Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/Yn6dSZQ8Zouvxwjl_dCufmvVWpY.roa
File: Yn6dSZQ8Zouvxwjl_dCufmvVWpY.roa (raw, json)
Hash identifier: 9ozLp5nWMw+TjKqB1ttswlRDo14n6u/So7JgPK4+YK8=
Subject key identifier: 62:7E:9D:49:94:3C:66:8B:AF:C7:08:E5:FD:D0:AE:7E:6B:D5:5A:96
Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf
Certificate serial: 018CED9D083DC3F3011C5572E66CE6C2587D
Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/Yn6dSZQ8Zouvxwjl_dCufmvVWpY.roa
Signing time: Tue 09 Jan 2024 09:45:40 +0000
ROA not before: Tue 09 Jan 2024 09:45:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60278
IP address blocks: 161.4.0.0/16 maxlen: 16
193.178.220.0/23 maxlen: 23
193.178.230.0/23 maxlen: 23
2a04:4940::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:9d:08:3d:c3:f3:01:1c:55:72:e6:6c:e6:c2:58:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf
Validity
Not Before: Jan 9 09:45:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=627e9d49943c668bafc708e5fdd0ae7e6bd55a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:cd:47:3b:f6:a8:50:38:96:e8:e1:84:15:
fd:ff:42:4f:80:d5:26:50:e9:05:5e:1c:35:27:f2:
70:72:d3:12:f3:95:2d:a0:2c:7c:06:34:a0:0e:c5:
55:3b:92:31:9b:74:dd:7f:e1:9a:10:56:68:00:6d:
c3:66:78:ef:41:93:18:00:99:54:60:60:52:b8:4d:
94:2e:b2:b3:6a:7f:88:e3:ff:43:75:e7:ce:34:db:
03:03:82:93:cc:c6:f7:9e:f2:0f:3c:c0:ed:da:9d:
cc:eb:42:5d:af:a7:a7:4d:04:c3:0d:09:69:0f:22:
f7:56:be:8c:f4:c3:d1:00:95:d8:6b:40:ce:ab:7c:
98:fd:38:19:cc:6a:ec:50:cc:58:9b:bb:47:f0:68:
d2:3e:39:47:41:ab:cb:80:08:54:c8:e4:d0:f7:3e:
78:eb:2e:c2:9d:a3:5d:29:aa:85:ac:7e:02:cf:1e:
f5:f3:88:eb:a5:e7:10:06:7d:ed:8a:17:de:c4:e6:
f5:ff:7e:5e:43:2b:45:fa:e1:70:e3:65:fe:61:c6:
9d:61:23:a0:b3:5b:1e:34:b1:aa:93:11:ad:4e:a7:
cd:3c:b4:07:4d:37:a8:0b:37:29:41:05:64:93:55:
e9:be:5a:70:72:ed:37:f1:3d:cd:d7:5c:bf:32:c0:
43:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7E:9D:49:94:3C:66:8B:AF:C7:08:E5:FD:D0:AE:7E:6B:D5:5A:96
X509v3 Authority Key Identifier:
keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/Yn6dSZQ8Zouvxwjl_dCufmvVWpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.4.0.0/16
193.178.220.0/23
193.178.230.0/23
IPv6:
2a04:4940::/29
Signature Algorithm: sha256WithRSAEncryption
c1:40:75:e7:3f:cd:37:fc:8d:ac:42:e6:6c:ff:4f:15:bb:82:
8c:2d:70:39:e4:b8:51:c3:12:7f:e3:ed:3b:79:78:df:e3:0c:
d2:b9:a4:c7:f5:d4:f6:92:0d:27:51:11:64:f6:80:be:ca:0f:
ab:f5:09:e1:ac:69:ae:76:29:1e:02:e1:34:39:5b:8c:5b:21:
a5:09:04:90:9f:df:0b:4f:24:b9:43:52:e7:9e:7a:63:0f:c9:
74:df:02:0c:10:f9:f2:f3:ba:a3:24:14:18:6e:9d:35:11:51:
a3:22:40:c6:74:3c:94:e5:ad:31:57:f2:2c:63:e0:50:62:c9:
31:20:66:9a:22:63:3e:9f:cc:7f:73:ef:72:3f:a5:35:4a:3c:
24:3c:04:9c:43:ce:b3:fd:21:a4:75:97:bf:72:96:de:8f:ba:
60:d7:96:e9:0e:25:93:fb:d8:f1:87:a0:9a:37:f4:ac:2b:6a:
38:5e:1f:eb:4d:ec:1a:0c:9d:5b:eb:0f:c5:5a:82:06:da:4c:
fd:46:ed:9b:c3:09:cf:e9:6e:e5:14:42:2e:86:11:7d:73:72:
55:2e:69:df:3e:50:00:ec:df:0f:c3:55:d3:dd:70:d5:6a:f9:
ee:34:bf:76:8b:ae:6a:ac:a3:f8:42:fc:c5:94:e8:fb:68:b8:
88:bb:1e:b8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYztnQg9w/MBHFVy5mzmwlh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl
OGFmZGYwHhcNMjQwMTA5MDk0NTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdlOWQ0OTk0M2M2NjhiYWZjNzA4ZTVmZGQwYWU3ZTZiZDU1YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl93NRzv2qFA4lujhhBX9/0JPgNUm
UOkFXhw1J/JwctMS85UtoCx8BjSgDsVVO5Ixm3Tdf+GaEFZoAG3DZnjvQZMYAJlU
YGBSuE2ULrKzan+I4/9DdefONNsDA4KTzMb3nvIPPMDt2p3M60Jdr6enTQTDDQlp
DyL3Vr6M9MPRAJXYa0DOq3yY/TgZzGrsUMxYm7tH8GjSPjlHQavLgAhUyOTQ9z54
6y7CnaNdKaqFrH4Czx7184jrpecQBn3tihfexOb1/35eQytF+uFw42X+YcadYSOg
s1seNLGqkxGtTqfNPLQHTTeoCzcpQQVkk1Xpvlpwcu038T3N11y/MsBDbwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGJ+nUmUPGaLr8cI5f3Qrn5r1VqWMB8GA1UdIwQY
MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt
NmUxOWY2NzlhNjIzLzEvWW42ZFNaUThab3V2eHdqbF9kQ3VmbXZWV3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz
LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAoQQDBAHB
stwDBAHBsuYwDQQCAAIwBwMFAyoESUAwDQYJKoZIhvcNAQELBQADggEBAMFAdec/
zTf8jaxC5mz/TxW7gowtcDnkuFHDEn/j7Tt5eN/jDNK5pMf11PaSDSdREWT2gL7K
D6v1CeGsaa52KR4C4TQ5W4xbIaUJBJCf3wtPJLlDUueeemMPyXTfAgwQ+fLzuqMk
FBhunTURUaMiQMZ0PJTlrTFX8ixj4FBiyTEgZpoiYz6fzH9z73I/pTVKPCQ8BJxD
zrP9IaR1l79ylt6PumDXlukOJZP72PGHoJo39KwrajheH+tN7BoMnVvrD8Vaggba
TP1G7ZvDCc/pbuUUQi6GEX1zclUuad8+UADs3w/DVdPdcNVq+e40v3aLrmqso/hC
/MWU6PtouIi7Hrg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:39:22 2025 by rpki-client