Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y7I4kDuEZNartQMmgQUNwHdMZS0.roa
File: y7I4kDuEZNartQMmgQUNwHdMZS0.roa (raw, json)
Hash identifier: Y3sYx47OQZHpKnidaD5TUvmSJxtOwliJj3xu5Bwjuok=
Subject key identifier: CB:B2:38:90:3B:84:64:D6:AB:B5:03:26:81:05:0D:C0:77:4C:65:2D
Certificate issuer: /CN=cb889feed135dc03492d8b3e828c7309587d1411
Certificate serial: 018CC794BBBC333C1D8FAA8F6ED19E4F0F18
Authority key identifier: CB:88:9F:EE:D1:35:DC:03:49:2D:8B:3E:82:8C:73:09:58:7D:14:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y7I4kDuEZNartQMmgQUNwHdMZS0.roa
Signing time: Tue 02 Jan 2024 00:31:02 +0000
ROA not before: Tue 02 Jan 2024 00:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4749
IP address blocks: 147.189.33.0/24 maxlen: 24
147.189.32.0/24 maxlen: 24
147.189.32.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:bb:bc:33:3c:1d:8f:aa:8f:6e:d1:9e:4f:0f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb889feed135dc03492d8b3e828c7309587d1411
Validity
Not Before: Jan 2 00:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbb238903b8464d6abb5032681050dc0774c652d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d4:3e:d8:d1:5b:98:1a:fd:af:01:76:e2:e2:
07:54:31:43:a8:79:b0:eb:82:a5:ff:48:41:c0:96:
7f:4d:09:c0:39:5c:93:44:97:6a:06:d7:05:f1:1c:
26:68:71:5d:ff:fb:9e:59:da:07:41:f2:01:5a:ff:
f7:ac:98:f7:e9:b5:5d:12:12:55:b5:fb:9d:c4:b3:
bc:d1:e9:05:b4:97:d5:c7:bb:e1:df:4a:1d:5e:3e:
2f:9f:25:65:d0:74:3e:45:1d:24:40:e7:19:dc:60:
6f:8c:2c:36:1c:8f:1c:5a:ad:71:87:77:85:cf:d3:
af:ab:66:97:84:aa:72:38:3c:c4:bb:d5:e4:76:7e:
3d:20:62:3b:f5:23:62:d5:92:cb:e4:31:a1:9b:93:
cd:72:a3:c4:d5:81:b0:07:52:60:1c:ec:c6:ea:67:
80:d5:01:5c:2f:bb:d3:16:23:46:f6:bd:76:fb:12:
05:31:18:6c:72:e5:c7:7a:36:a5:97:a3:82:4b:4c:
73:1e:38:42:3b:b3:c1:36:8f:a1:9e:f7:c1:22:b3:
e8:12:d7:eb:6b:97:e6:b0:af:e1:0a:8a:dc:f0:8f:
c9:86:0b:9f:08:6a:34:e0:2d:71:82:76:ed:97:af:
d9:61:a9:a7:64:54:9a:3e:2c:ce:d9:5b:02:42:dd:
d1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B2:38:90:3B:84:64:D6:AB:B5:03:26:81:05:0D:C0:77:4C:65:2D
X509v3 Authority Key Identifier:
keyid:CB:88:9F:EE:D1:35:DC:03:49:2D:8B:3E:82:8C:73:09:58:7D:14:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y7I4kDuEZNartQMmgQUNwHdMZS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y4if7tE13ANJLYs-goxzCVh9FBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.32.0/23
Signature Algorithm: sha256WithRSAEncryption
16:45:4b:b0:ec:5c:75:bd:ca:ea:74:f3:be:48:22:ac:a4:2c:
73:17:72:27:01:ea:6c:a2:4a:90:9f:e3:fe:fe:57:9b:e1:f7:
b9:e3:7f:d8:4c:17:d2:59:9b:aa:83:4c:90:6b:38:6f:4a:87:
25:05:1f:56:31:28:e8:ad:a5:95:b7:7f:cd:cb:c2:eb:df:15:
27:65:99:3a:27:7d:0a:3b:8c:2f:57:20:b2:69:25:67:5b:16:
49:c4:2b:39:bd:85:89:8a:54:5c:3c:ff:e2:23:ba:f0:a2:5d:
0e:3d:44:ad:64:57:3e:60:63:d5:41:ed:ea:65:8c:c3:cd:6e:
5b:4a:37:40:51:f6:30:8d:7b:7a:e2:44:87:ec:db:e2:02:8d:
ba:99:49:7c:6e:cf:f0:1a:b6:1f:7d:1b:fa:bf:c0:c9:cb:03:
81:c8:3b:32:d1:bc:83:0f:7e:7b:d8:96:91:26:70:91:67:07:
86:22:21:d6:33:4e:88:b9:e2:dc:4a:7a:c5:df:90:1e:47:97:
b8:57:01:b3:3d:14:52:df:d7:c1:9f:20:a0:36:de:f8:5f:5e:
d5:47:a0:0d:c8:15:93:62:e0:40:a8:58:c2:65:34:10:9c:ed:
08:6b:48:a7:55:c9:49:00:f9:94:c0:09:88:dc:7b:9b:34:01:
cc:e7:f1:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlLu8Mzwdj6qPbtGeTw8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODg5ZmVlZDEzNWRjMDM0OTJkOGIzZTgyOGM3MzA5NTg3
ZDE0MTEwHhcNMjQwMTAyMDAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmIyMzg5MDNiODQ2NGQ2YWJiNTAzMjY4MTA1MGRjMDc3NGM2NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptQ+2NFbmBr9rwF24uIHVDFDqHmw
64Kl/0hBwJZ/TQnAOVyTRJdqBtcF8RwmaHFd//ueWdoHQfIBWv/3rJj36bVdEhJV
tfudxLO80ekFtJfVx7vh30odXj4vnyVl0HQ+RR0kQOcZ3GBvjCw2HI8cWq1xh3eF
z9Ovq2aXhKpyODzEu9Xkdn49IGI79SNi1ZLL5DGhm5PNcqPE1YGwB1JgHOzG6meA
1QFcL7vTFiNG9r12+xIFMRhscuXHejall6OCS0xzHjhCO7PBNo+hnvfBIrPoEtfr
a5fmsK/hCorc8I/JhgufCGo04C1xgnbtl6/ZYamnZFSaPizO2VsCQt3RNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuyOJA7hGTWq7UDJoEFDcB3TGUtMB8GA1UdIwQY
MBaAFMuIn+7RNdwDSS2LPoKMcwlYfRQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRpZjd0RTEzQU5KTFlzLWdveHpDVmg5RkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kZjBlODEtYmRjYi00YTI0LTg0MzUt
YzFmMTJlNThmZWRkLzEveTdJNGtEdUVaTmFydFFNbWdRVU53SGRNWlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9kZjBlODEtYmRjYi00YTI0LTg0MzUtYzFmMTJlNThmZWRk
LzEveTRpZjd0RTEzQU5KTFlzLWdveHpDVmg5RkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk70gMA0G
CSqGSIb3DQEBCwUAA4IBAQAWRUuw7Fx1vcrqdPO+SCKspCxzF3InAepsokqQn+P+
/leb4fe543/YTBfSWZuqg0yQazhvSoclBR9WMSjoraWVt3/Ny8Lr3xUnZZk6J30K
O4wvVyCyaSVnWxZJxCs5vYWJilRcPP/iI7rwol0OPUStZFc+YGPVQe3qZYzDzW5b
SjdAUfYwjXt64kSH7NviAo26mUl8bs/wGrYffRv6v8DJywOByDsy0byDD3572JaR
JnCRZweGIiHWM06IueLcSnrF35AeR5e4VwGzPRRS39fBnyCgNt74X17VR6ANyBWT
YuBAqFjCZTQQnO0Ia0inVclJAPmUwAmI3HubNAHM5/HC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:00 2025 by rpki-client