Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/yX5XyDfwrMipISeXGBrRBs1zFHI.roa
File: yX5XyDfwrMipISeXGBrRBs1zFHI.roa (raw, json)
Hash identifier: xDJv8YAIlZ29xBo6GingMJ1YxTOZ24uIskZ6h1b6LPQ=
Subject key identifier: C9:7E:57:C8:37:F0:AC:C8:A9:21:27:97:18:1A:D1:06:CD:73:14:72
Certificate issuer: /CN=ffd3c1742fc05a80a2dc6bb0ebe1030a9bbc8c94
Certificate serial: 018CC9BC7A5472C2E72CB0B808F57822E702
Authority key identifier: FF:D3:C1:74:2F:C0:5A:80:A2:DC:6B:B0:EB:E1:03:0A:9B:BC:8C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9PBdC_AWoCi3Guw6-EDCpu8jJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/yX5XyDfwrMipISeXGBrRBs1zFHI.roa
Signing time: Tue 02 Jan 2024 10:33:41 +0000
ROA not before: Tue 02 Jan 2024 10:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 193.36.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:7a:54:72:c2:e7:2c:b0:b8:08:f5:78:22:e7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffd3c1742fc05a80a2dc6bb0ebe1030a9bbc8c94
Validity
Not Before: Jan 2 10:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c97e57c837f0acc8a9212797181ad106cd731472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:78:70:19:29:cc:80:bd:55:1d:f2:ca:9d:d4:
fb:3e:c8:68:fb:a7:a4:f4:14:5e:50:1e:a1:85:06:
44:76:97:69:72:09:c3:a8:98:69:ea:4c:1e:d7:f2:
92:c8:c1:cb:76:8f:95:d4:41:16:e1:17:ab:81:21:
16:d9:7f:35:28:0b:ea:c5:c2:5c:7a:3f:ff:b2:54:
ef:9b:6a:1c:26:ec:64:90:dd:10:2d:b4:be:62:8f:
c9:e4:b7:d9:47:41:ce:75:45:4f:e4:03:f6:2f:54:
8a:d4:4b:7a:a4:56:95:64:b2:3b:30:55:c2:ee:6b:
c8:2a:56:b2:6d:00:44:f4:84:55:dd:3e:30:a5:d9:
6f:c6:3d:97:1b:dc:e5:3e:b6:17:91:f6:09:e2:36:
90:48:3f:87:04:fe:6d:6a:76:cd:95:29:ac:bb:9d:
2e:db:b9:ed:82:3f:71:2b:99:99:0c:53:17:a1:d7:
40:d5:29:39:d3:b1:f3:de:b6:f7:0f:6b:69:fc:69:
65:2a:5b:ba:f7:fd:29:b0:ca:f2:dc:25:6d:de:8c:
96:29:a1:1c:9a:79:8f:27:27:34:c7:66:84:6c:a6:
07:8b:45:ae:db:19:bb:7d:9b:e9:7c:3d:8d:8b:5e:
14:de:c6:21:6b:60:95:9f:20:56:de:6f:c9:92:b6:
6f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7E:57:C8:37:F0:AC:C8:A9:21:27:97:18:1A:D1:06:CD:73:14:72
X509v3 Authority Key Identifier:
keyid:FF:D3:C1:74:2F:C0:5A:80:A2:DC:6B:B0:EB:E1:03:0A:9B:BC:8C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9PBdC_AWoCi3Guw6-EDCpu8jJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/yX5XyDfwrMipISeXGBrRBs1zFHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/_9PBdC_AWoCi3Guw6-EDCpu8jJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.177.0/24
Signature Algorithm: sha256WithRSAEncryption
69:15:06:e7:6f:19:64:34:89:04:f9:de:9e:fa:f8:64:11:fb:
b6:30:d6:36:0b:1f:2d:57:0b:3f:3d:8e:41:ed:f2:52:52:ee:
8e:75:97:13:31:d0:11:38:a0:ef:ef:b0:c5:81:c1:f3:82:8c:
5f:03:98:d7:e3:9a:b6:8e:94:da:72:eb:95:f9:dc:4f:95:39:
38:5b:e6:a3:21:92:ef:4e:5c:fa:af:7a:a1:e1:ad:28:fc:e0:
a5:3d:59:d6:1a:61:9d:3d:e6:4b:81:de:7c:93:d1:77:1b:56:
93:0c:71:11:25:c3:19:f5:2b:85:53:7c:44:9e:bc:fc:ae:a7:
41:39:59:9c:6b:23:90:a7:64:33:e4:eb:fd:81:06:c4:b2:b6:
e5:17:8d:8b:77:6b:56:f8:02:ce:64:4d:ab:8c:1d:a6:dc:41:
c7:c7:72:76:1a:17:12:8a:30:ed:6b:7d:01:c0:d2:4d:c1:26:
3c:cc:30:43:07:6a:da:1a:e4:60:9b:cf:db:e9:a9:9a:f9:11:
49:29:ee:ec:c9:da:61:4b:5d:18:24:72:c1:fa:ad:6a:bd:5a:
fa:cd:4e:b9:b7:45:14:10:e7:e4:82:5f:74:b4:03:fd:0c:a8:
6b:b8:c1:f8:d2:33:f9:09:8d:08:cd:1b:35:56:7f:df:ca:1d:
7b:5b:af:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvHpUcsLnLLC4CPV4IucCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDNjMTc0MmZjMDVhODBhMmRjNmJiMGViZTEwMzBhOWJi
YzhjOTQwHhcNMjQwMTAyMTAzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdlNTdjODM3ZjBhY2M4YTkyMTI3OTcxODFhZDEwNmNkNzMxNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHhwGSnMgL1VHfLKndT7Psho+6ek
9BReUB6hhQZEdpdpcgnDqJhp6kwe1/KSyMHLdo+V1EEW4RergSEW2X81KAvqxcJc
ej//slTvm2ocJuxkkN0QLbS+Yo/J5LfZR0HOdUVP5AP2L1SK1Et6pFaVZLI7MFXC
7mvIKlaybQBE9IRV3T4wpdlvxj2XG9zlPrYXkfYJ4jaQSD+HBP5tanbNlSmsu50u
27ntgj9xK5mZDFMXoddA1Sk507Hz3rb3D2tp/GllKlu69/0psMry3CVt3oyWKaEc
mnmPJyc0x2aEbKYHi0Wu2xm7fZvpfD2Ni14U3sYha2CVnyBW3m/JkrZveQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl+V8g38KzIqSEnlxga0QbNcxRyMB8GA1UdIwQY
MBaAFP/TwXQvwFqAotxrsOvhAwqbvIyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlQQmRDX0FXb0NpM0d1dzYtRURDcHU4akpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jMzNkZjktZWRkNS00NjNiLWIwNTIt
MGYwYmM0MDFlMWUxLzEveVg1WHlEZndyTWlwSVNlWEdCclJCczF6RkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jMzNkZjktZWRkNS00NjNiLWIwNTItMGYwYmM0MDFlMWUx
LzEvXzlQQmRDX0FXb0NpM0d1dzYtRURDcHU4akpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSSxMA0G
CSqGSIb3DQEBCwUAA4IBAQBpFQbnbxlkNIkE+d6e+vhkEfu2MNY2Cx8tVws/PY5B
7fJSUu6OdZcTMdAROKDv77DFgcHzgoxfA5jX45q2jpTacuuV+dxPlTk4W+ajIZLv
Tlz6r3qh4a0o/OClPVnWGmGdPeZLgd58k9F3G1aTDHERJcMZ9SuFU3xEnrz8rqdB
OVmcayOQp2Qz5Ov9gQbEsrblF42Ld2tW+ALOZE2rjB2m3EHHx3J2GhcSijDta30B
wNJNwSY8zDBDB2raGuRgm8/b6ama+RFJKe7sydphS10YJHLB+q1qvVr6zU65t0UU
EOfkgl90tAP9DKhruMH40jP5CY0IzRs1Vn/fyh17W6/b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:36 2025 by rpki-client