
be:96:18:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOV90LezPliTmbFBi86JtvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYjFiOTRiMDczYzU0Nzk5MWMyMGY4NDJlYWRlYzE2N2Vj
MTllMzQwHhcNMjQxMjA1MDgzNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlmMzM4ZGE5Mjg1NjU3MzcyMjkzODUxYWE1YzQ4YjdkZDZiNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/T1dJZxoOeu8bsQ20elmCeD2SZcC
HgbXSLxnRWtMhCD/bms7QSd/JYqmgdVebO9PnLBes69NWD+ptdGMc+Phq6cLgHn2
ghcEWmHqWFchX4p8273Qoc5E5WXDSQ9/mOOQ42yxtJ3WuRhYw14OkTQ7rGm7aWm2
KO3HqkyeiGc186P2Pqi9oIGJcjZWfTZgXyYh63H3YJu8yQqIkhJEs8jklwhuSp0E
O0Lp/+iUxFh/brSopKVRsuzTQPSkdC5N9FqCRpYbiQ5Q4vHPWbDGOACt61WwmArw
5sProUFQhOG2YMys4NckzWJV8lHlUYI+XjPLhEHB2ZaErGKtB5KFeyqtpQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGGfM42pKFZXNyKThRqlxIt91rWAMB8GA1UdIwQY
MBaAFDKxuUsHPFR5kcIPhC6t7BZ+wZ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYTIwNmUtMTc4OC00MzZiLTk3Mjgt
YmVkNGI5OWE3YmI0LzEvWVo4empha29WbGMzSXBPRkdxWEVpMzNXdFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYTIwNmUtMTc4OC00MzZiLTk3MjgtYmVkNGI5OWE3YmI0
LzEvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsDiQAwQA
sDiSAwQAsDiUAwQAsDiWAwQCuT/sMA0GCSqGSIb3DQEBCwUAA4IBAQBtHErOasl7
KA5alPKO/UVDmGL/Np3gngWmfDZCpRO6S8PffHHaMjDAlNTJK6mowY3RJbT6gIaQ
WTAf9XhiYvSHkaLgDvIjB9gMKCQ65xn8P+EWD02FHDmzfh3k3TqNRUVYKnT4ayPw
4yy4S7WV1tzNAUIBc7YDP8kEVrF40KQryYK1Xx0wBfNv55W81LE0Ui2b5V13Acrl
xI29/9cOKT7xSz5Zx2ebZM+VaW9VKjOJEQfV9FSEB1pCMihFMaKQyWFxu3MoQ/5K
cObFjForMucJP5qeM8alCHZ3untdP4hZu2jh/c9ez5/hk/bTB89rGKcrUbhpbB8s
GbjWcci+lhiL
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:16:39 2025 by rpki-client