Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/1bYy1RYQsJsBQ1gZHSEDz48023U.roa
File: 1bYy1RYQsJsBQ1gZHSEDz48023U.roa (raw, json)
Hash identifier: TJlVITaNT0aNTB823NFwHN+hQPeMDVpERTqBqn9/WUs=
Subject key identifier: D5:B6:32:D5:16:10:B0:9B:01:43:58:19:1D:21:03:CF:8F:34:DB:75
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 018CC3B6D86FADD160DDD575F14BAEC83CCD
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/1bYy1RYQsJsBQ1gZHSEDz48023U.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 147.189.239.0/24 maxlen: 24
147.189.20.0/24 maxlen: 24
147.189.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d8:6f:ad:d1:60:dd:d5:75:f1:4b:ae:c8:3c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5b632d51610b09b014358191d2103cf8f34db75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:23:1d:aa:1e:f8:5e:9f:e3:86:03:b0:64:d8:
88:99:74:81:b9:15:a4:d2:7b:ae:ac:1d:2e:9d:d4:
80:a4:16:8a:e3:01:1f:79:f4:af:6b:96:2e:ce:aa:
44:d3:c6:5f:78:ce:dc:27:26:ea:ee:63:c4:2f:8f:
6e:29:7d:ab:25:bd:65:fc:a6:77:e5:cb:db:47:77:
2e:4c:50:32:ba:3e:3d:70:87:97:3b:43:7e:3b:59:
5a:92:41:48:30:ea:81:f9:ee:e3:78:0f:9d:79:3d:
0b:2f:4d:4f:f0:12:18:4b:d6:53:8e:80:b1:ee:7e:
03:c4:71:55:33:1d:b7:b6:d4:25:cf:52:81:97:42:
91:34:14:f3:0c:9f:29:3d:f8:6d:04:7a:23:94:b6:
cf:53:6c:9e:b4:3c:c0:49:ca:40:21:1d:f9:eb:68:
58:54:0a:c4:27:99:50:ee:d0:fb:46:46:fa:04:b5:
3d:52:12:63:fc:f6:a4:83:87:3b:63:f2:49:72:d8:
24:88:0e:87:ea:ad:96:69:21:ea:92:55:9e:07:1d:
d2:e0:fe:95:02:47:8b:23:6f:05:c2:af:94:3b:bc:
89:09:88:fd:b2:d9:42:f8:25:2d:16:2b:33:9a:11:
81:72:40:a3:01:bb:b9:1b:e6:79:9b:4c:ec:17:a5:
c6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B6:32:D5:16:10:B0:9B:01:43:58:19:1D:21:03:CF:8F:34:DB:75
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/1bYy1RYQsJsBQ1gZHSEDz48023U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.20.0/24
147.189.238.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:ae:b7:b4:3e:72:5f:6e:98:56:3f:15:c3:bd:ef:8b:4c:4e:
67:82:79:fa:be:40:29:e8:a5:03:cc:74:82:88:12:57:76:9c:
62:f1:55:ae:7b:70:c6:ae:0e:a3:f9:97:2f:35:c8:79:a7:33:
e7:10:14:ef:8e:fe:48:c0:6c:16:05:8b:5c:f2:f4:16:01:84:
96:9e:bc:d0:4d:3c:30:e8:eb:72:32:20:94:ad:12:92:33:54:
12:81:46:06:85:d4:00:7d:ea:24:40:85:d2:7c:d4:a3:e8:97:
61:5d:0a:f9:a7:3b:fa:82:39:d7:ef:ad:2b:94:65:ec:62:78:
57:82:60:29:e9:15:ed:58:10:3f:62:6a:41:e4:74:96:28:96:
dc:0e:0d:0d:4f:bb:5c:bb:9c:99:18:96:62:b1:d1:f7:a1:f5:
dc:1c:95:1a:7f:f0:00:36:22:04:0c:b8:91:87:dd:2b:e5:5f:
f8:dd:a2:7f:8d:04:aa:d1:a1:4c:f9:ad:ea:6e:85:b9:6d:ef:
b4:2b:4c:fe:b2:ba:4a:b5:01:d5:6c:2f:13:e9:6c:d3:9b:e4:
60:30:72:56:89:51:0a:eb:db:78:36:a8:e3:2e:8c:67:e8:0c:
28:0a:90:61:9d:45:b2:f3:25:aa:46:00:63:f4:4f:59:bf:d8:
6f:d6:c0:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtthvrdFg3dV18UuuyDzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWI2MzJkNTE2MTBiMDliMDE0MzU4MTkxZDIxMDNjZjhmMzRkYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyMdqh74Xp/jhgOwZNiImXSBuRWk
0nuurB0undSApBaK4wEfefSva5YuzqpE08ZfeM7cJybq7mPEL49uKX2rJb1l/KZ3
5cvbR3cuTFAyuj49cIeXO0N+O1lakkFIMOqB+e7jeA+deT0LL01P8BIYS9ZTjoCx
7n4DxHFVMx23ttQlz1KBl0KRNBTzDJ8pPfhtBHojlLbPU2yetDzAScpAIR3562hY
VArEJ5lQ7tD7Rkb6BLU9UhJj/Pakg4c7Y/JJctgkiA6H6q2WaSHqklWeBx3S4P6V
AkeLI28Fwq+UO7yJCYj9stlC+CUtFiszmhGBckCjAbu5G+Z5m0zsF6XGBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNW2MtUWELCbAUNYGR0hA8+PNNt1MB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEvMWJZeTFSWVFzSnNCUTFnWkhTRUR6NDgwMjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk70UAwQB
k73uMA0GCSqGSIb3DQEBCwUAA4IBAQBMrre0PnJfbphWPxXDve+LTE5ngnn6vkAp
6KUDzHSCiBJXdpxi8VWue3DGrg6j+ZcvNch5pzPnEBTvjv5IwGwWBYtc8vQWAYSW
nrzQTTww6OtyMiCUrRKSM1QSgUYGhdQAfeokQIXSfNSj6JdhXQr5pzv6gjnX760r
lGXsYnhXgmAp6RXtWBA/YmpB5HSWKJbcDg0NT7tcu5yZGJZisdH3ofXcHJUaf/AA
NiIEDLiRh90r5V/43aJ/jQSq0aFM+a3qboW5be+0K0z+srpKtQHVbC8T6WzTm+Rg
MHJWiVEK69t4NqjjLoxn6AwoCpBhnUWy8yWqRgBj9E9Zv9hv1sBn
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:53 2025 by rpki-client