Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/ysGJf38CAuZNmWzIZqKuX9O9VLo.roa
File: ysGJf38CAuZNmWzIZqKuX9O9VLo.roa (raw, json)
Hash identifier: 1F+shxEKJtN4kkRHj44PFAqnFK+Pe49heoNAMEQ49Rk=
Subject key identifier: CA:C1:89:7F:7F:02:02:E6:4D:99:6C:C8:66:A2:AE:5F:D3:BD:54:BA
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 018CC7271F7AB71C0E9C9003E376BDE32DFE
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/ysGJf38CAuZNmWzIZqKuX9O9VLo.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50030
IP address blocks: 193.111.212.0/22 maxlen: 24
2001:678:9b0::/48 maxlen: 48
2001:678:9c0::/48 maxlen: 48
2001:67c:2878::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1f:7a:b7:1c:0e:9c:90:03:e3:76:bd:e3:2d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cac1897f7f0202e64d996cc866a2ae5fd3bd54ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6b:40:10:60:1d:8e:71:ef:91:90:f3:5e:da:
de:8b:c3:1a:b1:05:ca:11:b3:2e:ab:cf:90:97:cb:
8c:3c:00:31:e4:75:c5:84:99:d0:17:9b:a6:23:03:
f0:ea:50:0c:82:2d:d5:58:c6:ab:24:7b:71:9e:4e:
c3:8b:82:4e:5b:76:fa:9c:84:65:79:38:1b:a3:20:
d3:f7:80:4a:b3:0c:ef:40:8f:7e:3e:44:03:77:b4:
44:0a:8c:b9:a4:01:90:47:9e:18:ef:8b:89:54:be:
ce:08:4b:b3:b2:42:cc:69:bc:06:44:39:19:e9:ef:
95:01:52:ed:b9:d9:b3:16:2b:fa:9f:01:9e:97:f9:
eb:45:ba:c1:a7:04:1a:64:c4:7b:b0:67:04:d4:87:
4d:aa:14:fb:e6:8c:e2:84:d3:63:6b:d9:23:f7:65:
71:96:a6:02:39:d6:46:66:7a:9a:fb:73:89:00:56:
9f:72:0e:e5:a5:ac:cc:63:4c:a8:c6:7d:f3:ad:f8:
96:0e:0f:cd:29:24:57:3c:b6:85:38:59:2f:c8:0e:
6e:19:02:00:98:51:92:9b:6e:dd:54:6e:2b:c5:df:
31:86:b3:f5:2d:f5:8c:12:b0:8f:15:2f:1a:9b:fe:
2d:a4:54:59:27:f8:e7:fb:21:2b:be:8a:dc:fe:aa:
c1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C1:89:7F:7F:02:02:E6:4D:99:6C:C8:66:A2:AE:5F:D3:BD:54:BA
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/ysGJf38CAuZNmWzIZqKuX9O9VLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.212.0/22
IPv6:
2001:678:9b0::/48
2001:678:9c0::/48
2001:67c:2878::/48
Signature Algorithm: sha256WithRSAEncryption
26:ef:7a:d1:11:3f:14:12:ba:8c:86:b7:8c:3f:88:09:4e:38:
a0:f6:16:4c:49:6d:59:41:ae:8f:38:d2:45:2b:65:f1:14:10:
a6:6f:3b:0d:95:d1:b5:0b:fa:14:36:c1:99:24:e4:a0:69:7d:
71:99:c5:1d:68:6b:c2:20:4b:c1:0f:12:34:e8:d7:95:e2:9e:
ca:56:f2:4b:d3:3e:3b:5a:29:e2:b6:45:44:eb:e1:77:e0:e3:
81:9c:42:67:6f:74:d1:26:d3:3e:6e:82:8f:ed:f1:1f:e4:65:
19:3c:0e:97:6a:ea:d7:c7:e6:bd:5d:23:a8:55:4d:b6:be:c0:
2a:6b:6b:b9:33:ad:b6:8a:58:23:fd:c5:b6:10:89:cc:cd:a9:
c5:e7:9a:fd:57:a5:69:1f:d5:a2:a6:2a:53:74:ba:76:b7:9b:
9c:17:40:aa:8d:ea:ab:52:02:50:96:b5:3a:98:6f:93:4c:93:
ed:00:ca:ae:37:59:7c:ab:34:d4:42:aa:79:11:54:90:15:d0:
01:65:8f:f8:8f:7d:5d:05:76:7c:e7:72:71:5c:42:02:6f:e9:
53:41:9a:70:89:70:39:2a:dc:3f:20:c5:e1:fe:ff:3d:0c:fc:
1a:31:b7:3f:d8:a6:ae:2a:cb:cc:8b:4f:23:33:00:15:b0:fa:
6a:df:af:cf
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHJx96txwOnJAD43a94y3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi
ZDRiNzgwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMxODk3ZjdmMDIwMmU2NGQ5OTZjYzg2NmEyYWU1ZmQzYmQ1NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2tAEGAdjnHvkZDzXtrei8MasQXK
EbMuq8+Ql8uMPAAx5HXFhJnQF5umIwPw6lAMgi3VWMarJHtxnk7Di4JOW3b6nIRl
eTgboyDT94BKswzvQI9+PkQDd7RECoy5pAGQR54Y74uJVL7OCEuzskLMabwGRDkZ
6e+VAVLtudmzFiv6nwGel/nrRbrBpwQaZMR7sGcE1IdNqhT75ozihNNja9kj92Vx
lqYCOdZGZnqa+3OJAFafcg7lpazMY0yoxn3zrfiWDg/NKSRXPLaFOFkvyA5uGQIA
mFGSm27dVG4rxd8xhrP1LfWMErCPFS8am/4tpFRZJ/jn+yErvorc/qrBOQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMrBiX9/AgLmTZlsyGairl/TvVS6MB8GA1UdIwQY
MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt
MDg1NDI0NTRkMTZiLzEveXNHSmYzOENBdVpObVd6SVpxS3VYOU85VkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi
LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQCwW/UMCEE
AgACMBsDBwAgAQZ4CbADBwAgAQZ4CcADBwAgAQZ8KHgwDQYJKoZIhvcNAQELBQAD
ggEBACbvetERPxQSuoyGt4w/iAlOOKD2FkxJbVlBro840kUrZfEUEKZvOw2V0bUL
+hQ2wZkk5KBpfXGZxR1oa8IgS8EPEjTo15XinspW8kvTPjtaKeK2RUTr4Xfg44Gc
QmdvdNEm0z5ugo/t8R/kZRk8Dpdq6tfH5r1dI6hVTba+wCpra7kzrbaKWCP9xbYQ
iczNqcXnmv1XpWkf1aKmKlN0una3m5wXQKqN6qtSAlCWtTqYb5NMk+0Ayq43WXyr
NNRCqnkRVJAV0AFlj/iPfV0FdnzncnFcQgJv6VNBmnCJcDkq3D8gxeH+/z0M/Box
tz/Ypq4qy8yLTyMzABWw+mrfr88=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:59:48 2025 by rpki-client