Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/yhqVe4Sn24zi_JIb67RXByR1VSQ.roa
File: yhqVe4Sn24zi_JIb67RXByR1VSQ.roa (raw, json)
Hash identifier: La+NLcwh/KNZqDSlW2+NIxMVYGXgKLJKSMn3cef+vEM=
Subject key identifier: CA:1A:95:7B:84:A7:DB:8C:E2:FC:92:1B:EB:B4:57:07:24:75:55:24
Certificate issuer: /CN=c937d2f6f0b78c0ed75b8efc28009d7979614003
Certificate serial: 018E0C893064D3A86B05C63BB44ABF97B309
Authority key identifier: C9:37:D2:F6:F0:B7:8C:0E:D7:5B:8E:FC:28:00:9D:79:79:61:40:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yTfS9vC3jA7XW478KACdeXlhQAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/yhqVe4Sn24zi_JIb67RXByR1VSQ.roa
Signing time: Tue 05 Mar 2024 02:55:01 +0000
ROA not before: Tue 05 Mar 2024 02:55:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62134
IP address blocks: 185.46.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0c:89:30:64:d3:a8:6b:05:c6:3b:b4:4a:bf:97:b3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c937d2f6f0b78c0ed75b8efc28009d7979614003
Validity
Not Before: Mar 5 02:55:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca1a957b84a7db8ce2fc921bebb4570724755524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:76:3f:bf:d8:ec:18:64:dc:01:85:2c:b0:d0:
f2:5e:56:f3:83:89:17:5f:f0:ed:f6:44:a8:bd:b8:
aa:eb:97:64:32:61:8b:22:7e:3f:b8:c7:5e:ac:ea:
61:4f:16:4d:7a:4b:f4:e5:70:ef:d7:20:7b:2e:f3:
a6:bf:77:9b:0f:b8:8b:92:ee:c2:ab:79:18:cf:6f:
8e:2f:02:5e:02:12:02:14:73:4b:fb:08:13:f2:8d:
e1:a7:39:4e:db:54:3c:13:fb:21:cc:4f:e0:95:86:
a9:cd:c8:82:4c:07:d3:9f:96:4e:53:0f:c9:23:9a:
89:79:8d:e3:66:06:be:2a:a8:8e:d0:8e:47:54:9b:
9f:25:4a:44:ba:15:cd:20:18:3c:a2:68:29:c9:fb:
77:88:be:ce:51:5b:93:2c:ca:b5:bc:e5:0c:6d:0b:
eb:2b:8b:15:02:5b:34:c9:2a:fd:5a:6b:e6:60:1e:
46:12:a6:10:80:62:ef:a2:77:97:0c:d8:9a:2d:ba:
c9:d5:f4:8e:93:f5:4e:b1:89:4f:25:7d:e0:cd:55:
4a:96:de:70:34:37:dc:69:e6:6f:05:43:b3:30:41:
eb:08:ac:8f:00:6d:94:08:d8:1d:bd:98:49:b2:42:
7d:71:da:4f:26:93:1c:d0:3a:4b:4a:e7:94:df:fc:
45:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1A:95:7B:84:A7:DB:8C:E2:FC:92:1B:EB:B4:57:07:24:75:55:24
X509v3 Authority Key Identifier:
keyid:C9:37:D2:F6:F0:B7:8C:0E:D7:5B:8E:FC:28:00:9D:79:79:61:40:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yTfS9vC3jA7XW478KACdeXlhQAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/yhqVe4Sn24zi_JIb67RXByR1VSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/yTfS9vC3jA7XW478KACdeXlhQAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.120.0/22
Signature Algorithm: sha256WithRSAEncryption
96:32:e2:a2:4d:41:b1:3b:88:40:1d:6c:91:2c:fa:fc:28:2a:
1c:ab:7c:c6:e4:38:7e:b9:b0:a5:cd:46:32:21:6a:ab:69:4e:
ae:1e:f0:56:aa:cf:25:c7:45:2a:84:40:9f:22:5e:2f:50:6c:
6d:56:83:68:bd:92:15:d0:8f:d0:a4:22:76:2c:2e:37:e7:15:
59:0a:43:27:2f:0c:ba:b2:e3:79:a5:9d:69:02:90:8f:d4:c1:
d7:e8:04:53:f8:a1:b4:46:cf:2a:01:8f:57:5b:a0:4c:9d:91:
76:12:a4:17:59:30:94:1d:4d:66:29:f9:5b:6a:3b:8f:e3:67:
a3:3a:24:ed:07:b9:31:65:ff:d1:67:a9:7e:d8:8f:ba:84:c5:
b7:4e:c5:8d:24:bc:69:f6:1c:a9:1c:68:9b:36:ce:e3:ad:45:
0f:8a:0c:cf:0f:4c:bd:c8:f6:49:92:57:b9:8f:9e:a3:55:d8:
70:f4:92:59:77:1e:30:6d:8b:af:c2:19:3e:f8:2a:4e:d4:12:
37:5a:09:fb:a2:30:74:b7:c7:0c:a8:e1:d1:19:b7:cb:3e:c9:
23:2b:f3:a8:9b:29:92:68:37:a2:7f:3c:56:93:4c:63:b5:4d:
c3:e3:66:52:4b:6e:27:a8:41:8a:4a:85:8f:cf:d2:96:48:05:
f8:94:58:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4MiTBk06hrBcY7tEq/l7MJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MzdkMmY2ZjBiNzhjMGVkNzViOGVmYzI4MDA5ZDc5Nzk2
MTQwMDMwHhcNMjQwMzA1MDI1NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFhOTU3Yjg0YTdkYjhjZTJmYzkyMWJlYmI0NTcwNzI0NzU1NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXY/v9jsGGTcAYUssNDyXlbzg4kX
X/Dt9kSovbiq65dkMmGLIn4/uMderOphTxZNekv05XDv1yB7LvOmv3ebD7iLku7C
q3kYz2+OLwJeAhICFHNL+wgT8o3hpzlO21Q8E/shzE/glYapzciCTAfTn5ZOUw/J
I5qJeY3jZga+KqiO0I5HVJufJUpEuhXNIBg8omgpyft3iL7OUVuTLMq1vOUMbQvr
K4sVAls0ySr9WmvmYB5GEqYQgGLvoneXDNiaLbrJ1fSOk/VOsYlPJX3gzVVKlt5w
NDfcaeZvBUOzMEHrCKyPAG2UCNgdvZhJskJ9cdpPJpMc0DpLSueU3/xF2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoalXuEp9uM4vySG+u0VwckdVUkMB8GA1UdIwQY
MBaAFMk30vbwt4wO11uO/CgAnXl5YUADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVRmUzl2QzNqQTdYVzQ3OEtBQ2RlWGxoUUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9iOWJkMDYtOTZjOC00ZTcxLWJhMTIt
OTM3NzU0Y2JiNTA1LzEveWhxVmU0U24yNHppX0pJYjY3UlhCeVIxVlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9iOWJkMDYtOTZjOC00ZTcxLWJhMTItOTM3NzU0Y2JiNTA1
LzEveVRmUzl2QzNqQTdYVzQ3OEtBQ2RlWGxoUUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS54MA0G
CSqGSIb3DQEBCwUAA4IBAQCWMuKiTUGxO4hAHWyRLPr8KCocq3zG5Dh+ubClzUYy
IWqraU6uHvBWqs8lx0UqhECfIl4vUGxtVoNovZIV0I/QpCJ2LC435xVZCkMnLwy6
suN5pZ1pApCP1MHX6ART+KG0Rs8qAY9XW6BMnZF2EqQXWTCUHU1mKflbajuP42ej
OiTtB7kxZf/RZ6l+2I+6hMW3TsWNJLxp9hypHGibNs7jrUUPigzPD0y9yPZJkle5
j56jVdhw9JJZdx4wbYuvwhk++CpO1BI3Wgn7ojB0t8cMqOHRGbfLPskjK/OomymS
aDeifzxWk0xjtU3D42ZSS24nqEGKSoWPz9KWSAX4lFi0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:47 2025 by rpki-client