Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/6e4e68-87aa-478c-8e5f-e06176ab24fb/1/YsCuULJC3sRMQ2oYgzTMNgsUK6o.roa
File: YsCuULJC3sRMQ2oYgzTMNgsUK6o.roa (raw, json)
Hash identifier: yBOZ4uJcyRFYtpHxGj0PuQwXYbJE5igFhUotTP3VFwo=
Subject key identifier: 62:C0:AE:50:B2:42:DE:C4:4C:43:6A:18:83:34:CC:36:0B:14:2B:AA
Certificate issuer: /CN=b6380000fb7e45f8976261a698d418f08e8d67c7
Certificate serial: 01922DD0C1D0C0AF3F4F792EAF71E3C96EAD
Authority key identifier: B6:38:00:00:FB:7E:45:F8:97:62:61:A6:98:D4:18:F0:8E:8D:67:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjgAAPt-RfiXYmGmmNQY8I6NZ8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/6e4e68-87aa-478c-8e5f-e06176ab24fb/1/YsCuULJC3sRMQ2oYgzTMNgsUK6o.roa
Signing time: Thu 26 Sep 2024 10:11:48 +0000
ROA not before: Thu 26 Sep 2024 10:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50517
IP address blocks: 212.57.192.0/19 maxlen: 19
212.57.192.0/24 maxlen: 24
212.57.193.0/24 maxlen: 24
212.57.194.0/24 maxlen: 24
212.57.195.0/24 maxlen: 24
212.57.196.0/24 maxlen: 24
212.57.197.0/24 maxlen: 24
212.57.211.0/24 maxlen: 24
212.57.212.0/24 maxlen: 24
212.57.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:d0:c1:d0:c0:af:3f:4f:79:2e:af:71:e3:c9:6e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6380000fb7e45f8976261a698d418f08e8d67c7
Validity
Not Before: Sep 26 10:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62c0ae50b242dec44c436a188334cc360b142baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:1b:1f:9f:ff:36:68:d2:52:7c:11:df:8b:
20:c7:fe:ee:70:df:d6:b6:2e:03:83:7d:f8:32:bd:
b2:49:ce:7a:8d:d5:01:23:63:3c:b8:30:9d:23:ec:
65:b3:0c:b9:fe:2f:28:97:87:15:6b:03:4e:0d:6e:
1d:b0:65:f3:ef:d9:ac:5d:f3:18:1b:fa:77:85:29:
18:c9:a3:02:dc:89:2f:6d:ba:1c:b6:ba:e5:aa:ca:
f5:fe:7d:f6:d6:1a:67:46:76:c4:66:41:01:f4:32:
f8:9f:53:44:dc:de:bd:f4:5d:78:de:e2:c7:38:14:
c6:92:e3:66:83:06:32:c3:80:9d:1d:27:00:d0:85:
cf:64:68:13:26:9b:e5:e4:52:10:67:77:54:d7:82:
d2:d5:eb:02:70:56:c7:18:1d:f6:76:04:4d:9f:89:
86:0d:ab:29:02:4f:2f:ce:b2:2b:22:fa:9a:77:43:
dc:cd:8c:a1:a2:d3:ce:ca:7a:21:b9:89:7d:dc:01:
11:cd:98:fb:f7:e6:1f:e3:7c:c9:ec:b1:61:f5:dc:
4b:5d:e9:15:cb:aa:c2:3d:4f:12:aa:a4:f3:5a:80:
0c:37:d3:79:68:71:e1:de:fb:f5:a6:c3:8a:28:60:
09:b0:91:44:c8:2f:af:ce:d9:f6:24:2c:a9:3b:f9:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C0:AE:50:B2:42:DE:C4:4C:43:6A:18:83:34:CC:36:0B:14:2B:AA
X509v3 Authority Key Identifier:
keyid:B6:38:00:00:FB:7E:45:F8:97:62:61:A6:98:D4:18:F0:8E:8D:67:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjgAAPt-RfiXYmGmmNQY8I6NZ8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/6e4e68-87aa-478c-8e5f-e06176ab24fb/1/YsCuULJC3sRMQ2oYgzTMNgsUK6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/6e4e68-87aa-478c-8e5f-e06176ab24fb/1/tjgAAPt-RfiXYmGmmNQY8I6NZ8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.57.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:4c:4c:cd:91:ef:c8:f9:6a:60:40:c6:9d:b9:04:72:76:dd:
fc:0e:24:27:c5:06:f5:2c:2e:33:28:8a:5b:36:37:21:c4:0d:
6b:37:b6:e0:39:13:56:e5:a9:2e:33:f3:b1:58:f8:25:53:84:
92:d8:ab:79:8d:d9:cc:1d:e4:1e:f0:29:8d:1e:f2:03:28:8c:
82:d2:ae:68:9b:b9:c2:7d:fd:a9:2b:d1:93:05:64:38:d4:83:
ac:cf:14:61:3c:ef:8d:34:be:4c:e6:55:7d:1d:40:d7:13:56:
f2:e6:c4:18:ca:bd:b3:59:f5:a1:5c:97:b1:52:7d:5e:cb:01:
51:53:b9:21:82:27:7a:ed:84:a9:ad:dc:4c:8b:6f:94:9d:9d:
d0:f6:0c:69:a9:3c:df:a3:9d:41:b5:40:8e:b0:75:c0:70:cd:
2b:a8:6a:98:9e:24:82:b1:38:1b:be:c3:b7:44:51:ad:f7:95:
29:d9:25:87:1c:be:3f:60:71:74:b1:d5:46:cf:7e:15:66:25:
ce:ed:27:81:df:4c:49:b7:a9:b9:a5:72:76:02:6f:46:03:63:
ce:65:98:97:7d:01:ee:40:7b:19:2a:5c:e1:6e:c0:c3:83:32:
28:32:00:dd:19:50:1a:4d:29:8c:72:cb:c8:89:93:b2:30:f1:
27:30:92:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIt0MHQwK8/T3kur3HjyW6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzgwMDAwZmI3ZTQ1Zjg5NzYyNjFhNjk4ZDQxOGYwOGU4
ZDY3YzcwHhcNMjQwOTI2MTAxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmMwYWU1MGIyNDJkZWM0NGM0MzZhMTg4MzM0Y2MzNjBiMTQyYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBYbH5//NmjSUnwR34sgx/7ucN/W
ti4Dg334Mr2ySc56jdUBI2M8uDCdI+xlswy5/i8ol4cVawNODW4dsGXz79msXfMY
G/p3hSkYyaMC3Ikvbboctrrlqsr1/n321hpnRnbEZkEB9DL4n1NE3N699F143uLH
OBTGkuNmgwYyw4CdHScA0IXPZGgTJpvl5FIQZ3dU14LS1esCcFbHGB32dgRNn4mG
DaspAk8vzrIrIvqad0PczYyhotPOynohuYl93AERzZj79+Yf43zJ7LFh9dxLXekV
y6rCPU8SqqTzWoAMN9N5aHHh3vv1psOKKGAJsJFEyC+vztn2JCypO/mNkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLArlCyQt7ETENqGIM0zDYLFCuqMB8GA1UdIwQY
MBaAFLY4AAD7fkX4l2JhppjUGPCOjWfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpnQUFQdC1SZmlYWW1HbW1OUVk4STZOWjhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi82ZTRlNjgtODdhYS00NzhjLThlNWYt
ZTA2MTc2YWIyNGZiLzEvWXNDdVVMSkMzc1JNUTJvWWd6VE1OZ3NVSzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi82ZTRlNjgtODdhYS00NzhjLThlNWYtZTA2MTc2YWIyNGZi
LzEvdGpnQUFQdC1SZmlYWW1HbW1OUVk4STZOWjhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1DnAMA0G
CSqGSIb3DQEBCwUAA4IBAQB8TEzNke/I+WpgQMaduQRydt38DiQnxQb1LC4zKIpb
NjchxA1rN7bgORNW5akuM/OxWPglU4SS2Kt5jdnMHeQe8CmNHvIDKIyC0q5om7nC
ff2pK9GTBWQ41IOszxRhPO+NNL5M5lV9HUDXE1by5sQYyr2zWfWhXJexUn1eywFR
U7khgid67YSprdxMi2+UnZ3Q9gxpqTzfo51BtUCOsHXAcM0rqGqYniSCsTgbvsO3
RFGt95Up2SWHHL4/YHF0sdVGz34VZiXO7SeB30xJt6m5pXJ2Am9GA2POZZiXfQHu
QHsZKlzhbsDDgzIoMgDdGVAaTSmMcsvIiZOyMPEnMJJu
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:49 2025 by rpki-client