Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/eYndrnHpXi0VDhjSzFgsGTT2lHU.roa
File: eYndrnHpXi0VDhjSzFgsGTT2lHU.roa (raw, json)
Hash identifier: +hYmUDmm1ODLXl4+hUp+IoOboUT3sqAh4oE2x/u1oA0=
Subject key identifier: 79:89:DD:AE:71:E9:5E:2D:15:0E:18:D2:CC:58:2C:19:34:F6:94:75
Certificate issuer: /CN=60dc5a00368d8ae1fba995431f03a4131add8a9a
Certificate serial: 018CCA2BD0BD455A7D898E5A1E8F6D22FDE7
Authority key identifier: 60:DC:5A:00:36:8D:8A:E1:FB:A9:95:43:1F:03:A4:13:1A:DD:8A:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNxaADaNiuH7qZVDHwOkExrdipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/eYndrnHpXi0VDhjSzFgsGTT2lHU.roa
Signing time: Tue 02 Jan 2024 12:35:18 +0000
ROA not before: Tue 02 Jan 2024 12:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43973
IP address blocks: 195.189.100.0/22 maxlen: 22
195.189.100.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 13 Feb 2024 09:38:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d0:bd:45:5a:7d:89:8e:5a:1e:8f:6d:22:fd:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60dc5a00368d8ae1fba995431f03a4131add8a9a
Validity
Not Before: Jan 2 12:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7989ddae71e95e2d150e18d2cc582c1934f69475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:af:1c:bf:85:a7:30:17:68:33:0d:1d:4d:
31:c9:51:d0:11:cc:cf:27:97:fd:9f:be:30:6f:9e:
a3:82:db:f4:e5:48:46:b3:31:17:71:ab:b3:68:d1:
1b:66:fb:5f:bf:2f:8a:07:7e:cb:da:74:b0:5f:cc:
0a:4b:d2:33:ed:81:d0:71:90:1c:51:86:52:5c:fb:
79:66:b4:e2:f3:80:31:75:60:c7:1e:3d:62:7e:23:
d8:38:49:f9:e0:79:31:b9:e6:e9:40:cc:dd:1e:43:
d2:b4:b9:16:88:ac:3f:1b:17:99:d8:5d:cc:24:86:
aa:2e:84:c2:f8:31:a1:07:3d:44:71:67:54:23:a2:
ef:0a:58:b6:0d:a3:93:8e:a7:6e:08:36:4e:5f:89:
a3:6d:5f:e8:80:32:15:f1:a8:03:e9:67:6d:aa:de:
22:cc:13:ab:22:f6:a9:74:b4:99:5d:b2:6f:a6:8e:
0e:13:e1:2e:b9:fa:35:6b:de:ef:0e:ba:05:91:79:
6f:75:5a:3b:07:05:a3:ea:93:29:6a:35:46:0d:61:
9f:f7:80:dd:23:16:d6:2a:f1:08:76:12:e7:4d:c4:
f2:0d:fb:28:cc:f7:c2:9d:6a:8e:ab:02:1b:86:01:
96:93:54:15:3f:c0:97:90:a8:79:28:e5:8e:90:e6:
86:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:89:DD:AE:71:E9:5E:2D:15:0E:18:D2:CC:58:2C:19:34:F6:94:75
X509v3 Authority Key Identifier:
keyid:60:DC:5A:00:36:8D:8A:E1:FB:A9:95:43:1F:03:A4:13:1A:DD:8A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNxaADaNiuH7qZVDHwOkExrdipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/eYndrnHpXi0VDhjSzFgsGTT2lHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/YNxaADaNiuH7qZVDHwOkExrdipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:cd:4d:ed:97:44:c1:c7:3f:7c:0f:67:a5:73:e4:c2:3f:31:
83:8f:28:13:2b:c3:01:27:30:7a:0b:ea:ca:f5:1a:8c:02:d4:
8b:3a:bb:47:da:44:51:f6:bd:c4:d5:37:ed:48:c1:84:cc:d2:
44:76:47:7d:ee:ac:93:1c:c5:97:c7:91:50:e0:0c:71:af:e4:
4d:df:31:76:45:62:4b:be:b6:d0:46:fb:1c:d5:20:f3:fc:27:
e6:0e:91:3e:15:a5:0b:b3:3b:02:87:13:09:0a:01:1e:1a:01:
fc:03:14:3d:44:5c:37:4d:b2:44:51:c5:87:d3:3c:ee:75:6c:
f7:a6:a6:f5:e6:9f:91:52:a5:91:71:90:ad:eb:04:8e:e0:46:
30:d1:76:3e:d0:de:16:99:05:84:0a:6c:17:49:04:a2:7d:c7:
8b:1f:c9:57:49:50:e7:5f:1c:c3:4c:92:91:cc:f2:f3:86:58:
06:c9:8a:f4:b1:ef:e6:ca:25:29:2c:32:0e:6f:65:26:90:4b:
ca:ba:0b:d4:a4:3a:26:0b:9a:33:d5:ff:3f:cc:43:d1:24:ae:
2d:8f:23:c5:57:f8:ee:af:dc:4f:41:01:4d:85:b4:cb:28:c0:
11:42:c3:fd:02:0c:0b:3c:1a:76:cf:16:42:c1:b7:a3:84:e1:
8d:88:96:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK9C9RVp9iY5aHo9tIv3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZGM1YTAwMzY4ZDhhZTFmYmE5OTU0MzFmMDNhNDEzMWFk
ZDhhOWEwHhcNMjQwMTAyMTIzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTg5ZGRhZTcxZTk1ZTJkMTUwZTE4ZDJjYzU4MmMxOTM0ZjY5NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsayvHL+FpzAXaDMNHU0xyVHQEczP
J5f9n74wb56jgtv05UhGszEXcauzaNEbZvtfvy+KB37L2nSwX8wKS9Iz7YHQcZAc
UYZSXPt5ZrTi84AxdWDHHj1ifiPYOEn54HkxuebpQMzdHkPStLkWiKw/GxeZ2F3M
JIaqLoTC+DGhBz1EcWdUI6LvCli2DaOTjqduCDZOX4mjbV/ogDIV8agD6Wdtqt4i
zBOrIvapdLSZXbJvpo4OE+Euufo1a97vDroFkXlvdVo7BwWj6pMpajVGDWGf94Dd
IxbWKvEIdhLnTcTyDfsozPfCnWqOqwIbhgGWk1QVP8CXkKh5KOWOkOaG/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmJ3a5x6V4tFQ4Y0sxYLBk09pR1MB8GA1UdIwQY
MBaAFGDcWgA2jYrh+6mVQx8DpBMa3YqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU54YUFEYU5pdUg3cVpWREh3T2tFeHJkaXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi80M2Q2M2EtYTkzNi00NTkzLTg4MjYt
ZWJiMzk4MmMyZWIwLzEvZVluZHJuSHBYaTBWRGhqU3pGZ3NHVFQybEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi80M2Q2M2EtYTkzNi00NTkzLTg4MjYtZWJiMzk4MmMyZWIw
LzEvWU54YUFEYU5pdUg3cVpWREh3T2tFeHJkaXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw71kMA0G
CSqGSIb3DQEBCwUAA4IBAQAfzU3tl0TBxz98D2elc+TCPzGDjygTK8MBJzB6C+rK
9RqMAtSLOrtH2kRR9r3E1TftSMGEzNJEdkd97qyTHMWXx5FQ4Axxr+RN3zF2RWJL
vrbQRvsc1SDz/CfmDpE+FaULszsChxMJCgEeGgH8AxQ9RFw3TbJEUcWH0zzudWz3
pqb15p+RUqWRcZCt6wSO4EYw0XY+0N4WmQWECmwXSQSifceLH8lXSVDnXxzDTJKR
zPLzhlgGyYr0se/myiUpLDIOb2UmkEvKugvUpDomC5oz1f8/zEPRJK4tjyPFV/ju
r9xPQQFNhbTLKMARQsP9AgwLPBp2zxZCwbejhOGNiJb/
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:30:49 2025 by rpki-client