Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/yr3QftqB-A4PqEF1u29vbSdvpAQ.roa
File: yr3QftqB-A4PqEF1u29vbSdvpAQ.roa (raw, json)
Hash identifier: DmCgl4shnmN5l3ZyzpXRn8R/UsgizttgqShb1kLBlH8=
Subject key identifier: CA:BD:D0:7E:DA:81:F8:0E:0F:A8:41:75:BB:6F:6F:6D:27:6F:A4:04
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 0193B57595EE1DD6A4C7AE58CAEA1B5025BD
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/yr3QftqB-A4PqEF1u29vbSdvpAQ.roa
Signing time: Wed 11 Dec 2024 11:23:22 +0000
ROA not before: Wed 11 Dec 2024 11:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 45.88.78.0/24 maxlen: 24
95.215.205.0/24 maxlen: 24
95.215.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 19:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:75:95:ee:1d:d6:a4:c7:ae:58:ca:ea:1b:50:25:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Dec 11 11:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cabdd07eda81f80e0fa84175bb6f6f6d276fa404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:13:c6:ee:f8:18:ff:e0:b0:5a:7f:fa:77:11:
17:29:0c:8a:69:4c:1f:f9:76:bd:fc:91:21:1b:34:
b5:35:03:09:97:b3:70:f2:a3:6f:0e:d0:f3:aa:42:
62:45:71:d3:39:9c:f4:56:ba:6d:f2:c6:17:45:df:
6e:0f:39:fa:f4:9a:b7:81:38:e7:ef:17:30:1f:57:
fc:b1:94:8b:ef:50:de:32:3c:8c:e1:e2:dc:56:5c:
54:a1:2a:e4:6b:32:1f:0b:69:c9:9b:d4:56:87:90:
a2:97:ad:34:04:76:92:7a:36:bc:58:66:0a:24:a2:
f7:31:42:29:a9:81:e4:8f:48:4d:c9:d3:c0:2e:b4:
09:7c:8d:18:d8:30:50:31:df:7f:94:e9:12:08:2c:
d8:d0:f9:69:b6:47:2a:45:ae:75:08:e7:2c:02:82:
49:7c:4b:eb:a8:3c:0a:ca:71:b6:99:14:4f:9a:4b:
b5:09:77:19:c4:75:e5:35:c4:a8:1e:c6:b4:8f:e0:
6f:21:d6:dc:76:6d:16:8e:6d:30:c2:79:bf:9e:5f:
f9:5f:65:d6:23:29:87:a3:9e:fc:2c:07:0d:f7:e3:
f5:e2:5a:d4:27:56:fa:32:d8:2e:43:3f:a9:1b:9d:
3e:cf:2c:07:df:ea:56:f6:f6:00:89:a7:ba:fd:55:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BD:D0:7E:DA:81:F8:0E:0F:A8:41:75:BB:6F:6F:6D:27:6F:A4:04
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/yr3QftqB-A4PqEF1u29vbSdvpAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.78.0/24
95.215.205.0-95.215.206.255
Signature Algorithm: sha256WithRSAEncryption
0b:05:17:98:1f:19:62:7e:e6:4e:a0:5f:b8:01:f1:18:f9:25:
7e:48:3f:df:69:24:c8:3d:b3:58:f7:0f:7d:0a:5b:f0:d0:67:
5e:35:d4:f3:0c:60:f2:34:cd:bf:e0:65:fc:2a:84:41:f9:9d:
af:f1:97:fc:ae:9a:3d:11:67:17:f4:b5:9c:1a:95:42:5b:c9:
1e:ca:a2:ae:86:fd:9c:46:92:fe:de:ba:3b:b2:45:40:cc:ea:
e3:70:0c:4d:03:27:29:bb:aa:e5:f7:89:76:77:94:a5:b4:0f:
dc:ca:a0:da:7e:dc:61:e7:b6:3a:7c:0c:78:1d:83:f8:f8:61:
a8:80:94:ef:2c:12:5f:3f:d6:6d:d8:43:4c:ef:3d:bf:d3:07:
fe:04:2e:32:d0:b0:0e:10:cc:a6:f5:cb:bb:cc:9b:aa:8e:7f:
45:55:1f:1b:7f:3e:ed:71:58:8b:00:b7:02:f1:48:8a:22:a7:
5e:e3:45:11:2d:48:8f:f2:7e:92:c5:33:fb:63:f8:38:43:55:
bc:11:eb:36:52:90:ee:dc:4c:f6:63:f8:a5:2f:c7:7a:89:6d:
62:8e:83:47:10:e2:7c:af:d3:ae:7c:cc:3a:99:3f:d3:4e:77:
e6:01:76:dc:43:04:c9:24:29:c3:d2:bf:1a:bb:66:54:b4:ea:
4d:a6:cb:f9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZO1dZXuHdakx65YyuobUCW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQxMjExMTEyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJkZDA3ZWRhODFmODBlMGZhODQxNzViYjZmNmY2ZDI3NmZhNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9BPG7vgY/+CwWn/6dxEXKQyKaUwf
+Xa9/JEhGzS1NQMJl7Nw8qNvDtDzqkJiRXHTOZz0Vrpt8sYXRd9uDzn69Jq3gTjn
7xcwH1f8sZSL71DeMjyM4eLcVlxUoSrkazIfC2nJm9RWh5Cil600BHaSeja8WGYK
JKL3MUIpqYHkj0hNydPALrQJfI0Y2DBQMd9/lOkSCCzY0PlptkcqRa51COcsAoJJ
fEvrqDwKynG2mRRPmku1CXcZxHXlNcSoHsa0j+BvIdbcdm0Wjm0wwnm/nl/5X2XW
IymHo578LAcN9+P14lrUJ1b6MtguQz+pG50+zywH3+pW9vYAiae6/VU5JwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMq90H7agfgOD6hBdbtvb20nb6QEMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEveXIzUWZ0cUItQTRQcUVGMXUyOXZiU2R2cEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALVhOMAwD
BABf180DBABf184wDQYJKoZIhvcNAQELBQADggEBAAsFF5gfGWJ+5k6gX7gB8Rj5
JX5IP99pJMg9s1j3D30KW/DQZ1411PMMYPI0zb/gZfwqhEH5na/xl/yumj0RZxf0
tZwalUJbyR7Koq6G/ZxGkv7eujuyRUDM6uNwDE0DJym7quX3iXZ3lKW0D9zKoNp+
3GHntjp8DHgdg/j4YaiAlO8sEl8/1m3YQ0zvPb/TB/4ELjLQsA4QzKb1y7vMm6qO
f0VVHxt/Pu1xWIsAtwLxSIoip17jRREtSI/yfpLFM/tj+DhDVbwR6zZSkO7cTPZj
+KUvx3qJbWKOg0cQ4nyv0658zDqZP9NOd+YBdtxDBMkkKcPSvxq7ZlS06k2my/k=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:45:52 2025 by rpki-client