Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/YPjkXXdfI0pLds_byZRGFwE6oas.roa
File: YPjkXXdfI0pLds_byZRGFwE6oas.roa (raw, json)
Hash identifier: B96mAdCM3acpjwmB4a8vkotlAHrbZnARFtUTd5CZ/Qo=
Subject key identifier: 60:F8:E4:5D:77:5F:23:4A:4B:76:CF:DB:C9:94:46:17:01:3A:A1:AB
Certificate issuer: /CN=1efcab4deded66abef7cd7ed72657bc03a8229d6
Certificate serial: 018CC9BC04FCCBACB5A993F17AFADE1E4F7B
Authority key identifier: 1E:FC:AB:4D:ED:ED:66:AB:EF:7C:D7:ED:72:65:7B:C0:3A:82:29:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvyrTe3tZqvvfNftcmV7wDqCKdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/YPjkXXdfI0pLds_byZRGFwE6oas.roa
Signing time: Tue 02 Jan 2024 10:33:11 +0000
ROA not before: Tue 02 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47180
IP address blocks: 194.179.140.0/22 maxlen: 22
2a13:f8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:04:fc:cb:ac:b5:a9:93:f1:7a:fa:de:1e:4f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efcab4deded66abef7cd7ed72657bc03a8229d6
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f8e45d775f234a4b76cfdbc9944617013aa1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:66:8a:0c:65:3b:22:15:09:e5:0b:5a:9b:4f:
b7:e8:5b:81:5b:04:f3:ee:f3:5f:a3:00:9a:2d:7e:
a3:b3:d0:fd:b9:b6:0c:e8:33:d2:b5:b7:29:e9:64:
67:80:10:c1:36:3b:b4:97:7f:a4:89:bf:8a:81:68:
6a:dd:50:89:1e:b1:21:aa:f3:20:f9:21:d8:79:8f:
a7:92:75:37:6c:d3:d3:b9:b1:4b:0c:65:97:ad:b5:
03:0b:f0:2e:06:91:f6:bf:04:64:cc:c2:ee:63:3f:
c1:4b:5a:3c:4f:7e:f9:c4:b3:94:85:0e:9c:e9:2b:
0f:97:d7:9c:70:36:83:4f:59:12:87:fc:4a:8b:38:
00:fd:ab:56:d0:85:2f:29:0e:60:74:1f:51:8d:80:
27:54:5a:23:b6:25:2b:28:6b:92:ed:a5:1a:3b:06:
61:f5:f1:bd:38:d6:82:10:f7:d9:bf:0c:8c:47:94:
81:dc:e5:3b:e0:e0:86:25:91:c5:17:4c:a8:94:6c:
27:ff:50:b4:35:d2:d1:c3:93:e4:48:92:0f:9f:36:
22:93:47:84:f8:8d:21:c9:ce:5f:7c:fd:8a:16:c2:
fa:01:a7:dc:46:06:c7:1d:cc:3a:22:e8:ef:4c:14:
8d:ce:ce:72:6a:99:16:53:12:f0:c6:02:ad:7e:79:
74:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F8:E4:5D:77:5F:23:4A:4B:76:CF:DB:C9:94:46:17:01:3A:A1:AB
X509v3 Authority Key Identifier:
keyid:1E:FC:AB:4D:ED:ED:66:AB:EF:7C:D7:ED:72:65:7B:C0:3A:82:29:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvyrTe3tZqvvfNftcmV7wDqCKdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/YPjkXXdfI0pLds_byZRGFwE6oas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/HvyrTe3tZqvvfNftcmV7wDqCKdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.179.140.0/22
IPv6:
2a13:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:57:de:22:6b:08:e5:ab:22:c3:69:d0:05:43:58:01:d8:82:
57:b7:38:59:bf:d0:b0:27:1c:c3:06:0f:37:16:73:e3:bb:7d:
db:24:e0:9c:09:da:e1:ab:95:26:53:59:8e:9f:08:ff:d6:49:
c3:1f:b8:1d:dd:67:39:61:90:59:1c:0c:f2:59:6d:77:9b:21:
50:29:ed:56:2f:1a:7b:90:c1:5b:32:d3:08:9a:75:3c:a9:f6:
e3:23:ab:b4:a7:99:8f:b1:70:b2:9b:38:35:1f:9c:b2:0f:a0:
ef:b5:c1:0c:5c:ee:32:75:6f:bb:8e:0f:13:3d:6b:27:68:0f:
b8:cf:e1:fe:a2:f3:01:e5:7d:15:28:3f:9e:5c:4d:b1:ec:01:
46:d4:2d:de:ef:a3:36:a2:7d:61:97:26:1d:16:8c:25:ac:63:
d2:13:ad:99:29:51:9b:e2:90:82:3a:4f:f8:cc:0c:de:b5:6d:
d3:8c:4c:b2:57:8f:71:1f:2e:54:af:06:43:75:52:01:dd:ab:
bb:88:c3:31:dd:d7:fa:8c:03:c7:82:2f:fe:35:58:4f:29:77:
0e:6b:c6:64:aa:12:d4:05:41:67:e6:95:b7:75:26:d3:40:c5:
a8:28:17:83:c2:68:78:9b:95:93:ec:9f:39:91:06:a5:6e:0d:
c6:d5:3a:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvAT8y6y1qZPxevreHk97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmNhYjRkZWRlZDY2YWJlZjdjZDdlZDcyNjU3YmMwM2E4
MjI5ZDYwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY4ZTQ1ZDc3NWYyMzRhNGI3NmNmZGJjOTk0NDYxNzAxM2FhMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGaKDGU7IhUJ5Qtam0+36FuBWwTz
7vNfowCaLX6js9D9ubYM6DPStbcp6WRngBDBNju0l3+kib+KgWhq3VCJHrEhqvMg
+SHYeY+nknU3bNPTubFLDGWXrbUDC/AuBpH2vwRkzMLuYz/BS1o8T375xLOUhQ6c
6SsPl9eccDaDT1kSh/xKizgA/atW0IUvKQ5gdB9RjYAnVFojtiUrKGuS7aUaOwZh
9fG9ONaCEPfZvwyMR5SB3OU74OCGJZHFF0yolGwn/1C0NdLRw5PkSJIPnzYik0eE
+I0hyc5ffP2KFsL6AafcRgbHHcw6IujvTBSNzs5yapkWUxLwxgKtfnl0JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGD45F13XyNKS3bP28mURhcBOqGrMB8GA1UdIwQY
MBaAFB78q03t7War73zX7XJle8A6ginWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZ5clRlM3RacXZ2Zk5mdGNtVjd3RHFDS2RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jN2M4M2YtZmFjMi00NTUxLThmNzgt
OTFhNzdlYTA1ZGYxLzEvWVBqa1hYZGZJMHBMZHNfYnlaUkdGd0U2b2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jN2M4M2YtZmFjMi00NTUxLThmNzgtOTFhNzdlYTA1ZGYx
LzEvSHZ5clRlM3RacXZ2Zk5mdGNtVjd3RHFDS2RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwrOMMA0E
AgACMAcDBQMqE/jAMA0GCSqGSIb3DQEBCwUAA4IBAQCLV94iawjlqyLDadAFQ1gB
2IJXtzhZv9CwJxzDBg83FnPju33bJOCcCdrhq5UmU1mOnwj/1knDH7gd3Wc5YZBZ
HAzyWW13myFQKe1WLxp7kMFbMtMImnU8qfbjI6u0p5mPsXCymzg1H5yyD6DvtcEM
XO4ydW+7jg8TPWsnaA+4z+H+ovMB5X0VKD+eXE2x7AFG1C3e76M2on1hlyYdFowl
rGPSE62ZKVGb4pCCOk/4zAzetW3TjEyyV49xHy5UrwZDdVIB3au7iMMx3df6jAPH
gi/+NVhPKXcOa8ZkqhLUBUFn5pW3dSbTQMWoKBeDwmh4m5WT7J85kQalbg3G1Tr2
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:53:32 2025 by rpki-client