Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ys1-sx5fN7-kFy4i6dLrEr5dVq4.roa
File: ys1-sx5fN7-kFy4i6dLrEr5dVq4.roa (raw, json)
Hash identifier: qtop+oiw+4Z5F2fGc5PoEhnjOvdppfJ/VH62NGo8kqU=
Subject key identifier: CA:CD:7E:B3:1E:5F:37:BF:A4:17:2E:22:E9:D2:EB:12:BE:5D:56:AE
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A26C2A266FA9B6D4C00B94353D484
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ys1-sx5fN7-kFy4i6dLrEr5dVq4.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61196
IP address blocks: 95.46.44.0/23 maxlen: 24
93.171.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:26:c2:a2:66:fa:9b:6d:4c:00:b9:43:53:d4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cacd7eb31e5f37bfa4172e22e9d2eb12be5d56ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ce:7d:48:6e:7e:73:9c:f0:61:40:8f:ba:a2:
3f:7b:41:f1:71:84:de:9f:0b:bc:72:94:9e:02:fa:
78:9b:3b:e2:94:6c:62:4b:a3:27:89:4b:f2:60:14:
96:6d:ed:f1:3c:0d:65:9c:c9:02:7c:8f:9b:ff:4e:
51:d4:2c:08:e0:3a:d4:23:5a:77:cb:bf:d1:91:34:
c8:a7:11:cf:d3:e4:01:bb:36:e5:2f:ef:32:5d:79:
b0:75:5d:cc:a0:69:4b:9c:c5:3a:d2:4d:b0:75:c9:
3a:b6:30:3e:66:c4:f1:ef:38:2f:c7:ef:60:24:24:
6e:c6:79:59:e0:dc:f7:9c:ca:85:8f:d2:9a:f4:37:
17:ca:3a:ce:6d:fd:e7:d9:04:d9:58:b5:72:5f:9b:
e1:c0:01:5f:66:1f:a8:9e:13:ff:71:95:0d:ec:df:
54:23:4e:fd:89:f5:fb:70:93:c2:f3:b1:57:37:83:
4f:1b:5b:f4:1d:77:14:a9:b8:93:6c:8c:41:51:d6:
3f:9a:23:18:e1:77:03:2f:4f:49:10:92:7a:18:f6:
a1:4c:2b:6b:76:3f:bc:51:dd:8b:81:cc:8b:e6:55:
c0:b5:9e:90:45:e9:37:bc:60:fd:63:20:2e:1a:4a:
01:2b:e2:a0:24:f6:19:f4:37:7d:4f:4d:7d:33:53:
fc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CD:7E:B3:1E:5F:37:BF:A4:17:2E:22:E9:D2:EB:12:BE:5D:56:AE
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ys1-sx5fN7-kFy4i6dLrEr5dVq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.215.0/24
95.46.44.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:e3:38:a3:dc:1b:10:44:46:d7:84:75:92:1e:ec:c2:fe:fd:
03:9e:eb:a0:e6:35:b9:06:d7:0a:85:90:0a:90:30:7f:70:14:
fb:fa:a6:c8:5b:17:77:73:fa:9f:4f:e2:5a:99:9f:dc:86:83:
b1:45:5a:d2:7d:97:2b:a1:c6:6e:4f:68:90:6b:de:6f:82:79:
94:ff:1e:de:34:6e:55:79:c6:3b:17:d8:e9:39:c7:b6:a9:2a:
fc:a1:e6:85:fa:59:c1:c2:66:59:e2:1d:ee:ba:82:27:1a:b5:
55:83:1f:86:02:2b:e2:80:5f:8a:20:12:cd:cd:5b:b7:5e:07:
2e:0c:28:f8:15:4a:7a:b3:ad:db:1c:ad:a6:8a:de:a4:5f:f9:
2a:cf:cf:b0:49:61:51:0a:1b:db:79:d8:78:e2:4c:73:98:8b:
0c:10:5d:31:07:af:59:3c:17:40:6a:05:41:0f:8d:89:02:6f:
ce:4b:6c:89:c0:fc:9c:ae:9f:06:f5:ac:af:e5:82:e7:a0:ef:
c1:74:f1:71:b3:1e:de:b0:47:a6:7f:63:ba:d4:c5:0b:a2:03:
d6:a8:e5:a1:85:83:76:0b:ee:a2:05:50:b4:d3:17:53:20:05:
a0:c8:bf:78:4a:e4:cf:a9:d0:c5:19:79:35:0f:6d:7b:0d:06:
9f:56:2f:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKibComb6m21MALlDU9SEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNkN2ViMzFlNWYzN2JmYTQxNzJlMjJlOWQyZWIxMmJlNWQ1NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss59SG5+c5zwYUCPuqI/e0HxcYTe
nwu8cpSeAvp4mzvilGxiS6MniUvyYBSWbe3xPA1lnMkCfI+b/05R1CwI4DrUI1p3
y7/RkTTIpxHP0+QBuzblL+8yXXmwdV3MoGlLnMU60k2wdck6tjA+ZsTx7zgvx+9g
JCRuxnlZ4Nz3nMqFj9Ka9DcXyjrObf3n2QTZWLVyX5vhwAFfZh+onhP/cZUN7N9U
I079ifX7cJPC87FXN4NPG1v0HXcUqbiTbIxBUdY/miMY4XcDL09JEJJ6GPahTCtr
dj+8Ud2LgcyL5lXAtZ6QRek3vGD9YyAuGkoBK+KgJPYZ9Dd9T019M1P8RwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMrNfrMeXze/pBcuIunS6xK+XVauMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveXMxLXN4NWZONy1rRnk0aTZkTHJFcjVkVnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXavXAwQB
Xy4sMA0GCSqGSIb3DQEBCwUAA4IBAQAO4zij3BsQREbXhHWSHuzC/v0Dnuug5jW5
BtcKhZAKkDB/cBT7+qbIWxd3c/qfT+JamZ/choOxRVrSfZcrocZuT2iQa95vgnmU
/x7eNG5VecY7F9jpOce2qSr8oeaF+lnBwmZZ4h3uuoInGrVVgx+GAivigF+KIBLN
zVu3XgcuDCj4FUp6s63bHK2mit6kX/kqz8+wSWFRChvbedh44kxzmIsMEF0xB69Z
PBdAagVBD42JAm/OS2yJwPycrp8G9ayv5YLnoO/BdPFxsx7esEemf2O61MULogPW
qOWhhYN2C+6iBVC00xdTIAWgyL94SuTPqdDFGXk1D217DQafVi+5
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:29 2025 by rpki-client