Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/dyab-i5AxY3sqYqzQ0G3s2aRC6k.roa
File: dyab-i5AxY3sqYqzQ0G3s2aRC6k.roa (raw, json)
Hash identifier: rTlKOyBtVyP386IBiTXCFpOYqiGIkqr2HasymOTDtFY=
Subject key identifier: 77:26:9B:FA:2E:40:C5:8D:EC:A9:8A:B3:43:41:B7:B3:66:91:0B:A9
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 0194AD9BF3FDF7F04C0924161623C55B4D51
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/dyab-i5AxY3sqYqzQ0G3s2aRC6k.roa
Signing time: Tue 28 Jan 2025 15:51:06 +0000
ROA not before: Tue 28 Jan 2025 15:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215208
IP address blocks: 176.65.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 23:26:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:9b:f3:fd:f7:f0:4c:09:24:16:16:23:c5:5b:4d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: Jan 28 15:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77269bfa2e40c58deca98ab34341b7b366910ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:93:96:8f:b1:55:2b:6e:6d:97:ce:38:0f:87:
50:e9:61:04:86:a3:21:07:10:96:f6:48:f2:2c:d1:
e8:e1:ed:7a:fc:ea:8e:9e:a1:82:15:50:00:bf:93:
ef:0b:52:61:8a:3e:9e:96:e3:37:5f:74:36:97:2b:
d8:f6:4f:ec:6a:fe:78:d4:48:55:dc:97:5f:e0:d8:
86:41:a2:da:0c:91:a6:d7:2f:2a:9b:2a:c3:63:30:
8f:14:0d:71:77:39:27:c7:68:49:30:d3:6d:8c:90:
3b:ba:dc:ce:65:99:b0:0d:e0:c3:b6:87:0b:51:d8:
82:ff:e9:78:d2:c7:35:8b:5e:cd:16:9a:70:b3:94:
eb:15:6e:f1:7d:6f:20:3f:a2:04:8d:21:e6:49:92:
a5:b8:2d:83:1b:48:71:53:4c:53:60:76:07:72:66:
56:58:bb:f0:b6:1e:05:f5:c3:4b:b3:a7:de:4d:a6:
02:31:80:0b:80:2e:6c:7d:46:2e:04:b9:1c:cd:6a:
ac:ff:91:e8:e7:3e:84:97:fc:4f:fa:3f:36:89:d3:
56:76:4d:d4:1c:e7:47:c7:2a:37:2d:d0:e2:2d:e0:
fb:04:3c:fb:ed:1a:bd:52:78:52:17:3a:7e:6b:a2:
2b:b5:28:bb:cf:28:5d:11:aa:a0:1d:5a:3a:48:0d:
7b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:26:9B:FA:2E:40:C5:8D:EC:A9:8A:B3:43:41:B7:B3:66:91:0B:A9
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/dyab-i5AxY3sqYqzQ0G3s2aRC6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.143.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a4:ae:8f:f4:b9:91:94:e7:6a:8d:01:e5:7a:45:14:32:18:
e9:98:17:e2:a6:31:3e:fe:2a:39:f7:bf:02:49:c1:3e:cf:ab:
83:b7:a1:35:f0:97:76:79:65:f3:af:22:ff:55:2e:34:62:de:
e6:ca:90:88:bb:7f:26:e5:9f:5a:2f:ce:27:49:38:eb:6d:ee:
6f:77:50:b9:ef:9e:48:74:fe:3d:53:a6:7e:8a:35:ed:d9:d1:
93:ad:51:67:56:4d:7d:ba:f7:5d:57:bd:e8:e6:13:c0:a5:96:
33:8c:0b:0d:b9:68:10:19:4e:90:85:5d:25:f1:f7:f6:22:4a:
1a:38:69:06:8a:71:18:25:76:a6:93:2a:09:58:b6:e1:bc:20:
a7:b8:6f:97:9f:82:1c:93:57:52:3f:6a:be:fc:67:9f:10:aa:
55:41:64:41:a7:a0:61:ae:6c:27:93:fa:82:57:59:1d:00:0a:
ca:a6:c6:b2:fa:e4:6a:35:d2:7d:74:84:ea:27:aa:38:a1:16:
75:5f:74:e9:69:c7:07:b4:7c:aa:73:51:4f:1d:91:ba:c5:7a:
1f:70:20:1d:1d:00:01:ce:74:cc:6a:50:93:e5:a9:01:b0:ce:
20:4a:9c:9c:0b:a1:dd:17:a7:41:7b:50:d2:78:98:f6:4a:07:
75:1b:c3:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZStm/P99/BMCSQWFiPFW01RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwMTI4MTU1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI2OWJmYTJlNDBjNThkZWNhOThhYjM0MzQxYjdiMzY2OTEwYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZOWj7FVK25tl844D4dQ6WEEhqMh
BxCW9kjyLNHo4e16/OqOnqGCFVAAv5PvC1Jhij6eluM3X3Q2lyvY9k/sav541EhV
3Jdf4NiGQaLaDJGm1y8qmyrDYzCPFA1xdzknx2hJMNNtjJA7utzOZZmwDeDDtocL
UdiC/+l40sc1i17NFppws5TrFW7xfW8gP6IEjSHmSZKluC2DG0hxU0xTYHYHcmZW
WLvwth4F9cNLs6feTaYCMYALgC5sfUYuBLkczWqs/5Ho5z6El/xP+j82idNWdk3U
HOdHxyo3LdDiLeD7BDz77Rq9UnhSFzp+a6IrtSi7zyhdEaqgHVo6SA178QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcmm/ouQMWN7KmKs0NBt7NmkQupMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvZHlhYi1pNUF4WTNzcVlxelEwRzNzMmFSQzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsEGPMA0G
CSqGSIb3DQEBCwUAA4IBAQBjpK6P9LmRlOdqjQHlekUUMhjpmBfipjE+/io5978C
ScE+z6uDt6E18Jd2eWXzryL/VS40Yt7mypCIu38m5Z9aL84nSTjrbe5vd1C5755I
dP49U6Z+ijXt2dGTrVFnVk19uvddV73o5hPApZYzjAsNuWgQGU6QhV0l8ff2Ikoa
OGkGinEYJXamkyoJWLbhvCCnuG+Xn4Ick1dSP2q+/GefEKpVQWRBp6Bhrmwnk/qC
V1kdAArKpsay+uRqNdJ9dITqJ6o4oRZ1X3TpaccHtHyqc1FPHZG6xXofcCAdHQAB
znTMalCT5akBsM4gSpycC6HdF6dBe1DSeJj2Sgd1G8PZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:58:49 2025 by rpki-client