Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/yMBoKPzmOwNZ5brLgA5B46-sVmA.roa
File: yMBoKPzmOwNZ5brLgA5B46-sVmA.roa (raw, json)
Hash identifier: SahpC+cOM8PfcnPL2FRXbNh1pB08R3zpD92LhBD6C+A=
Subject key identifier: C8:C0:68:28:FC:E6:3B:03:59:E5:BA:CB:80:0E:41:E3:AF:AC:56:60
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0192B39FA66ECF4F0E3545C612D2F0AC3052
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/yMBoKPzmOwNZ5brLgA5B46-sVmA.roa
Signing time: Tue 22 Oct 2024 09:47:17 +0000
ROA not before: Tue 22 Oct 2024 09:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3360
IP address blocks: 145.61.196.0/24 maxlen: 24
145.61.200.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:9f:a6:6e:cf:4f:0e:35:45:c6:12:d2:f0:ac:30:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Oct 22 09:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8c06828fce63b0359e5bacb800e41e3afac5660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a3:53:50:9e:a4:1a:fd:9e:b4:59:9f:b5:88:
61:34:54:b2:cb:b7:f3:79:32:d5:41:8e:c8:51:7f:
df:6e:df:1a:7a:b9:77:a0:03:7f:53:f3:5b:97:55:
b5:54:c4:55:e2:58:32:d9:27:b0:f4:d6:73:b4:da:
63:73:8f:84:0a:78:c0:ab:ce:9a:69:f3:4e:40:1e:
c1:11:48:d4:a6:cc:6c:c1:00:26:8b:9d:36:99:cb:
0f:95:10:cc:88:0a:45:da:2d:f3:ee:49:33:cd:d4:
53:1b:d9:e5:b1:38:81:65:69:34:bc:9d:51:b7:34:
3c:61:c1:08:91:58:6d:fc:ab:fa:d5:d7:70:d9:50:
92:c1:15:aa:3b:e8:0b:e5:25:91:d6:f1:a7:ea:6b:
64:4d:c4:1a:f3:d6:15:2a:70:fa:47:fc:3b:97:bd:
3b:c8:6d:4a:40:22:82:f9:49:3b:84:e4:50:43:34:
1c:3c:76:62:64:72:77:c3:2a:ba:04:7e:18:f4:6d:
37:d4:00:32:f3:dd:4e:ec:87:8e:1d:58:3a:05:b7:
c0:57:18:38:0e:14:69:9d:9d:14:0a:53:dc:f1:75:
ff:6a:40:4b:e0:b2:28:81:8c:cf:f1:2c:b8:2a:79:
7d:67:56:f7:78:b0:85:b1:3e:f2:34:cd:e4:d8:30:
43:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C0:68:28:FC:E6:3B:03:59:E5:BA:CB:80:0E:41:E3:AF:AC:56:60
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/yMBoKPzmOwNZ5brLgA5B46-sVmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.61.196.0/24
145.61.200.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:dc:9b:39:1e:ee:da:e4:ee:09:46:51:63:82:25:80:ec:a5:
30:fe:fe:d8:04:b9:e7:21:b2:f6:04:e6:dc:84:9d:6d:a7:0f:
0f:af:c9:57:80:19:be:57:45:fe:53:7a:01:5d:cc:c1:c7:41:
af:72:ac:1d:ab:d7:a1:4a:55:05:b5:2c:ef:79:80:49:41:b5:
3a:3f:cf:62:2d:1b:9a:56:b8:d4:de:39:8f:eb:d5:77:58:3d:
8a:9d:6f:00:f7:93:07:2d:df:2f:1f:f2:a5:fb:df:4e:4a:88:
42:6b:35:12:9e:ac:e8:78:20:0e:2e:7c:9b:e5:b7:65:5c:c6:
e4:4e:ab:7c:24:81:2a:bb:6b:24:a9:a3:7a:7b:d0:45:47:21:
73:c0:fb:58:2c:c8:9f:31:ed:10:8d:a1:07:ff:1b:85:52:5d:
47:a8:ab:bb:63:55:43:fa:ba:53:67:70:9d:df:d1:2d:ec:bc:
7a:11:38:e7:21:18:f4:0a:af:9f:bd:98:63:07:0c:79:1d:0d:
4c:2e:6f:87:67:4e:0c:b1:f6:69:60:e7:29:c0:59:c2:be:b7:
c2:a2:be:18:25:88:c7:07:b7:36:ab:45:5a:7f:99:2d:32:e7:
87:b0:d6:40:62:d5:9b:8a:6b:80:b6:51:e3:cb:80:20:cb:a5:
24:8b:f2:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKzn6Zuz08ONUXGEtLwrDBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQxMDIyMDk0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGMwNjgyOGZjZTYzYjAzNTllNWJhY2I4MDBlNDFlM2FmYWM1NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qNTUJ6kGv2etFmftYhhNFSyy7fz
eTLVQY7IUX/fbt8aerl3oAN/U/Nbl1W1VMRV4lgy2Sew9NZztNpjc4+ECnjAq86a
afNOQB7BEUjUpsxswQAmi502mcsPlRDMiApF2i3z7kkzzdRTG9nlsTiBZWk0vJ1R
tzQ8YcEIkVht/Kv61ddw2VCSwRWqO+gL5SWR1vGn6mtkTcQa89YVKnD6R/w7l707
yG1KQCKC+Uk7hORQQzQcPHZiZHJ3wyq6BH4Y9G031AAy891O7IeOHVg6BbfAVxg4
DhRpnZ0UClPc8XX/akBL4LIogYzP8Sy4Knl9Z1b3eLCFsT7yNM3k2DBDewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMjAaCj85jsDWeW6y4AOQeOvrFZgMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEveU1Cb0tQem1Pd05aNWJyTGdBNUI0Ni1zVm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkT3EAwQC
kT3IMA0GCSqGSIb3DQEBCwUAA4IBAQCe3Js5Hu7a5O4JRlFjgiWA7KUw/v7YBLnn
IbL2BObchJ1tpw8Pr8lXgBm+V0X+U3oBXczBx0Gvcqwdq9ehSlUFtSzveYBJQbU6
P89iLRuaVrjU3jmP69V3WD2KnW8A95MHLd8vH/Kl+99OSohCazUSnqzoeCAOLnyb
5bdlXMbkTqt8JIEqu2skqaN6e9BFRyFzwPtYLMifMe0QjaEH/xuFUl1HqKu7Y1VD
+rpTZ3Cd39Et7Lx6ETjnIRj0Cq+fvZhjBwx5HQ1MLm+HZ04MsfZpYOcpwFnCvrfC
or4YJYjHB7c2q0Vaf5ktMueHsNZAYtWbimuAtlHjy4Agy6Uki/Ix
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:38:52 2025 by rpki-client