Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/CymF1nchgVW0vDZfFioJrzbkQ5I.roa
File: CymF1nchgVW0vDZfFioJrzbkQ5I.roa (raw, json)
Hash identifier: dh0RKkiXeiyHgqu/d9QQnpQqA1hNYatCU01GldFD0r0=
Subject key identifier: 0B:29:85:D6:77:21:81:55:B4:BC:36:5F:16:2A:09:AF:36:E4:43:92
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB38ED71B3B53088DF6AF3AAF7C090
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/CymF1nchgVW0vDZfFioJrzbkQ5I.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210016
IP address blocks: 46.21.251.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:38:ed:71:b3:b5:30:88:df:6a:f3:aa:f7:c0:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b2985d677218155b4bc365f162a09af36e44392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:64:2b:ca:87:c9:37:8b:db:52:7d:40:36:
b1:07:41:79:db:15:61:d3:08:b3:d5:a6:1f:9a:d6:
46:00:72:4b:b4:1d:8d:e7:84:9b:48:c6:6d:72:9e:
f8:c9:af:0d:f2:f2:8b:86:70:1f:e5:07:d3:3c:d6:
52:58:34:38:d5:1a:60:5b:54:b2:19:05:6a:ed:b6:
6e:d8:c6:d5:8a:c4:6d:1a:f1:4f:64:7f:38:5d:98:
c9:87:03:03:f5:a4:c7:1a:11:d8:eb:dc:6b:1d:72:
47:83:ab:4a:00:ec:a7:ed:b6:35:24:f6:48:62:ef:
5e:e2:3f:57:82:a1:ee:f7:b4:a4:e9:f5:7b:d2:03:
52:7f:2c:09:ec:03:31:ba:69:5c:d0:6e:d6:87:7a:
dd:eb:c0:fe:61:12:cc:33:2b:d1:98:d3:b0:34:9e:
ff:4a:02:24:b1:5e:17:58:9d:3d:46:b9:0c:20:ed:
18:ee:62:a3:81:58:18:3f:30:52:3e:70:5c:a5:9c:
7d:07:b4:aa:9d:ad:a9:7d:63:61:90:f1:24:04:8b:
fe:2c:4f:5b:e5:e2:11:da:e0:4b:dc:cf:fe:dd:e2:
12:28:12:66:25:70:c6:7d:53:27:8a:fe:bf:c9:0d:
22:25:65:55:46:52:f7:f5:88:61:cb:60:3b:3f:54:
9d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:29:85:D6:77:21:81:55:B4:BC:36:5F:16:2A:09:AF:36:E4:43:92
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/CymF1nchgVW0vDZfFioJrzbkQ5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.251.0/24
212.126.116.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:bc:1b:2b:c3:99:a2:fc:e8:bc:13:1a:55:cb:b3:d6:d2:7a:
1c:19:6c:8e:46:c9:df:45:98:e8:1f:7e:9c:5f:eb:75:e7:2a:
3a:8b:20:ed:80:73:0a:19:4e:36:c2:cc:15:f1:80:f4:72:67:
ab:c7:66:db:77:3f:a9:34:ba:a6:d5:ba:46:05:36:c7:a5:13:
e4:72:89:5e:b3:e3:0d:e0:df:3c:9f:96:6d:a1:d6:d7:72:65:
7c:d5:5f:49:ed:8c:a3:8c:86:cb:a3:96:50:61:4b:74:5a:a3:
4f:37:1d:34:e3:11:48:e4:87:9f:86:59:af:6d:56:42:02:93:
57:b8:04:bf:77:e7:6f:dc:7a:b8:bb:88:93:2f:37:d2:b8:e7:
3b:3d:3a:5d:a4:4c:42:cb:43:d4:85:29:eb:1e:0f:39:26:4d:
c6:b7:0e:e5:39:38:43:0f:88:c0:98:a1:5e:33:85:48:2b:18:
24:50:d9:9c:cf:f5:f5:90:d0:27:b7:1c:34:98:2e:6e:69:59:
8a:62:d4:c5:f5:5a:9f:47:43:77:0a:2f:4d:32:31:8e:c6:d4:
e1:04:41:75:83:63:b3:54:ec:da:88:12:dd:67:1c:7a:04:78:
6f:a7:87:cf:18:55:ed:e6:7c:d3:aa:fa:a4:58:24:d5:58:56:
9d:cb:ab:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzC2zjtcbO1MIjfavOq98CQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjI5ODVkNjc3MjE4MTU1YjRiYzM2NWYxNjJhMDlhZjM2ZTQ0MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPJkK8qHyTeL21J9QDaxB0F52xVh
0wiz1aYfmtZGAHJLtB2N54SbSMZtcp74ya8N8vKLhnAf5QfTPNZSWDQ41RpgW1Sy
GQVq7bZu2MbVisRtGvFPZH84XZjJhwMD9aTHGhHY69xrHXJHg6tKAOyn7bY1JPZI
Yu9e4j9XgqHu97Sk6fV70gNSfywJ7AMxumlc0G7Wh3rd68D+YRLMMyvRmNOwNJ7/
SgIksV4XWJ09RrkMIO0Y7mKjgVgYPzBSPnBcpZx9B7Sqna2pfWNhkPEkBIv+LE9b
5eIR2uBL3M/+3eISKBJmJXDGfVMniv6/yQ0iJWVVRlL39Yhhy2A7P1SdjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAsphdZ3IYFVtLw2XxYqCa825EOSMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL0N5bUYxbmNoZ1ZXMHZEWmZGaW9Kcnpia1E1SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAuFfsD
BADUfnQwDQYJKoZIhvcNAQELBQADggEBABu8GyvDmaL86LwTGlXLs9bSehwZbI5G
yd9FmOgffpxf63XnKjqLIO2AcwoZTjbCzBXxgPRyZ6vHZtt3P6k0uqbVukYFNsel
E+RyiV6z4w3g3zyflm2h1tdyZXzVX0ntjKOMhsujllBhS3Rao083HTTjEUjkh5+G
Wa9tVkICk1e4BL9352/ceri7iJMvN9K45zs9Ol2kTELLQ9SFKeseDzkmTca3DuU5
OEMPiMCYoV4zhUgrGCRQ2ZzP9fWQ0Ce3HDSYLm5pWYpi1MX1Wp9HQ3cKL00yMY7G
1OEEQXWDY7NU7NqIEt1nHHoEeG+nh88YVe3mfNOq+qRYJNVYVp3Lq5U=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:14:35 2025 by rpki-client