Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/42rZyeprEZLzigalVyuekN0x2Zk.roa
File: 42rZyeprEZLzigalVyuekN0x2Zk.roa (raw, json)
Hash identifier: 48zpDFGpHL+yVv+vtg5IwGNloWENHNqbu2IZ3DHRcZ0=
Subject key identifier: E3:6A:D9:C9:EA:6B:11:92:F3:8A:06:A5:57:2B:9E:90:DD:31:D9:99
Certificate issuer: /CN=614256ed38fb1e96944926db4c66c4d088acfbd6
Certificate serial: 018CC6B839049743034BC14F86D31BBBBE2D
Authority key identifier: 61:42:56:ED:38:FB:1E:96:94:49:26:DB:4C:66:C4:D0:88:AC:FB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUJW7Tj7HpaUSSbbTGbE0Iis-9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/42rZyeprEZLzigalVyuekN0x2Zk.roa
Signing time: Mon 01 Jan 2024 20:30:11 +0000
ROA not before: Mon 01 Jan 2024 20:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207017
IP address blocks: 185.168.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:39:04:97:43:03:4b:c1:4f:86:d3:1b:bb:be:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614256ed38fb1e96944926db4c66c4d088acfbd6
Validity
Not Before: Jan 1 20:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e36ad9c9ea6b1192f38a06a5572b9e90dd31d999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:71:80:e1:cf:09:a8:b3:56:33:dd:62:f7:a8:
50:31:90:9a:57:10:17:c3:b7:3d:4d:81:f3:03:5d:
f3:b1:66:35:6d:93:9a:bc:76:81:f3:04:9a:64:ad:
2f:bd:7a:4e:14:7b:1c:16:9b:85:ff:ce:d0:bd:72:
de:d6:ef:7e:57:4b:31:95:e5:89:4b:06:56:c1:fa:
db:ca:ec:9e:88:dd:61:fa:43:6d:a0:76:4e:d7:43:
12:81:ca:a0:93:37:bc:53:4f:f5:3a:9e:92:59:55:
59:62:cb:5a:f1:b4:5a:40:13:7c:e9:af:ba:c9:b8:
40:62:b1:ec:8b:c3:a8:7f:bf:b1:a2:f0:b1:93:86:
4d:05:f8:94:79:fc:94:50:44:d2:0f:6e:f9:42:4d:
da:0e:e9:53:f5:e7:88:26:d2:23:d4:52:75:f4:1c:
46:58:c4:6a:36:e4:8c:65:d3:41:f4:29:78:53:55:
54:5d:b7:a7:50:97:14:8b:4b:90:6b:9b:06:5c:1c:
ae:40:30:4f:59:3c:ad:57:38:a7:da:7b:6d:9a:bf:
55:95:aa:1a:13:8d:61:ac:3f:2e:68:36:ae:cf:a1:
4d:7e:6d:59:92:47:b2:9c:56:c6:f0:9d:6e:e0:d6:
68:02:17:2b:44:7a:90:39:94:3e:cd:5c:53:81:a0:
8e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6A:D9:C9:EA:6B:11:92:F3:8A:06:A5:57:2B:9E:90:DD:31:D9:99
X509v3 Authority Key Identifier:
keyid:61:42:56:ED:38:FB:1E:96:94:49:26:DB:4C:66:C4:D0:88:AC:FB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUJW7Tj7HpaUSSbbTGbE0Iis-9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/42rZyeprEZLzigalVyuekN0x2Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/YUJW7Tj7HpaUSSbbTGbE0Iis-9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
28:39:5d:c9:d5:84:22:6a:7a:ff:d4:12:a7:d1:58:a2:81:ed:
0e:a8:f7:51:de:68:93:e8:12:9d:ab:53:43:c8:64:9d:48:7a:
83:c5:49:08:95:60:27:28:9a:4c:bf:f7:a5:e5:22:da:de:24:
8c:9a:bc:62:20:1b:75:7b:6b:72:2a:4e:36:c0:22:58:b1:5c:
30:51:2f:39:94:de:9b:4c:94:b5:2d:1c:5b:a2:67:79:14:50:
74:ae:e5:a8:17:41:2a:f3:cf:2a:f7:29:e6:e0:d9:90:f4:6a:
8f:1f:9c:6d:3e:ea:c7:11:22:2f:2b:fa:e3:e1:20:48:b2:79:
64:b9:d5:eb:89:fe:a8:24:c6:62:fe:5c:86:84:74:77:8f:88:
c4:f7:0d:98:01:47:8d:ce:d8:f3:a1:cf:e0:ee:9e:21:04:4e:
b3:5b:3a:9e:56:0f:e7:b2:29:3d:38:d1:aa:41:ae:53:f3:6b:
d2:ff:1e:7e:5c:7f:35:f2:79:4a:61:bc:c2:01:2c:6d:e2:dc:
6f:c5:52:e8:35:84:a9:bf:be:c6:4a:ea:34:8b:6a:04:bc:26:
f0:95:a1:6e:16:e0:35:54:45:77:18:d2:83:06:46:21:3d:73:
6d:6c:55:99:b3:db:9c:20:d4:d9:e2:70:eb:08:82:75:45:9a:
20:42:5a:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuDkEl0MDS8FPhtMbu74tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNDI1NmVkMzhmYjFlOTY5NDQ5MjZkYjRjNjZjNGQwODhh
Y2ZiZDYwHhcNMjQwMTAxMjAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZhZDljOWVhNmIxMTkyZjM4YTA2YTU1NzJiOWU5MGRkMzFkOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXGA4c8JqLNWM91i96hQMZCaVxAX
w7c9TYHzA13zsWY1bZOavHaB8wSaZK0vvXpOFHscFpuF/87QvXLe1u9+V0sxleWJ
SwZWwfrbyuyeiN1h+kNtoHZO10MSgcqgkze8U0/1Op6SWVVZYsta8bRaQBN86a+6
ybhAYrHsi8Oof7+xovCxk4ZNBfiUefyUUETSD275Qk3aDulT9eeIJtIj1FJ19BxG
WMRqNuSMZdNB9Cl4U1VUXbenUJcUi0uQa5sGXByuQDBPWTytVzin2nttmr9Vlaoa
E41hrD8uaDauz6FNfm1ZkkeynFbG8J1u4NZoAhcrRHqQOZQ+zVxTgaCOYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONq2cnqaxGS84oGpVcrnpDdMdmZMB8GA1UdIwQY
MBaAFGFCVu04+x6WlEkm20xmxNCIrPvWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVVKVzdUajdIcGFVU1NiYlRHYkUwSWlzLTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9mY2EzNjktNmI4NS00ZTAzLWFiNzEt
NjhiYTZjNTRlZjlhLzEvNDJyWnllcHJFWkx6aWdhbFZ5dWVrTjB4MlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9mY2EzNjktNmI4NS00ZTAzLWFiNzEtNjhiYTZjNTRlZjlh
LzEvWVVKVzdUajdIcGFVU1NiYlRHYkUwSWlzLTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuajEMA0G
CSqGSIb3DQEBCwUAA4IBAQAoOV3J1YQianr/1BKn0Viige0OqPdR3miT6BKdq1ND
yGSdSHqDxUkIlWAnKJpMv/el5SLa3iSMmrxiIBt1e2tyKk42wCJYsVwwUS85lN6b
TJS1LRxbomd5FFB0ruWoF0Eq888q9ynm4NmQ9GqPH5xtPurHESIvK/rj4SBIsnlk
udXrif6oJMZi/lyGhHR3j4jE9w2YAUeNztjzoc/g7p4hBE6zWzqeVg/nsik9ONGq
Qa5T82vS/x5+XH818nlKYbzCASxt4txvxVLoNYSpv77GSuo0i2oEvCbwlaFuFuA1
VEV3GNKDBkYhPXNtbFWZs9ucINTZ4nDrCIJ1RZogQlo0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:14 2025 by rpki-client