Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/1YB4CsH2FoEIVghr5hqJqpvcGDM.roa
File: 1YB4CsH2FoEIVghr5hqJqpvcGDM.roa (raw, json)
Hash identifier: FnWDC+48GRyfeLhZjNE/m8ZDsZW18WeNPglkgG4yKLQ=
Subject key identifier: D5:80:78:0A:C1:F6:16:81:08:56:08:6B:E6:1A:89:AA:9B:DC:18:33
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF8FD24F3E8B92BDCCC8DC40A61E5A
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/1YB4CsH2FoEIVghr5hqJqpvcGDM.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216082
IP address blocks: 212.68.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8f:d2:4f:3e:8b:92:bd:cc:c8:dc:40:a6:1e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d580780ac1f616810856086be61a89aa9bdc1833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ce:49:70:4d:fa:ec:87:23:14:1a:07:ac:a0:
c4:e7:44:4e:5f:97:27:bf:c3:5f:65:2b:35:57:8d:
f3:6c:24:52:9d:55:b2:79:19:da:dd:51:45:09:3b:
d5:6a:fb:78:66:1d:4e:e8:55:08:37:9b:9f:e6:68:
77:00:16:d9:2e:b5:ce:62:fd:f1:2d:4b:d2:47:7e:
ad:cf:3e:43:5a:b0:0a:a0:69:e6:e9:7c:99:fb:32:
35:ee:e6:79:05:a6:c9:ce:93:d1:5f:f9:02:ea:36:
3d:1f:d4:a5:f0:c4:7c:5a:79:6b:21:dc:e0:00:af:
4b:02:81:59:8f:c7:3b:e2:38:59:93:a0:9e:71:c2:
7b:07:89:45:6f:11:27:98:61:03:71:91:d4:9f:e5:
d9:12:98:59:47:60:6e:b0:0a:7e:b2:b8:07:e3:71:
e7:ed:6b:f4:b3:24:87:3e:73:38:be:f5:e1:67:e3:
31:e0:c7:c4:67:58:4b:c6:8e:5c:4c:a0:af:9c:9d:
0d:81:e3:90:3d:25:58:e7:63:3e:4b:d3:01:87:dd:
c3:cd:ea:31:07:f5:9f:f6:ba:6c:48:ca:74:53:a3:
09:dd:86:f1:95:67:86:82:2a:70:f1:5f:ca:08:88:
39:b1:43:59:a4:01:0d:35:e1:48:49:87:f0:0e:41:
0d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:80:78:0A:C1:F6:16:81:08:56:08:6B:E6:1A:89:AA:9B:DC:18:33
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/1YB4CsH2FoEIVghr5hqJqpvcGDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.39.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ac:d9:c3:28:4a:bd:b5:58:69:c0:21:5d:5e:c7:1e:34:ee:
78:73:cc:9b:b3:c7:ef:1c:d4:46:1c:42:65:4e:33:73:4a:64:
10:37:4b:33:be:34:95:a0:98:16:40:2a:48:d8:05:06:41:02:
89:70:75:43:7d:7d:dc:d4:5a:0e:45:b2:4b:4c:b7:50:80:12:
bf:f7:a8:db:1a:4e:21:fc:aa:c1:b0:a9:97:ac:c1:67:1c:cb:
92:04:b1:b8:d4:a7:a2:16:87:08:2f:02:09:fe:e7:03:b7:67:
21:0d:ee:72:2c:70:53:4f:96:10:e9:38:90:7c:14:4b:bd:60:
1e:5a:70:5d:08:81:f6:b5:d4:50:b1:d7:34:a0:f3:67:22:42:
b4:51:5b:79:5e:af:3d:0b:a9:7c:ac:c2:46:43:6c:a9:fb:5b:
32:22:4d:8f:bf:99:83:91:aa:f4:dd:7d:f7:c8:2c:87:71:e3:
2c:0c:fa:18:73:16:cc:09:e5:b6:30:0d:4e:b5:f3:73:eb:d2:
db:4c:ca:55:9d:09:86:8d:e3:f1:e2:8f:44:41:6c:e6:74:10:
2a:ee:b9:d1:1e:78:39:d8:0c:32:35:9b:e5:f5:ec:47:4b:66:
28:b9:0c:0c:f3:9d:cd:c0:e6:78:b2:c6:83:e6:09:46:79:b3:
e4:61:04:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34/STz6Lkr3MyNxAph5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTgwNzgwYWMxZjYxNjgxMDg1NjA4NmJlNjFhODlhYTliZGMxODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM5JcE367IcjFBoHrKDE50ROX5cn
v8NfZSs1V43zbCRSnVWyeRna3VFFCTvVavt4Zh1O6FUIN5uf5mh3ABbZLrXOYv3x
LUvSR36tzz5DWrAKoGnm6XyZ+zI17uZ5BabJzpPRX/kC6jY9H9Sl8MR8WnlrIdzg
AK9LAoFZj8c74jhZk6CeccJ7B4lFbxEnmGEDcZHUn+XZEphZR2BusAp+srgH43Hn
7Wv0sySHPnM4vvXhZ+Mx4MfEZ1hLxo5cTKCvnJ0NgeOQPSVY52M+S9MBh93Dzeox
B/Wf9rpsSMp0U6MJ3YbxlWeGgipw8V/KCIg5sUNZpAENNeFISYfwDkENpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWAeArB9haBCFYIa+Yaiaqb3BgzMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvMVlCNENzSDJGb0VJVmdocjVocUpxcHZjR0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EQnMA0G
CSqGSIb3DQEBCwUAA4IBAQCGrNnDKEq9tVhpwCFdXsceNO54c8ybs8fvHNRGHEJl
TjNzSmQQN0szvjSVoJgWQCpI2AUGQQKJcHVDfX3c1FoORbJLTLdQgBK/96jbGk4h
/KrBsKmXrMFnHMuSBLG41KeiFocILwIJ/ucDt2chDe5yLHBTT5YQ6TiQfBRLvWAe
WnBdCIH2tdRQsdc0oPNnIkK0UVt5Xq89C6l8rMJGQ2yp+1syIk2Pv5mDkar03X33
yCyHceMsDPoYcxbMCeW2MA1OtfNz69LbTMpVnQmGjePx4o9EQWzmdBAq7rnRHng5
2AwyNZvl9exHS2YouQwM853NwOZ4ssaD5glGebPkYQRF
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:08:53 2025 by rpki-client