Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/bd59d9-690a-4fe2-b295-7ec5123be162/1/cA2y4GR9jG5G4BE8Dx91M--4Nso.roa
File: cA2y4GR9jG5G4BE8Dx91M--4Nso.roa (raw, json)
Hash identifier: RRn6DZLPGm1lEQ0alL+JuVp6hqUe/aAlfuXsX+4VIlw=
Subject key identifier: 70:0D:B2:E0:64:7D:8C:6E:46:E0:11:3C:0F:1F:75:33:EF:B8:36:CA
Certificate issuer: /CN=977b8aa063fc4f2bb84a9f56a3bfa38b2abedf9b
Certificate serial: 018CCA992D87A25699BB82D61C7206B96585
Authority key identifier: 97:7B:8A:A0:63:FC:4F:2B:B8:4A:9F:56:A3:BF:A3:8B:2A:BE:DF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3uKoGP8Tyu4Sp9Wo7-jiyq-35s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/bd59d9-690a-4fe2-b295-7ec5123be162/1/cA2y4GR9jG5G4BE8Dx91M--4Nso.roa
Signing time: Tue 02 Jan 2024 14:34:45 +0000
ROA not before: Tue 02 Jan 2024 14:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50815
IP address blocks: 178.216.56.0/21 maxlen: 21
194.0.174.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:2d:87:a2:56:99:bb:82:d6:1c:72:06:b9:65:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=977b8aa063fc4f2bb84a9f56a3bfa38b2abedf9b
Validity
Not Before: Jan 2 14:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=700db2e0647d8c6e46e0113c0f1f7533efb836ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4a:ca:91:b8:d4:e2:6c:52:80:38:0a:8d:46:
82:08:37:cd:fe:34:00:19:73:31:51:1d:d8:93:3b:
6d:c9:1b:97:72:a6:fd:c9:83:59:c2:06:ea:4d:e9:
51:01:dd:08:c6:69:35:d7:57:2b:f7:4c:a2:ac:68:
02:b5:97:07:9d:6a:96:38:82:40:90:fc:16:b9:f9:
ef:96:a3:30:37:f5:9f:15:1e:a9:2a:29:cf:91:67:
75:66:b1:16:31:a2:e6:5b:3c:32:bd:f4:07:dd:65:
f4:13:1e:fa:6b:7e:ff:de:8e:76:7b:e5:d7:b8:60:
45:ec:2f:8c:2b:53:9b:73:67:db:1d:97:8f:04:a4:
b0:79:5f:48:5f:16:3f:a9:07:93:1a:09:90:37:a2:
59:01:97:91:28:60:bc:ef:ce:6b:93:f9:dd:f2:ec:
04:c9:89:81:1d:e5:2b:06:5d:9f:65:54:a3:7f:62:
61:30:7c:f5:5b:3d:13:3a:52:ce:1c:e8:fa:98:01:
ab:78:e7:82:e7:5c:1f:bf:58:bc:08:a1:20:53:67:
fa:44:98:ba:de:5c:81:39:cc:ca:b1:e0:22:30:53:
bd:19:93:17:ca:ff:f7:b0:c0:60:9a:1b:ca:4f:a1:
75:6a:b6:a7:28:a1:85:32:aa:c4:52:69:e4:2e:fd:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0D:B2:E0:64:7D:8C:6E:46:E0:11:3C:0F:1F:75:33:EF:B8:36:CA
X509v3 Authority Key Identifier:
keyid:97:7B:8A:A0:63:FC:4F:2B:B8:4A:9F:56:A3:BF:A3:8B:2A:BE:DF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3uKoGP8Tyu4Sp9Wo7-jiyq-35s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/bd59d9-690a-4fe2-b295-7ec5123be162/1/cA2y4GR9jG5G4BE8Dx91M--4Nso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/bd59d9-690a-4fe2-b295-7ec5123be162/1/l3uKoGP8Tyu4Sp9Wo7-jiyq-35s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.216.56.0/21
194.0.174.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:10:81:27:0a:14:43:db:af:9d:85:c0:7e:0f:3e:5e:a5:8b:
bc:da:f2:b7:76:2e:e4:ea:8b:c9:69:ac:e6:6c:62:20:d7:8b:
a0:9d:4c:87:c7:12:1c:aa:9c:c1:86:70:b3:ed:9f:0a:c0:40:
44:35:58:bf:49:7e:b0:fe:c4:05:09:99:f8:0b:ff:46:57:27:
d5:ab:0c:f1:97:30:f6:90:2d:70:0f:25:86:b2:93:1c:7f:f9:
f1:4f:aa:f6:1d:55:0f:7a:d9:d5:5a:83:16:e4:f8:b4:25:a8:
06:f0:98:93:82:33:c2:3c:4f:03:0b:71:59:6a:12:38:83:05:
a6:55:fd:fb:76:d2:e4:31:f2:e4:f5:81:7b:8d:90:df:e4:b1:
27:4e:97:7b:6d:5b:d2:40:44:a2:a9:37:eb:a7:19:a5:c4:ca:
27:48:26:fb:e6:18:16:84:97:50:63:80:35:d4:00:9f:2e:32:
5b:eb:15:93:4f:28:4d:0d:d8:15:df:16:db:4c:fa:e9:ca:25:
9a:8f:e3:c4:2e:3a:10:f7:ec:4d:05:78:86:63:11:06:67:10:
c9:29:66:38:7b:d7:89:70:d0:b1:96:ac:b5:c6:4e:c6:8f:30:
58:5b:5e:76:28:1e:87:8d:03:d8:e1:e8:1a:f6:f1:6c:9a:98:
4e:79:9d:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmS2HolaZu4LWHHIGuWWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2I4YWEwNjNmYzRmMmJiODRhOWY1NmEzYmZhMzhiMmFi
ZWRmOWIwHhcNMjQwMTAyMTQzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDBkYjJlMDY0N2Q4YzZlNDZlMDExM2MwZjFmNzUzM2VmYjgzNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUrKkbjU4mxSgDgKjUaCCDfN/jQA
GXMxUR3YkzttyRuXcqb9yYNZwgbqTelRAd0Ixmk111cr90yirGgCtZcHnWqWOIJA
kPwWufnvlqMwN/WfFR6pKinPkWd1ZrEWMaLmWzwyvfQH3WX0Ex76a37/3o52e+XX
uGBF7C+MK1Obc2fbHZePBKSweV9IXxY/qQeTGgmQN6JZAZeRKGC8785rk/nd8uwE
yYmBHeUrBl2fZVSjf2JhMHz1Wz0TOlLOHOj6mAGreOeC51wfv1i8CKEgU2f6RJi6
3lyBOczKseAiMFO9GZMXyv/3sMBgmhvKT6F1aranKKGFMqrEUmnkLv2MFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHANsuBkfYxuRuARPA8fdTPvuDbKMB8GA1UdIwQY
MBaAFJd7iqBj/E8ruEqfVqO/o4sqvt+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDN1S29HUDhUeXU0U3A5V283LWppeXEtMzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iZDU5ZDktNjkwYS00ZmUyLWIyOTUt
N2VjNTEyM2JlMTYyLzEvY0EyeTRHUjlqRzVHNEJFOER4OTFNLS00TnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iZDU5ZDktNjkwYS00ZmUyLWIyOTUtN2VjNTEyM2JlMTYy
LzEvbDN1S29HUDhUeXU0U3A5V283LWppeXEtMzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDstg4AwQB
wgCuMA0GCSqGSIb3DQEBCwUAA4IBAQB6EIEnChRD26+dhcB+Dz5epYu82vK3di7k
6ovJaazmbGIg14ugnUyHxxIcqpzBhnCz7Z8KwEBENVi/SX6w/sQFCZn4C/9GVyfV
qwzxlzD2kC1wDyWGspMcf/nxT6r2HVUPetnVWoMW5Pi0JagG8JiTgjPCPE8DC3FZ
ahI4gwWmVf37dtLkMfLk9YF7jZDf5LEnTpd7bVvSQESiqTfrpxmlxMonSCb75hgW
hJdQY4A11ACfLjJb6xWTTyhNDdgV3xbbTPrpyiWaj+PELjoQ9+xNBXiGYxEGZxDJ
KWY4e9eJcNCxlqy1xk7GjzBYW152KB6HjQPY4ega9vFsmphOeZ06
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:14 2025 by rpki-client