Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ysZtHJTS-2nwEGaC4GjKcNLrGrE.roa
File: ysZtHJTS-2nwEGaC4GjKcNLrGrE.roa (raw, json)
Hash identifier: Vl0w/qLVZHSdDVOZcI/MGepZp+BWpenhfSdh3wbaGWI=
Subject key identifier: CA:C6:6D:1C:94:D2:FB:69:F0:10:66:82:E0:68:CA:70:D2:EB:1A:B1
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0191E621ED7EE27955AD67FB6DB95A8A9ED2
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ysZtHJTS-2nwEGaC4GjKcNLrGrE.roa
Signing time: Thu 12 Sep 2024 12:07:48 +0000
ROA not before: Thu 12 Sep 2024 12:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214447
IP address blocks: 188.132.212.0/24 maxlen: 24
188.132.213.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.218.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:21:ed:7e:e2:79:55:ad:67:fb:6d:b9:5a:8a:9e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Sep 12 12:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cac66d1c94d2fb69f0106682e068ca70d2eb1ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:52:7a:56:f6:83:85:29:75:9b:d6:a9:f9:
9c:18:55:35:d9:0d:34:31:c1:90:a5:97:30:3d:b7:
93:eb:08:4a:52:95:37:50:57:56:dd:5b:12:e1:df:
4c:c7:dc:6f:a8:44:75:e4:60:a2:5a:cb:3a:8f:d9:
66:4b:38:53:8b:57:c4:24:93:db:00:c2:d2:2f:ca:
00:b1:d2:45:13:19:90:97:4b:c7:1e:4e:32:77:03:
50:dd:01:23:5c:d9:ce:cc:78:7f:b8:33:85:5f:ab:
a6:07:64:da:e4:7f:35:7c:62:3e:dd:35:fd:07:68:
5c:0f:85:72:3e:a5:4d:f2:10:7f:81:d5:c5:67:83:
1f:24:35:d1:00:da:b4:c6:e7:a2:fb:04:fd:c3:0f:
5b:df:a4:f4:28:62:91:4b:2d:0e:27:7b:c0:98:21:
30:e0:fd:46:dd:0c:e2:bc:46:8d:af:4a:ed:2c:2d:
d0:7c:4a:fe:c2:1d:60:75:32:34:04:f1:96:59:be:
4f:b4:57:22:2f:c4:cb:36:6b:13:5c:0a:9c:3e:0d:
83:5e:e4:6a:81:9e:6a:f7:74:88:10:bc:29:35:e2:
b0:0f:52:b3:0b:81:aa:84:17:ae:1a:48:df:9a:73:
b8:3f:2e:74:0a:9f:32:4e:98:3c:95:dd:73:41:1a:
87:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C6:6D:1C:94:D2:FB:69:F0:10:66:82:E0:68:CA:70:D2:EB:1A:B1
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ysZtHJTS-2nwEGaC4GjKcNLrGrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.212.0-188.132.218.255
188.132.228.0/24
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:60:ea:50:93:db:5c:5c:8e:4d:fe:d2:13:04:b4:d6:5e:e4:
9c:6f:de:3d:b3:60:eb:4d:4d:74:7a:8f:e5:25:fc:f9:e5:1a:
aa:87:59:82:d4:a8:8f:05:13:3e:e5:f2:31:64:a3:a6:72:ee:
6a:a7:90:aa:67:d5:37:6a:23:5a:1d:d1:2b:71:b4:5b:01:81:
83:5f:59:fc:5a:af:29:61:f3:8b:88:07:b7:20:6c:be:49:d4:
4c:f7:52:70:b9:bb:31:83:50:40:d8:9a:b4:66:3c:f2:78:90:
c2:33:e6:50:6f:21:0b:34:9c:a6:c9:69:a5:e3:14:42:bf:00:
c3:ac:f3:3a:a0:dd:13:1e:40:24:fc:95:8c:e1:70:a1:39:91:
46:56:86:2d:fb:c5:3c:2e:dc:49:11:c4:49:65:62:b8:a1:56:
d6:c4:56:e4:d2:d2:24:80:8f:17:b6:de:e1:9e:79:04:41:bd:
bf:2b:0a:fd:71:10:ae:ee:21:9f:da:40:d5:0e:a5:ab:c3:a2:
09:ef:5a:3d:f3:b0:b9:de:a3:99:2c:76:31:f7:09:2b:f0:94:
6e:2e:10:41:8e:b4:cd:1c:35:65:c4:3c:83:10:b2:2e:08:b4:
ad:7e:c4:44:3b:2a:71:e0:b2:c1:80:03:05:59:24:6e:47:a0:
6a:09:38:3e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZHmIe1+4nlVrWf7bblaip7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwOTEyMTIwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM2NmQxYzk0ZDJmYjY5ZjAxMDY2ODJlMDY4Y2E3MGQyZWIxYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAdSelb2g4UpdZvWqfmcGFU12Q00
McGQpZcwPbeT6whKUpU3UFdW3VsS4d9Mx9xvqER15GCiWss6j9lmSzhTi1fEJJPb
AMLSL8oAsdJFExmQl0vHHk4ydwNQ3QEjXNnOzHh/uDOFX6umB2Ta5H81fGI+3TX9
B2hcD4VyPqVN8hB/gdXFZ4MfJDXRANq0xuei+wT9ww9b36T0KGKRSy0OJ3vAmCEw
4P1G3QzivEaNr0rtLC3QfEr+wh1gdTI0BPGWWb5PtFciL8TLNmsTXAqcPg2DXuRq
gZ5q93SIELwpNeKwD1KzC4GqhBeuGkjfmnO4Py50Cp8yTpg8ld1zQRqHiwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMrGbRyU0vtp8BBmguBoynDS6xqxMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEveXNadEhKVFMtMm53RUdhQzRHaktjTkxyR3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAK8hNQD
BAC8hNoDBAC8hOQDBADURCMwDQYJKoZIhvcNAQELBQADggEBAA5g6lCT21xcjk3+
0hMEtNZe5Jxv3j2zYOtNTXR6j+Ul/PnlGqqHWYLUqI8FEz7l8jFko6Zy7mqnkKpn
1TdqI1od0StxtFsBgYNfWfxarylh84uIB7cgbL5J1Ez3UnC5uzGDUEDYmrRmPPJ4
kMIz5lBvIQs0nKbJaaXjFEK/AMOs8zqg3RMeQCT8lYzhcKE5kUZWhi37xTwu3EkR
xEllYrihVtbEVuTS0iSAjxe23uGeeQRBvb8rCv1xEK7uIZ/aQNUOpavDognvWj3z
sLneo5ksdjH3CSvwlG4uEEGOtM0cNWXEPIMQsi4ItK1+xEQ7KnHgssGAAwVZJG5H
oGoJOD4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:56 2025 by rpki-client