Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/a75e1d-4d81-49cb-aca5-82998a9287e2/1/yY9lRC-lRqjPIUjFir0VxQM_vQU.roa
File: yY9lRC-lRqjPIUjFir0VxQM_vQU.roa (raw, json)
Hash identifier: CnzJDtlYxY/9XYJdyWKr/w0iY4v/fdPl8g9dZ62NfCs=
Subject key identifier: C9:8F:65:44:2F:A5:46:A8:CF:21:48:C5:8A:BD:15:C5:03:3F:BD:05
Certificate issuer: /CN=22ac8dff4e99d3e2289af63b15d55d2450c842c3
Certificate serial: 018E6605450D30F617BCAEDEB5880CF33E1F
Authority key identifier: 22:AC:8D:FF:4E:99:D3:E2:28:9A:F6:3B:15:D5:5D:24:50:C8:42:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqyN_06Z0-IomvY7FdVdJFDIQsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/a75e1d-4d81-49cb-aca5-82998a9287e2/1/yY9lRC-lRqjPIUjFir0VxQM_vQU.roa
Signing time: Fri 22 Mar 2024 11:56:45 +0000
ROA not before: Fri 22 Mar 2024 11:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51311
IP address blocks: 178.251.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:05:45:0d:30:f6:17:bc:ae:de:b5:88:0c:f3:3e:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22ac8dff4e99d3e2289af63b15d55d2450c842c3
Validity
Not Before: Mar 22 11:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c98f65442fa546a8cf2148c58abd15c5033fbd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:80:24:03:41:e0:6a:15:d9:2e:f5:32:1c:
5c:c0:c9:67:17:30:5b:35:a2:cd:89:cb:b8:59:e7:
93:c9:37:8f:57:48:d5:43:9c:c5:be:f9:34:cd:ce:
ca:3a:7f:48:b9:1d:75:14:74:75:db:b9:4d:36:a9:
39:4c:15:45:00:2e:c1:65:ff:86:af:2e:e8:91:33:
62:6c:f8:4a:90:5d:54:38:12:a3:2d:27:67:c2:16:
40:56:6c:12:ce:4d:fa:32:26:83:00:c4:14:8d:bc:
1b:46:d5:96:74:c7:2c:70:db:13:8c:57:60:2a:84:
1f:e9:4a:47:8b:16:95:f2:8f:58:93:be:8a:84:c1:
0a:02:50:79:57:fe:2c:45:fd:d8:0b:27:4a:f1:cb:
f9:57:35:cb:8b:1f:75:41:ff:c3:40:27:a9:d5:84:
ac:ef:4e:f4:ec:52:88:3a:82:24:34:f2:42:33:74:
2c:72:24:58:ea:89:0d:39:40:1f:51:90:ee:87:cd:
52:cf:f7:8f:cb:7b:15:ee:e8:ac:9c:e9:16:67:1c:
85:a6:ad:fc:07:4a:7e:1c:40:26:36:c6:24:5d:30:
8a:08:a0:f7:ac:c9:bc:33:97:a0:88:4c:4c:55:6c:
be:58:64:f3:55:de:25:02:3c:60:a6:ef:21:ce:a6:
20:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8F:65:44:2F:A5:46:A8:CF:21:48:C5:8A:BD:15:C5:03:3F:BD:05
X509v3 Authority Key Identifier:
keyid:22:AC:8D:FF:4E:99:D3:E2:28:9A:F6:3B:15:D5:5D:24:50:C8:42:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqyN_06Z0-IomvY7FdVdJFDIQsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a75e1d-4d81-49cb-aca5-82998a9287e2/1/yY9lRC-lRqjPIUjFir0VxQM_vQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a75e1d-4d81-49cb-aca5-82998a9287e2/1/IqyN_06Z0-IomvY7FdVdJFDIQsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.152.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:f0:32:4c:68:0b:69:dd:3f:3a:3e:a1:76:41:03:09:47:6d:
2b:19:96:de:67:d2:56:65:0b:d3:23:01:cd:93:9d:f5:a3:b8:
7d:9f:12:d4:bc:43:8d:30:74:d8:c4:f2:aa:b3:1a:0c:34:8e:
85:d6:29:97:55:5c:05:44:80:34:61:cf:7b:0d:2d:d6:b7:8e:
7b:f4:f5:71:7f:d6:9e:9e:9f:bf:0b:26:69:14:d8:9e:25:48:
13:58:17:98:3c:90:51:3e:fc:3c:d9:f8:b3:2b:d7:63:1d:28:
63:92:2a:28:d5:31:ab:7c:35:cc:7f:45:5c:6b:7b:e3:cd:31:
45:b6:96:f9:66:bc:06:f6:ed:4a:6e:83:fa:4d:f5:8d:eb:ff:
f2:ce:24:91:84:c1:6e:62:f6:f9:fa:29:f7:59:6f:49:92:f6:
14:80:55:37:0a:c8:a1:c0:d7:7c:28:53:9a:0b:58:d4:cc:0b:
80:72:2f:12:fe:f0:e2:90:3b:08:a8:83:7e:fe:3b:2d:3a:c9:
e0:c6:06:b9:20:cb:5e:b2:4d:15:72:06:dc:ab:fc:23:0b:59:
cb:3b:12:96:02:ed:a9:31:39:e7:d4:1d:49:69:34:9f:34:98:
a8:83:4e:31:1d:c4:dc:d4:c5:49:71:f1:6d:5f:a0:f2:37:76:
e5:5e:a1:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5mBUUNMPYXvK7etYgM8z4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYWM4ZGZmNGU5OWQzZTIyODlhZjYzYjE1ZDU1ZDI0NTBj
ODQyYzMwHhcNMjQwMzIyMTE1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThmNjU0NDJmYTU0NmE4Y2YyMTQ4YzU4YWJkMTVjNTAzM2ZiZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDqAJANB4GoV2S71MhxcwMlnFzBb
NaLNicu4WeeTyTePV0jVQ5zFvvk0zc7KOn9IuR11FHR127lNNqk5TBVFAC7BZf+G
ry7okTNibPhKkF1UOBKjLSdnwhZAVmwSzk36MiaDAMQUjbwbRtWWdMcscNsTjFdg
KoQf6UpHixaV8o9Yk76KhMEKAlB5V/4sRf3YCydK8cv5VzXLix91Qf/DQCep1YSs
70707FKIOoIkNPJCM3QsciRY6okNOUAfUZDuh81Sz/ePy3sV7uisnOkWZxyFpq38
B0p+HEAmNsYkXTCKCKD3rMm8M5egiExMVWy+WGTzVd4lAjxgpu8hzqYgawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmPZUQvpUaozyFIxYq9FcUDP70FMB8GA1UdIwQY
MBaAFCKsjf9OmdPiKJr2OxXVXSRQyELDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXF5Tl8wNlowLUlvbXZZN0ZkVmRKRkRJUXNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hNzVlMWQtNGQ4MS00OWNiLWFjYTUt
ODI5OThhOTI4N2UyLzEveVk5bFJDLWxScWpQSVVqRmlyMFZ4UU1fdlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hNzVlMWQtNGQ4MS00OWNiLWFjYTUtODI5OThhOTI4N2Uy
LzEvSXF5Tl8wNlowLUlvbXZZN0ZkVmRKRkRJUXNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsvuYMA0G
CSqGSIb3DQEBCwUAA4IBAQA88DJMaAtp3T86PqF2QQMJR20rGZbeZ9JWZQvTIwHN
k531o7h9nxLUvEONMHTYxPKqsxoMNI6F1imXVVwFRIA0Yc97DS3Wt4579PVxf9ae
np+/CyZpFNieJUgTWBeYPJBRPvw82fizK9djHShjkioo1TGrfDXMf0Vca3vjzTFF
tpb5ZrwG9u1KboP6TfWN6//yziSRhMFuYvb5+in3WW9JkvYUgFU3CsihwNd8KFOa
C1jUzAuAci8S/vDikDsIqIN+/jstOsngxga5IMtesk0Vcgbcq/wjC1nLOxKWAu2p
MTnn1B1JaTSfNJiog04xHcTc1MVJcfFtX6DyN3blXqEN
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:36:30 2025 by rpki-client