Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/5873c4-b5e5-497e-9242-fe0b2226cfb3/1/yeYsD1uZfuwm7p_lm9bEEldcttg.roa
File: yeYsD1uZfuwm7p_lm9bEEldcttg.roa (raw, json)
Hash identifier: 2I2GJKtPi2OtWzB7w2D/R768dRtm9J/RwDV3FX9+KIs=
Subject key identifier: C9:E6:2C:0F:5B:99:7E:EC:26:EE:9F:E5:9B:D6:C4:12:57:5C:B6:D8
Certificate issuer: /CN=f266a0f986f21945c80d831567baf29620107adc
Certificate serial: 018CC727302A9DD6A493F0BDE6F0608929E9
Authority key identifier: F2:66:A0:F9:86:F2:19:45:C8:0D:83:15:67:BA:F2:96:20:10:7A:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mag-YbyGUXIDYMVZ7ryliAQetw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/5873c4-b5e5-497e-9242-fe0b2226cfb3/1/yeYsD1uZfuwm7p_lm9bEEldcttg.roa
Signing time: Mon 01 Jan 2024 22:31:23 +0000
ROA not before: Mon 01 Jan 2024 22:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209931
IP address blocks: 212.162.128.0/24 maxlen: 24
212.162.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:30:2a:9d:d6:a4:93:f0:bd:e6:f0:60:89:29:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f266a0f986f21945c80d831567baf29620107adc
Validity
Not Before: Jan 1 22:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e62c0f5b997eec26ee9fe59bd6c412575cb6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ef:3e:35:cd:1a:45:9e:45:be:1d:b9:af:28:
80:65:8f:83:52:36:a8:d4:40:78:1a:9a:26:3e:2c:
5d:ae:a1:54:26:e1:f9:a3:24:22:18:74:ae:a1:ca:
99:b1:d3:e9:ea:34:b3:93:20:1a:be:a3:e2:ee:93:
87:5c:ab:bc:dd:ab:08:57:ca:c8:9b:ca:77:28:e0:
63:77:db:ba:33:aa:9f:34:c0:40:f2:70:e5:7e:19:
fb:f7:16:ac:21:c0:4b:d2:bd:12:a2:b0:2b:aa:ee:
c3:2c:41:14:d4:19:d7:c1:24:e3:85:30:5b:d5:b0:
18:3c:f9:0d:dd:ee:73:c8:a8:7d:36:f9:6c:63:77:
21:1d:63:96:40:19:5f:34:0e:12:ac:8e:d8:99:e0:
b8:29:7a:d8:89:47:c6:49:ab:36:c5:cf:9c:00:4c:
7d:ce:39:c9:45:72:b8:33:d9:d3:e1:94:b4:da:66:
48:39:8e:57:04:6a:5a:21:6e:f4:da:f3:ff:90:bb:
07:06:c7:1b:64:cb:34:e8:96:18:2a:15:3f:85:73:
04:93:cd:a3:6f:b8:7c:c5:86:4b:a3:75:88:b3:8f:
c0:2f:c1:ab:d6:8b:47:75:d1:32:48:23:74:7c:d4:
41:b4:87:32:fb:85:01:94:71:7b:ad:92:6c:06:b5:
21:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E6:2C:0F:5B:99:7E:EC:26:EE:9F:E5:9B:D6:C4:12:57:5C:B6:D8
X509v3 Authority Key Identifier:
keyid:F2:66:A0:F9:86:F2:19:45:C8:0D:83:15:67:BA:F2:96:20:10:7A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mag-YbyGUXIDYMVZ7ryliAQetw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5873c4-b5e5-497e-9242-fe0b2226cfb3/1/yeYsD1uZfuwm7p_lm9bEEldcttg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5873c4-b5e5-497e-9242-fe0b2226cfb3/1/8mag-YbyGUXIDYMVZ7ryliAQetw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.162.128.0/23
Signature Algorithm: sha256WithRSAEncryption
75:23:28:34:22:da:b5:e8:d3:0b:fc:4b:1e:14:af:ed:bf:9f:
94:6d:a5:57:21:47:8f:98:45:b4:a3:39:db:a6:7e:9b:6f:7a:
e8:2c:f7:d8:dc:6f:2c:8d:5f:80:04:13:d8:aa:4b:5a:60:86:
9f:68:58:17:44:a6:32:14:f3:97:23:e1:7e:d5:a1:23:21:61:
0f:f8:4c:7b:e5:80:44:20:c8:1f:44:b7:3d:75:c8:9f:a5:dc:
a7:97:fa:1d:49:2b:77:be:d8:34:1c:83:2d:68:f8:ac:90:98:
df:e5:fd:97:82:87:74:7d:b6:e9:17:68:cf:73:f8:e8:51:9a:
5b:b8:43:f7:a7:4e:31:4d:a8:2a:e0:54:d8:ea:7d:b9:4a:2c:
84:e6:d4:8f:4c:38:33:eb:aa:cb:9d:38:35:be:08:64:89:05:
7b:31:4e:52:56:69:e2:cb:04:ba:ae:36:6b:e6:9c:fd:0b:ea:
3d:e2:a8:f9:d3:0b:82:33:00:77:52:af:e3:8d:6f:69:59:ef:
4a:29:1a:71:34:f2:31:7f:eb:ef:8a:fb:87:01:0d:a8:75:96:
64:1c:aa:c3:99:e0:56:0c:20:3d:da:3e:5c:38:3b:f0:8b:bf:
75:40:85:79:f5:9d:6c:33:67:53:47:1e:ea:cc:a0:75:e9:c3:
29:91:a4:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJzAqndakk/C95vBgiSnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjZhMGY5ODZmMjE5NDVjODBkODMxNTY3YmFmMjk2MjAx
MDdhZGMwHhcNMjQwMTAxMjIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU2MmMwZjViOTk3ZWVjMjZlZTlmZTU5YmQ2YzQxMjU3NWNiNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO8+Nc0aRZ5Fvh25ryiAZY+DUjao
1EB4GpomPixdrqFUJuH5oyQiGHSuocqZsdPp6jSzkyAavqPi7pOHXKu83asIV8rI
m8p3KOBjd9u6M6qfNMBA8nDlfhn79xasIcBL0r0SorArqu7DLEEU1BnXwSTjhTBb
1bAYPPkN3e5zyKh9NvlsY3chHWOWQBlfNA4SrI7YmeC4KXrYiUfGSas2xc+cAEx9
zjnJRXK4M9nT4ZS02mZIOY5XBGpaIW702vP/kLsHBscbZMs06JYYKhU/hXMEk82j
b7h8xYZLo3WIs4/AL8Gr1otHddEySCN0fNRBtIcy+4UBlHF7rZJsBrUhlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnmLA9bmX7sJu6f5ZvWxBJXXLbYMB8GA1UdIwQY
MBaAFPJmoPmG8hlFyA2DFWe68pYgEHrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1hZy1ZYnlHVVhJRFlNVlo3cnlsaUFRZXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81ODczYzQtYjVlNS00OTdlLTkyNDIt
ZmUwYjIyMjZjZmIzLzEveWVZc0QxdVpmdXdtN3BfbG05YkVFbGRjdHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81ODczYzQtYjVlNS00OTdlLTkyNDItZmUwYjIyMjZjZmIz
LzEvOG1hZy1ZYnlHVVhJRFlNVlo3cnlsaUFRZXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1KKAMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Iyg0Itq16NML/EseFK/tv5+UbaVXIUePmEW0oznb
pn6bb3roLPfY3G8sjV+ABBPYqktaYIafaFgXRKYyFPOXI+F+1aEjIWEP+Ex75YBE
IMgfRLc9dcifpdynl/odSSt3vtg0HIMtaPiskJjf5f2Xgod0fbbpF2jPc/joUZpb
uEP3p04xTagq4FTY6n25SiyE5tSPTDgz66rLnTg1vghkiQV7MU5SVmniywS6rjZr
5pz9C+o94qj50wuCMwB3Uq/jjW9pWe9KKRpxNPIxf+vvivuHAQ2odZZkHKrDmeBW
DCA92j5cODvwi791QIV59Z1sM2dTRx7qzKB16cMpkaTp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:18 2025 by rpki-client