Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/yqmuUnBjJ9DoeEAP0Z_EDpy0vQo.roa
File: yqmuUnBjJ9DoeEAP0Z_EDpy0vQo.roa (raw, json)
Hash identifier: E94yrHKeUTlLE9bLz7D8TujvfW0YL1h4mxVjJQRVU2U=
Subject key identifier: CA:A9:AE:52:70:63:27:D0:E8:78:40:0F:D1:9F:C4:0E:9C:B4:BD:0A
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 0191F9A50C352436DA956C8AEC4F388587D8
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/yqmuUnBjJ9DoeEAP0Z_EDpy0vQo.roa
Signing time: Mon 16 Sep 2024 07:03:48 +0000
ROA not before: Mon 16 Sep 2024 07:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214982
IP address blocks: 5.102.177.0/24 maxlen: 24
96.9.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 07:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:a5:0c:35:24:36:da:95:6c:8a:ec:4f:38:85:87:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Sep 16 07:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caa9ae52706327d0e878400fd19fc40e9cb4bd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d3:ac:fa:90:eb:f3:39:d5:eb:57:6e:dc:b5:
f2:78:a1:da:bc:ae:e5:d3:ae:0d:d7:91:75:98:0f:
2b:f9:63:01:9c:97:06:0b:ad:5d:fd:75:0d:36:55:
10:be:ad:34:98:37:c6:5a:a7:72:a2:7b:a7:84:c5:
bf:76:64:33:75:80:6e:b7:4c:7f:14:7f:71:56:aa:
32:89:36:93:3c:5a:92:41:e5:37:be:c3:3d:85:e6:
43:db:b3:08:5d:de:dd:46:84:b0:34:42:25:b0:68:
79:a4:c2:47:ee:0b:7d:d3:ca:66:95:e6:b3:e8:a3:
c2:52:c7:a9:81:45:d9:c9:ae:9c:2b:63:66:c1:b6:
93:b1:3a:07:93:0a:74:07:01:c0:e6:0a:18:03:66:
23:2d:9f:b7:6f:06:66:a6:ca:37:1b:99:2b:31:60:
b8:39:31:8c:16:98:69:fc:b0:bc:13:72:87:e3:94:
62:cb:fe:e3:35:5d:c7:dd:ae:4a:3b:69:89:42:29:
c0:e4:76:37:42:20:d4:51:29:b8:0b:79:4e:94:d7:
e8:7f:ac:13:53:3a:4f:0a:67:04:9c:78:6d:e8:d7:
04:36:a5:1a:5e:b7:2d:23:64:2c:13:a4:7b:e3:d2:
2f:af:fc:5e:44:ed:68:b5:d1:c8:e2:7b:bc:6a:7f:
e6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A9:AE:52:70:63:27:D0:E8:78:40:0F:D1:9F:C4:0E:9C:B4:BD:0A
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/yqmuUnBjJ9DoeEAP0Z_EDpy0vQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.177.0/24
96.9.145.0/24
Signature Algorithm: sha256WithRSAEncryption
41:15:31:a5:5a:3c:da:00:00:dc:ba:f4:9b:b8:4e:95:fc:e1:
54:34:ed:2a:17:81:93:1a:8d:7a:db:47:9e:a9:e0:82:60:34:
72:ff:aa:4e:ac:27:61:c1:0b:bc:cd:2a:0a:ba:c2:6c:83:69:
c6:ce:b8:0d:1b:f2:c1:4e:e7:9b:7b:df:a4:e3:02:8d:24:2b:
94:8e:eb:c5:91:9c:1c:c4:ec:24:65:91:e8:97:70:c9:e1:11:
9b:3c:bc:48:65:32:c9:74:c9:bf:b9:20:1f:b1:34:e4:fc:8a:
95:5b:e2:bf:73:09:8e:8f:a5:0d:1c:6c:58:ea:54:02:32:ab:
eb:a8:77:dd:cb:4e:ff:db:2b:8b:8f:cb:df:14:a8:10:26:43:
09:e0:4d:8d:29:37:aa:b3:7e:5e:d0:f2:e9:6e:a4:ab:df:f0:
a6:7c:e9:6e:54:79:0f:47:d5:e3:c2:ad:0c:5f:ee:b6:e3:5a:
2a:30:52:c4:83:22:75:6b:45:48:8e:f8:80:8c:c4:3b:59:9f:
1d:2c:1d:5e:c0:41:e9:03:e2:47:1e:21:3e:b1:d8:7f:ea:84:
1b:d0:c1:43:05:1f:6d:1f:c9:87:d0:1c:a0:9c:97:c3:07:fd:
df:6b:11:42:9a:5e:83:1a:97:a7:24:5c:f5:95:b1:bc:c2:1a:
fe:32:b6:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZH5pQw1JDbalWyK7E84hYfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjQwOTE2MDcwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE5YWU1MjcwNjMyN2QwZTg3ODQwMGZkMTlmYzQwZTljYjRiZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptOs+pDr8znV61du3LXyeKHavK7l
064N15F1mA8r+WMBnJcGC61d/XUNNlUQvq00mDfGWqdyonunhMW/dmQzdYBut0x/
FH9xVqoyiTaTPFqSQeU3vsM9heZD27MIXd7dRoSwNEIlsGh5pMJH7gt908pmleaz
6KPCUsepgUXZya6cK2NmwbaTsToHkwp0BwHA5goYA2YjLZ+3bwZmpso3G5krMWC4
OTGMFphp/LC8E3KH45Riy/7jNV3H3a5KO2mJQinA5HY3QiDUUSm4C3lOlNfof6wT
UzpPCmcEnHht6NcENqUaXrctI2QsE6R749Ivr/xeRO1otdHI4nu8an/mCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMqprlJwYyfQ6HhAD9GfxA6ctL0KMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEveXFtdVVuQmpKOURvZUVBUDBaX0VEcHkwdlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWaxAwQA
YAmRMA0GCSqGSIb3DQEBCwUAA4IBAQBBFTGlWjzaAADcuvSbuE6V/OFUNO0qF4GT
Go1620eeqeCCYDRy/6pOrCdhwQu8zSoKusJsg2nGzrgNG/LBTuebe9+k4wKNJCuU
juvFkZwcxOwkZZHol3DJ4RGbPLxIZTLJdMm/uSAfsTTk/IqVW+K/cwmOj6UNHGxY
6lQCMqvrqHfdy07/2yuLj8vfFKgQJkMJ4E2NKTeqs35e0PLpbqSr3/CmfOluVHkP
R9Xjwq0MX+6241oqMFLEgyJ1a0VIjviAjMQ7WZ8dLB1ewEHpA+JHHiE+sdh/6oQb
0MFDBR9tH8mH0BygnJfDB/3faxFCml6DGpenJFz1lbG8whr+MrYv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:03 2025 by rpki-client