Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/YNiriPReKszl8jXRidQBcFCnC4g.roa
File: YNiriPReKszl8jXRidQBcFCnC4g.roa (raw, json)
Hash identifier: xiW4Da2lN0898RwNncJ0rEaEP5J3Rl5IverfKdiIVwA=
Subject key identifier: 60:D8:AB:88:F4:5E:2A:CC:E5:F2:35:D1:89:D4:01:70:50:A7:0B:88
Certificate issuer: /CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Certificate serial: 018CC56EEC30D52483A811F41300E7E4438F
Authority key identifier: 1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/YNiriPReKszl8jXRidQBcFCnC4g.roa
Signing time: Mon 01 Jan 2024 14:30:30 +0000
ROA not before: Mon 01 Jan 2024 14:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3250
IP address blocks: 185.14.156.0/22 maxlen: 22
2a03:b240::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ec:30:d5:24:83:a8:11:f4:13:00:e7:e4:43:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Validity
Not Before: Jan 1 14:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60d8ab88f45e2acce5f235d189d4017050a70b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9e:19:02:8b:5c:45:2a:03:07:11:87:0e:00:
0a:fc:d2:e1:2f:12:03:17:5c:3a:58:1a:e7:c6:66:
fc:b1:5c:d0:c3:1f:ec:18:9c:d8:8d:69:d7:86:b0:
22:8a:c8:20:d1:a5:e7:b8:97:c8:8c:f9:0c:ea:f6:
96:04:04:cf:d7:1a:f9:f9:ea:4d:71:03:29:3e:c2:
47:fa:a8:42:ae:96:2d:df:81:12:21:f4:8e:87:fe:
11:87:f1:0c:47:94:53:cf:37:1f:d5:61:c6:f0:23:
2f:93:a9:3f:4c:4b:02:e2:cb:47:30:85:e2:58:af:
a3:a2:db:62:00:3d:b8:bc:1d:6e:eb:1a:98:1b:cf:
40:e1:40:68:be:4a:66:eb:2a:fa:77:03:26:23:84:
02:f5:70:b0:db:2a:99:6e:b7:0a:40:44:1a:69:a5:
d5:32:2e:ed:a0:09:fd:31:6c:f2:cd:68:b4:ed:5c:
d4:ff:50:15:e5:0f:37:56:e5:ad:3f:30:ec:d4:c0:
2e:cb:3d:00:66:42:6e:30:39:78:6e:ba:ad:7b:4a:
7f:e8:f6:b0:f3:2b:94:19:83:40:6d:7d:98:d4:47:
be:12:fe:20:20:4f:a8:5d:5d:94:01:41:8e:1d:a9:
79:2a:61:c9:4b:1d:f9:79:e0:9b:c8:bd:7b:3c:e6:
62:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D8:AB:88:F4:5E:2A:CC:E5:F2:35:D1:89:D4:01:70:50:A7:0B:88
X509v3 Authority Key Identifier:
keyid:1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/YNiriPReKszl8jXRidQBcFCnC4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/HpUuiDc295y9nFZHBL88NmIbjso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.156.0/22
IPv6:
2a03:b240::/32
Signature Algorithm: sha256WithRSAEncryption
2e:2d:cc:15:0a:cf:a6:78:f9:2c:1c:f6:7f:79:0e:eb:7f:f0:
ce:a0:72:25:c8:97:a8:b1:47:5e:40:2f:c1:b0:51:7e:7a:1f:
3a:a6:37:dc:03:dd:16:51:82:34:9f:d6:0b:8f:a5:a1:51:aa:
82:c6:ac:ec:50:a4:03:ee:3c:a3:45:b1:ee:6f:ab:5a:06:13:
30:8a:ab:58:47:69:73:30:cc:a8:3e:93:3e:a7:55:d3:8f:b7:
01:dd:be:f1:b7:9f:e0:54:3f:d0:85:34:b6:8a:01:cb:37:fb:
1f:b6:41:13:bf:c5:0d:48:3e:3d:33:f1:97:52:97:dc:b5:97:
57:56:f1:ca:a3:17:10:b1:08:f8:98:e0:a8:cd:50:55:34:bb:
f5:53:9d:39:88:c4:5e:b6:94:ac:1f:f9:6c:13:83:75:6e:d4:
69:74:f6:71:e0:92:c3:89:61:a5:ab:e1:4b:f7:89:ee:6f:7b:
8e:06:d9:83:8c:cf:83:8a:5d:21:65:28:3b:a0:8d:c8:82:e8:
bd:17:a6:e1:02:98:aa:6c:23:5d:09:40:6e:b2:4f:36:c6:98:
f4:13:40:06:d6:05:4d:4f:0f:1d:ef:ae:c0:d8:e5:f4:db:a6:
36:14:9e:fe:6c:fa:64:04:2f:5c:e7:2a:61:a0:f8:98:90:23:
8a:38:fe:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbuww1SSDqBH0EwDn5EOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTUyZTg4MzczNmY3OWNiZDljNTY0NzA0YmYzYzM2NjIx
YjhlY2EwHhcNMjQwMTAxMTQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQ4YWI4OGY0NWUyYWNjZTVmMjM1ZDE4OWQ0MDE3MDUwYTcwYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ4ZAotcRSoDBxGHDgAK/NLhLxID
F1w6WBrnxmb8sVzQwx/sGJzYjWnXhrAiisgg0aXnuJfIjPkM6vaWBATP1xr5+epN
cQMpPsJH+qhCrpYt34ESIfSOh/4Rh/EMR5RTzzcf1WHG8CMvk6k/TEsC4stHMIXi
WK+jottiAD24vB1u6xqYG89A4UBovkpm6yr6dwMmI4QC9XCw2yqZbrcKQEQaaaXV
Mi7toAn9MWzyzWi07VzU/1AV5Q83VuWtPzDs1MAuyz0AZkJuMDl4brqte0p/6Paw
8yuUGYNAbX2Y1Ee+Ev4gIE+oXV2UAUGOHal5KmHJSx35eeCbyL17POZi8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDYq4j0XirM5fI10YnUAXBQpwuIMB8GA1UdIwQY
MBaAFB6VLog3NvecvZxWRwS/PDZiG47KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBVdWlEYzI5NXk5bkZaSEJMODhObUlianNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iMTQwYWUtYzA0Ny00ZmY2LTg2NGYt
MzU2MDM1NjU3MWE3LzEvWU5pcmlQUmVLc3psOGpYUmlkUUJjRkNuQzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iMTQwYWUtYzA0Ny00ZmY2LTg2NGYtMzU2MDM1NjU3MWE3
LzEvSHBVdWlEYzI5NXk5bkZaSEJMODhObUlianNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ6cMA0E
AgACMAcDBQAqA7JAMA0GCSqGSIb3DQEBCwUAA4IBAQAuLcwVCs+mePksHPZ/eQ7r
f/DOoHIlyJeosUdeQC/BsFF+eh86pjfcA90WUYI0n9YLj6WhUaqCxqzsUKQD7jyj
RbHub6taBhMwiqtYR2lzMMyoPpM+p1XTj7cB3b7xt5/gVD/QhTS2igHLN/sftkET
v8UNSD49M/GXUpfctZdXVvHKoxcQsQj4mOCozVBVNLv1U505iMRetpSsH/lsE4N1
btRpdPZx4JLDiWGlq+FL94nub3uOBtmDjM+Dil0hZSg7oI3Igui9F6bhApiqbCNd
CUBusk82xpj0E0AG1gVNTw8d767A2OX026Y2FJ7+bPpkBC9c5yphoPiYkCOKOP7y
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:21 2025 by rpki-client