Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/cc48f4-0d93-4b69-8a4f-8724ed5e903a/1/yLN33KaFznPKT5tEedfEsv8EEGk.roa
File: yLN33KaFznPKT5tEedfEsv8EEGk.roa (raw, json)
Hash identifier: 2XJxwOaEzZBfu3qJ+MWMTUO3S1vk3s3G87TnXiX0ENU=
Subject key identifier: C8:B3:77:DC:A6:85:CE:73:CA:4F:9B:44:79:D7:C4:B2:FF:04:10:69
Certificate issuer: /CN=f3e36222ccbc6c7221360540bab3a9dba9f237a0
Certificate serial: 01929B3572FD9B1C0E6447CC0DD9F2FB8DB7
Authority key identifier: F3:E3:62:22:CC:BC:6C:72:21:36:05:40:BA:B3:A9:DB:A9:F2:37:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8-NiIsy8bHIhNgVAurOp26nyN6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/cc48f4-0d93-4b69-8a4f-8724ed5e903a/1/yLN33KaFznPKT5tEedfEsv8EEGk.roa
Signing time: Thu 17 Oct 2024 16:00:24 +0000
ROA not before: Thu 17 Oct 2024 16:00:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42909
IP address blocks: 193.223.78.0/24 maxlen: 24
194.180.185.0/24 maxlen: 24
194.180.186.0/24 maxlen: 24
194.180.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9b:35:72:fd:9b:1c:0e:64:47:cc:0d:d9:f2:fb:8d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3e36222ccbc6c7221360540bab3a9dba9f237a0
Validity
Not Before: Oct 17 16:00:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8b377dca685ce73ca4f9b4479d7c4b2ff041069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2c:d3:5e:40:bc:69:1b:a9:59:60:eb:56:65:
6f:95:83:49:52:6f:06:cf:38:83:78:d6:91:14:38:
25:65:94:7a:3e:55:bd:2f:7f:3f:e7:9b:cf:db:33:
e2:0d:ad:d4:97:9e:b7:ba:a8:de:6e:31:48:31:7e:
b7:a1:77:9b:cc:ae:e4:34:65:d0:5f:35:61:1a:40:
e2:03:96:07:45:08:68:89:a7:17:d3:8d:c6:d2:c4:
bc:bc:c4:6a:03:f4:01:b9:12:60:7b:56:54:80:6e:
66:94:56:c0:c8:5f:c5:1f:1b:aa:ef:d9:53:25:41:
0b:ef:05:7d:d4:67:ac:3b:d1:c0:8c:8a:51:e2:d9:
27:1d:08:b3:88:a7:7f:e6:5b:55:67:42:e9:9b:00:
25:31:3d:5b:5a:44:bf:88:0a:b4:64:3f:e0:26:4a:
c8:a3:69:54:89:5d:51:e6:8b:65:a8:72:ea:1d:c6:
1a:0c:77:b0:b3:4d:85:da:d3:a6:0a:7e:66:9a:0e:
c6:12:3d:c3:c7:ea:6f:72:79:35:da:a0:fa:e1:9e:
56:b4:fd:16:c1:30:71:b4:42:21:b6:c6:a6:4b:b6:
e9:a7:c3:b8:a9:fd:b8:5d:c2:af:18:dd:7f:8b:f3:
19:30:ce:91:fc:d1:65:fa:18:bf:48:ee:16:fa:e9:
49:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B3:77:DC:A6:85:CE:73:CA:4F:9B:44:79:D7:C4:B2:FF:04:10:69
X509v3 Authority Key Identifier:
keyid:F3:E3:62:22:CC:BC:6C:72:21:36:05:40:BA:B3:A9:DB:A9:F2:37:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8-NiIsy8bHIhNgVAurOp26nyN6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cc48f4-0d93-4b69-8a4f-8724ed5e903a/1/yLN33KaFznPKT5tEedfEsv8EEGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cc48f4-0d93-4b69-8a4f-8724ed5e903a/1/8-NiIsy8bHIhNgVAurOp26nyN6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.223.78.0/24
194.180.185.0-194.180.187.255
Signature Algorithm: sha256WithRSAEncryption
23:11:f1:65:34:6e:fc:fe:55:5f:c4:bf:bc:0d:89:d7:81:bf:
38:2f:86:36:dd:d8:01:76:43:6e:7b:d4:3e:b1:8a:0f:3c:86:
8e:e2:2b:e3:6d:e6:6f:90:f8:76:04:49:70:b1:e6:96:e0:25:
67:35:74:77:b6:7d:f2:21:ff:b4:3e:a0:f9:84:38:d7:b9:81:
eb:fc:00:d7:91:40:24:7a:14:a1:b7:6b:2d:37:26:a7:32:54:
9f:32:14:1c:1a:2f:02:61:42:a7:d4:af:77:03:83:64:d6:74:
de:62:85:bc:ac:99:ff:c2:09:c9:dd:cb:2e:af:95:c0:a8:b9:
f9:2c:9e:6a:29:2d:c9:42:d0:02:3c:9b:3f:e3:25:94:01:0a:
0c:88:76:c0:56:41:1a:f0:1c:ea:18:23:a7:40:16:0a:c2:60:
8e:f5:bd:66:92:38:39:e7:b4:a5:c4:37:ff:4e:c5:7d:fe:73:
cf:8c:af:8e:b2:d6:b5:92:34:4c:2b:9c:28:04:1a:a7:a9:f2:
0b:32:7b:2a:7b:e9:b4:94:d1:36:28:fc:80:4a:bc:c4:ea:e7:
2f:53:d8:d7:c9:fc:8d:c8:47:fe:aa:99:11:b6:3a:d2:ee:f2:
17:17:bf:73:3a:30:86:43:cf:27:df:a0:2d:09:41:68:97:d8:
70:25:e4:bc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZKbNXL9mxwOZEfMDdny+423MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZTM2MjIyY2NiYzZjNzIyMTM2MDU0MGJhYjNhOWRiYTlm
MjM3YTAwHhcNMjQxMDE3MTYwMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIzNzdkY2E2ODVjZTczY2E0ZjliNDQ3OWQ3YzRiMmZmMDQxMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArizTXkC8aRupWWDrVmVvlYNJUm8G
zziDeNaRFDglZZR6PlW9L38/55vP2zPiDa3Ul563uqjebjFIMX63oXebzK7kNGXQ
XzVhGkDiA5YHRQhoiacX043G0sS8vMRqA/QBuRJge1ZUgG5mlFbAyF/FHxuq79lT
JUEL7wV91GesO9HAjIpR4tknHQiziKd/5ltVZ0LpmwAlMT1bWkS/iAq0ZD/gJkrI
o2lUiV1R5otlqHLqHcYaDHews02F2tOmCn5mmg7GEj3Dx+pvcnk12qD64Z5WtP0W
wTBxtEIhtsamS7bpp8O4qf24XcKvGN1/i/MZMM6R/NFl+hi/SO4W+ulJRQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMizd9ymhc5zyk+bRHnXxLL/BBBpMB8GA1UdIwQY
MBaAFPPjYiLMvGxyITYFQLqzqdup8jegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOC1OaUlzeThiSEloTmdWQXVyT3AyNm55TjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jYzQ4ZjQtMGQ5My00YjY5LThhNGYt
ODcyNGVkNWU5MDNhLzEveUxOMzNLYUZ6blBLVDV0RWVkZkVzdjhFRUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jYzQ4ZjQtMGQ5My00YjY5LThhNGYtODcyNGVkNWU5MDNh
LzEvOC1OaUlzeThiSEloTmdWQXVyT3AyNm55TjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwd9OMAwD
BADCtLkDBALCtLgwDQYJKoZIhvcNAQELBQADggEBACMR8WU0bvz+VV/Ev7wNideB
vzgvhjbd2AF2Q2571D6xig88ho7iK+Nt5m+Q+HYESXCx5pbgJWc1dHe2ffIh/7Q+
oPmEONe5gev8ANeRQCR6FKG3ay03JqcyVJ8yFBwaLwJhQqfUr3cDg2TWdN5ihbys
mf/CCcndyy6vlcCoufksnmopLclC0AI8mz/jJZQBCgyIdsBWQRrwHOoYI6dAFgrC
YI71vWaSODnntKXEN/9OxX3+c8+Mr46y1rWSNEwrnCgEGqep8gsyeyp76bSU0TYo
/IBKvMTq5y9T2NfJ/I3IR/6qmRG2OtLu8hcXv3M6MIZDzyffoC0JQWiX2HAl5Lw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:47 2025 by rpki-client