Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YKgsdcTP6V9udmARMQjfCgFxJtI.roa
File: YKgsdcTP6V9udmARMQjfCgFxJtI.roa (raw, json)
Hash identifier: +AyVurWNiYgLTTdZSux4Y2Og4xhCEznE/zVCFFRZNrk=
Subject key identifier: 60:A8:2C:75:C4:CF:E9:5F:6E:76:60:11:31:08:DF:0A:01:71:26:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824C9CF8A91F24F927A5BF5AB8DD3B7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YKgsdcTP6V9udmARMQjfCgFxJtI.roa
Signing time: Thu 02 Jan 2025 17:51:26 +0000
ROA not before: Thu 02 Jan 2025 17:51:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214961
IP address blocks: 178.215.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 13:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:c9:cf:8a:91:f2:4f:92:7a:5b:f5:ab:8d:d3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a82c75c4cfe95f6e7660113108df0a017126d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b9:14:15:80:ba:4f:74:57:58:46:f6:b3:dd:
4c:43:e2:b3:c5:61:66:c0:65:6a:3c:e2:48:9c:14:
39:e2:5f:68:dc:a7:77:ce:b5:45:2c:4f:aa:ed:35:
92:1a:a8:33:4f:be:2d:60:78:20:95:1a:54:d5:c4:
2d:d6:68:fe:0f:43:79:91:fb:49:b0:e6:19:7b:19:
de:29:b2:df:55:a7:9b:6b:07:13:24:e8:9d:bc:29:
ff:42:25:93:d8:48:d4:0b:dd:0f:86:e0:2e:ab:cd:
7f:97:06:d2:7a:f2:25:45:be:38:dd:1c:8f:e8:93:
7e:11:9a:a5:93:c2:c1:15:5b:12:8a:8e:a0:08:65:
ec:50:17:c3:9f:b8:61:3f:43:9b:52:2d:36:e4:2c:
59:33:15:7d:18:8c:df:1e:dd:e9:7b:c6:86:39:d2:
92:f2:16:a7:14:ef:cc:8a:09:f8:ec:06:69:c6:a4:
98:ec:33:d8:5b:f7:7c:f5:6b:10:89:48:8d:71:78:
a3:42:92:33:5c:0e:ac:35:8b:a7:2b:16:3a:9b:12:
93:03:2e:d6:02:6d:a6:f7:02:c9:ba:0e:95:d9:d2:
68:47:80:df:3f:9b:87:b5:51:93:4a:c9:89:d9:cc:
68:8f:0b:8a:dc:7e:4a:a6:f4:49:cf:e8:4c:c9:ef:
d9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A8:2C:75:C4:CF:E9:5F:6E:76:60:11:31:08:DF:0A:01:71:26:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YKgsdcTP6V9udmARMQjfCgFxJtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.215.236.0/24
Signature Algorithm: sha256WithRSAEncryption
27:3f:0f:66:10:8b:81:2c:b6:84:42:3e:13:e9:f7:db:32:ea:
fc:2b:8a:2a:9b:57:8b:7c:55:02:7e:98:a1:0b:53:ee:93:f0:
ed:da:8d:10:97:78:6e:c2:d0:92:89:98:64:38:4c:2b:95:eb:
6b:b9:ab:e2:fd:3f:64:da:4f:52:2c:0e:b0:e4:a9:83:45:f5:
26:18:8e:a0:ba:af:fb:34:90:32:c3:bb:48:9b:29:15:4f:1b:
d6:81:96:ac:6a:0d:a9:4a:e2:63:19:3d:b9:dc:28:04:19:d4:
2f:a3:06:cf:f8:2f:aa:2f:ad:b2:89:92:85:b5:96:eb:23:cc:
2a:a1:fc:58:24:97:57:a1:51:ff:ec:fb:85:91:bd:de:96:28:
42:48:74:a4:32:f7:06:99:01:92:28:68:2f:b8:0f:6c:9a:11:
13:10:b7:2f:c1:e2:f2:ed:0d:18:9b:f9:3c:31:37:13:43:e1:
5b:ab:f5:4f:96:25:91:11:45:31:4f:a7:a9:3b:cf:49:11:23:
ee:05:c3:62:23:9f:a3:2b:a3:f5:38:eb:41:82:9a:21:b9:7d:
01:96:ba:e6:ad:99:5a:9d:b0:cc:03:b9:a2:39:2c:40:77:9d:
96:73:9f:94:20:f8:02:3a:52:0f:43:82:ac:9d:b1:d0:4d:4f:
7d:a3:f7:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJMnPipHyT5J6W/WrjdO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE4MmM3NWM0Y2ZlOTVmNmU3NjYwMTEzMTA4ZGYwYTAxNzEyNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLkUFYC6T3RXWEb2s91MQ+KzxWFm
wGVqPOJInBQ54l9o3Kd3zrVFLE+q7TWSGqgzT74tYHgglRpU1cQt1mj+D0N5kftJ
sOYZexneKbLfVaebawcTJOidvCn/QiWT2EjUC90PhuAuq81/lwbSevIlRb443RyP
6JN+EZqlk8LBFVsSio6gCGXsUBfDn7hhP0ObUi025CxZMxV9GIzfHt3pe8aGOdKS
8hanFO/Mign47AZpxqSY7DPYW/d89WsQiUiNcXijQpIzXA6sNYunKxY6mxKTAy7W
Am2m9wLJug6V2dJoR4DfP5uHtVGTSsmJ2cxojwuK3H5KpvRJz+hMye/ZzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCoLHXEz+lfbnZgETEI3woBcSbSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUtnc2RjVFA2Vjl1ZG1BUk1RamZDZ0Z4SnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstfsMA0G
CSqGSIb3DQEBCwUAA4IBAQAnPw9mEIuBLLaEQj4T6ffbMur8K4oqm1eLfFUCfpih
C1Puk/Dt2o0Ql3huwtCSiZhkOEwrletruavi/T9k2k9SLA6w5KmDRfUmGI6guq/7
NJAyw7tImykVTxvWgZasag2pSuJjGT253CgEGdQvowbP+C+qL62yiZKFtZbrI8wq
ofxYJJdXoVH/7PuFkb3elihCSHSkMvcGmQGSKGgvuA9smhETELcvweLy7Q0Ym/k8
MTcTQ+Fbq/VPliWREUUxT6epO89JESPuBcNiI5+jK6P1OOtBgpohuX0BlrrmrZla
nbDMA7miOSxAd52Wc5+UIPgCOlIPQ4KsnbHQTU99o/cw
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:35:52 2025 by rpki-client