Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/yTiEtYptXvB0BTg1nySDb_BXwyM.roa
File: yTiEtYptXvB0BTg1nySDb_BXwyM.roa (raw, json)
Hash identifier: rx7KFJmZoHLiA0GZAQJhxPb6ORIiGjs3/tTqkH9fvyU=
Subject key identifier: C9:38:84:B5:8A:6D:5E:F0:74:05:38:35:9F:24:83:6F:F0:57:C3:23
Certificate issuer: /CN=32cb3c05d6a2c51c2ff52dd9dcb9e2b55c4048f9
Certificate serial: 018CC34905BAA128D12EA0584307ED8FB76A
Authority key identifier: 32:CB:3C:05:D6:A2:C5:1C:2F:F5:2D:D9:DC:B9:E2:B5:5C:40:48:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mss8BdaixRwv9S3Z3LnitVxASPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/yTiEtYptXvB0BTg1nySDb_BXwyM.roa
Signing time: Mon 01 Jan 2024 04:29:51 +0000
ROA not before: Mon 01 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202054
IP address blocks: 185.14.56.0/22 maxlen: 24
46.16.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:05:ba:a1:28:d1:2e:a0:58:43:07:ed:8f:b7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32cb3c05d6a2c51c2ff52dd9dcb9e2b55c4048f9
Validity
Not Before: Jan 1 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c93884b58a6d5ef0740538359f24836ff057c323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bd:b9:13:1c:3c:80:f2:84:81:fc:15:db:43:
2b:a9:5e:0f:51:bf:70:e0:f2:74:d3:bc:eb:db:37:
e3:f1:cd:2f:b1:b3:7d:d4:53:1f:cb:05:bd:43:b1:
15:da:eb:e2:3c:88:c5:5f:2a:07:dc:2e:0b:82:b8:
fc:00:5d:00:b1:d4:4e:cc:7b:77:fc:18:d0:6c:c8:
76:c4:04:42:b1:2e:e9:fd:c4:0b:d2:a2:04:7c:a0:
fc:af:88:32:aa:08:49:03:8c:1b:e0:76:c2:9d:1b:
33:0b:15:ed:8a:d7:ae:53:67:15:f0:e9:70:11:ed:
88:d2:78:cf:d1:20:69:04:ac:0f:2c:48:e9:b2:40:
ff:af:03:44:fd:61:04:d6:f9:60:36:a2:03:15:54:
0f:b9:8d:7a:d2:f6:f8:5f:b8:17:c6:e4:d6:c5:84:
e5:e3:ad:40:a8:35:b7:f7:9b:18:21:4a:c5:bc:4f:
e7:29:ce:9a:97:45:2d:1b:a1:92:af:07:06:d2:d2:
24:f4:d0:28:42:95:74:d5:71:94:c2:75:03:4d:ab:
b6:5f:37:b9:d3:bf:a1:61:65:fc:1e:a2:49:09:4d:
f2:34:6b:34:ac:56:09:b8:bd:01:bb:ce:65:e4:7f:
75:16:92:a4:d2:49:fa:25:e5:be:f7:82:c9:02:b1:
47:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:38:84:B5:8A:6D:5E:F0:74:05:38:35:9F:24:83:6F:F0:57:C3:23
X509v3 Authority Key Identifier:
keyid:32:CB:3C:05:D6:A2:C5:1C:2F:F5:2D:D9:DC:B9:E2:B5:5C:40:48:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mss8BdaixRwv9S3Z3LnitVxASPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/yTiEtYptXvB0BTg1nySDb_BXwyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/Mss8BdaixRwv9S3Z3LnitVxASPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.132.0/22
185.14.56.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:ef:9b:cb:98:72:d8:db:eb:d2:08:5f:af:db:9e:54:8d:6a:
3f:a6:2d:26:80:82:bd:0a:d2:bc:f2:a1:9c:77:57:88:6a:b6:
4d:8d:19:89:69:18:e0:f0:37:ff:b0:3b:a5:77:40:cf:2f:10:
bc:58:d7:f0:68:86:da:c6:81:81:6b:b9:de:43:7f:f6:a3:41:
f0:f7:18:34:d1:14:d4:79:fd:98:ef:18:56:e6:70:df:d1:89:
63:b4:9f:44:97:a7:4b:ea:23:38:2c:81:f7:d2:e1:b5:8b:eb:
69:44:aa:74:24:fe:f8:9d:55:ea:c4:25:38:f2:9a:1a:16:22:
11:df:ec:cb:a3:3c:a6:02:65:5c:08:18:3e:70:b7:98:77:86:
03:7b:90:c2:b4:af:5c:79:30:8d:02:31:9d:d1:d9:f0:bc:7c:
17:62:33:74:ee:95:05:e9:08:04:95:7c:b9:40:10:7c:9e:71:
f4:6d:54:70:25:fb:97:1b:08:ec:7d:8b:26:5f:51:d1:64:9d:
1f:3a:0a:68:ac:e7:3c:ea:b7:5b:77:a7:ae:a3:ee:02:b1:bd:
6e:5a:8f:83:d9:4d:ee:a3:61:fb:b1:94:cc:a4:57:d0:db:73:
88:4f:e4:51:9b:c4:c4:30:13:a3:d0:e8:c5:c2:1a:0b:de:44:
d9:58:e0:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSQW6oSjRLqBYQwftj7dqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyY2IzYzA1ZDZhMmM1MWMyZmY1MmRkOWRjYjllMmI1NWM0
MDQ4ZjkwHhcNMjQwMTAxMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTM4ODRiNThhNmQ1ZWYwNzQwNTM4MzU5ZjI0ODM2ZmYwNTdjMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk725Exw8gPKEgfwV20MrqV4PUb9w
4PJ007zr2zfj8c0vsbN91FMfywW9Q7EV2uviPIjFXyoH3C4Lgrj8AF0AsdROzHt3
/BjQbMh2xARCsS7p/cQL0qIEfKD8r4gyqghJA4wb4HbCnRszCxXtiteuU2cV8Olw
Ee2I0njP0SBpBKwPLEjpskD/rwNE/WEE1vlgNqIDFVQPuY160vb4X7gXxuTWxYTl
461AqDW395sYIUrFvE/nKc6al0UtG6GSrwcG0tIk9NAoQpV01XGUwnUDTau2Xze5
07+hYWX8HqJJCU3yNGs0rFYJuL0Bu85l5H91FpKk0kn6JeW+94LJArFHvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMk4hLWKbV7wdAU4NZ8kg2/wV8MjMB8GA1UdIwQY
MBaAFDLLPAXWosUcL/Ut2dy54rVcQEj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNzOEJkYWl4Und2OVMzWjNMbml0VnhBU1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85MDYyZTItOTVhZS00NjU2LWIyZWUt
OTg0YThlYjUxZTQ1LzEveVRpRXRZcHRYdkIwQlRnMW55U0RiX0JYd3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85MDYyZTItOTVhZS00NjU2LWIyZWUtOTg0YThlYjUxZTQ1
LzEvTXNzOEJkYWl4Und2OVMzWjNMbml0VnhBU1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhCEAwQC
uQ44MA0GCSqGSIb3DQEBCwUAA4IBAQAq75vLmHLY2+vSCF+v255UjWo/pi0mgIK9
CtK88qGcd1eIarZNjRmJaRjg8Df/sDuld0DPLxC8WNfwaIbaxoGBa7neQ3/2o0Hw
9xg00RTUef2Y7xhW5nDf0YljtJ9El6dL6iM4LIH30uG1i+tpRKp0JP74nVXqxCU4
8poaFiIR3+zLozymAmVcCBg+cLeYd4YDe5DCtK9ceTCNAjGd0dnwvHwXYjN07pUF
6QgElXy5QBB8nnH0bVRwJfuXGwjsfYsmX1HRZJ0fOgporOc86rdbd6euo+4Csb1u
Wo+D2U3uo2H7sZTMpFfQ23OIT+RRm8TEMBOj0OjFwhoL3kTZWODO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:30 2025 by rpki-client