Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/yvsLrEzSUKVV9YqeU0Lftt1DVd0.roa
File: yvsLrEzSUKVV9YqeU0Lftt1DVd0.roa (raw, json)
Hash identifier: ophJHKsMbBEv9Ysh5GeC94WH9SrnyEu7YP10uM6VTG0=
Subject key identifier: CA:FB:0B:AC:4C:D2:50:A5:55:F5:8A:9E:53:42:DF:B6:DD:43:55:DD
Certificate issuer: /CN=4c61d118479b5222ef0f864167cac5b4c07cc219
Certificate serial: 018CC8DE304E0D266FC3BCA2E615ADC48A45
Authority key identifier: 4C:61:D1:18:47:9B:52:22:EF:0F:86:41:67:CA:C5:B4:C0:7C:C2:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGHRGEebUiLvD4ZBZ8rFtMB8whk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/yvsLrEzSUKVV9YqeU0Lftt1DVd0.roa
Signing time: Tue 02 Jan 2024 06:30:53 +0000
ROA not before: Tue 02 Jan 2024 06:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196858
IP address blocks: 213.5.200.0/21 maxlen: 21
2001:67c:188c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:30:4e:0d:26:6f:c3:bc:a2:e6:15:ad:c4:8a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c61d118479b5222ef0f864167cac5b4c07cc219
Validity
Not Before: Jan 2 06:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cafb0bac4cd250a555f58a9e5342dfb6dd4355dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f5:93:86:83:f8:61:71:94:f9:f1:77:19:e5:
69:a3:4a:b4:1c:1e:de:fa:33:20:55:1c:f1:4c:ca:
33:f0:b3:42:a5:b0:0e:bd:78:b7:dc:1d:70:d9:79:
71:1c:ff:66:01:7c:c6:e5:c9:0c:d7:6d:d8:26:ea:
44:88:03:64:40:dd:71:a9:42:06:60:cd:cb:5f:93:
f9:1f:a3:4a:04:55:e6:0c:f7:59:6d:63:e8:02:ca:
4f:ad:1a:bf:1b:92:bc:4f:c0:c3:0e:7e:c8:9b:d8:
82:b1:91:87:2d:c0:bc:00:11:dd:40:a1:01:33:f1:
71:68:55:1c:69:38:ab:d9:69:b9:1b:18:23:dd:d6:
b9:de:39:10:9e:b1:b9:5f:eb:08:fd:64:e2:b2:06:
43:0a:e4:64:9a:ba:85:08:e9:03:ff:82:ac:6b:70:
8f:3e:26:fa:2f:a1:02:be:eb:04:9f:b2:72:e6:a7:
c6:7c:30:ce:5d:66:41:09:1d:32:33:4d:a8:e6:8f:
5d:52:02:be:a1:ab:0b:39:f2:a6:cf:51:60:82:b0:
2e:c9:28:ae:e5:82:59:ff:1d:69:c9:1a:d1:53:b9:
c0:d8:6a:ac:48:f7:d0:ec:b1:ca:bf:81:fa:f6:e6:
3d:69:89:9c:aa:08:4f:8b:a5:a9:8b:21:be:db:f4:
61:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FB:0B:AC:4C:D2:50:A5:55:F5:8A:9E:53:42:DF:B6:DD:43:55:DD
X509v3 Authority Key Identifier:
keyid:4C:61:D1:18:47:9B:52:22:EF:0F:86:41:67:CA:C5:B4:C0:7C:C2:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGHRGEebUiLvD4ZBZ8rFtMB8whk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/yvsLrEzSUKVV9YqeU0Lftt1DVd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/TGHRGEebUiLvD4ZBZ8rFtMB8whk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.200.0/21
IPv6:
2001:67c:188c::/48
Signature Algorithm: sha256WithRSAEncryption
6f:92:6f:a0:4e:42:82:f6:2f:6c:8c:bd:1a:b5:24:4c:4d:da:
43:cb:ea:f7:fe:87:7b:22:d3:9b:29:0c:b2:01:c9:f4:9a:fc:
ed:1e:db:12:49:19:e5:67:3c:94:72:42:e4:b7:0f:fc:d0:51:
fc:a3:9c:9c:2b:f7:07:7a:9f:af:47:d9:93:42:0e:25:29:f7:
a5:a9:3f:4f:79:ad:89:bc:6b:4d:e0:c7:98:6d:7f:f5:3d:46:
d1:d0:cd:a7:00:68:49:3e:46:1d:07:6d:8a:6b:1d:4d:1b:0b:
cf:fb:6c:c1:59:6c:c6:bb:7c:9b:da:ea:4a:36:0a:8d:bd:40:
c5:cd:ed:55:9f:c7:56:3b:43:96:54:bd:c2:8a:d2:b4:c0:7c:
75:2e:e7:14:ba:53:17:a5:2c:b3:ec:25:ad:b3:ff:0f:25:4f:
7e:fb:0a:1a:db:25:2d:95:5d:71:91:35:a2:97:59:f5:d6:0e:
84:a5:0e:b8:27:42:54:9b:30:a0:bb:6b:33:63:ba:8f:1e:cf:
79:97:39:d1:bf:0e:86:a1:ba:55:a8:98:1b:52:60:01:8f:16:
a5:11:5d:bc:1c:98:a8:34:55:fc:98:b4:35:c9:73:88:0f:0e:
23:05:2c:0f:00:a0:0c:ec:9e:c3:ec:5c:68:e9:79:a5:ed:61:
59:72:cf:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3jBODSZvw7yi5hWtxIpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNjFkMTE4NDc5YjUyMjJlZjBmODY0MTY3Y2FjNWI0YzA3
Y2MyMTkwHhcNMjQwMTAyMDYzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZiMGJhYzRjZDI1MGE1NTVmNThhOWU1MzQyZGZiNmRkNDM1NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/WThoP4YXGU+fF3GeVpo0q0HB7e
+jMgVRzxTMoz8LNCpbAOvXi33B1w2XlxHP9mAXzG5ckM123YJupEiANkQN1xqUIG
YM3LX5P5H6NKBFXmDPdZbWPoAspPrRq/G5K8T8DDDn7Im9iCsZGHLcC8ABHdQKEB
M/FxaFUcaTir2Wm5Gxgj3da53jkQnrG5X+sI/WTisgZDCuRkmrqFCOkD/4Ksa3CP
Pib6L6ECvusEn7Jy5qfGfDDOXWZBCR0yM02o5o9dUgK+oasLOfKmz1FggrAuySiu
5YJZ/x1pyRrRU7nA2GqsSPfQ7LHKv4H69uY9aYmcqghPi6WpiyG+2/RhbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMr7C6xM0lClVfWKnlNC37bdQ1XdMB8GA1UdIwQY
MBaAFExh0RhHm1Ii7w+GQWfKxbTAfMIZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEdIUkdFZWJVaUx2RDRaQlo4ckZ0TUI4d2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82ZTlkZmQtY2U0Ny00ZTYxLWEzMTUt
ZTVhYTc0NzAwZjlkLzEveXZzTHJFelNVS1ZWOVlxZVUwTGZ0dDFEVmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82ZTlkZmQtY2U0Ny00ZTYxLWEzMTUtZTVhYTc0NzAwZjlk
LzEvVEdIUkdFZWJVaUx2RDRaQlo4ckZ0TUI4d2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQD1QXIMA8E
AgACMAkDBwAgAQZ8GIwwDQYJKoZIhvcNAQELBQADggEBAG+Sb6BOQoL2L2yMvRq1
JExN2kPL6vf+h3si05spDLIByfSa/O0e2xJJGeVnPJRyQuS3D/zQUfyjnJwr9wd6
n69H2ZNCDiUp96WpP095rYm8a03gx5htf/U9RtHQzacAaEk+Rh0HbYprHU0bC8/7
bMFZbMa7fJva6ko2Co29QMXN7VWfx1Y7Q5ZUvcKK0rTAfHUu5xS6UxelLLPsJa2z
/w8lT377ChrbJS2VXXGRNaKXWfXWDoSlDrgnQlSbMKC7azNjuo8ez3mXOdG/Doah
ulWomBtSYAGPFqURXbwcmKg0VfyYtDXJc4gPDiMFLA8AoAzsnsPsXGjpeaXtYVly
zzo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:12 2025 by rpki-client