Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/y4CWPC0k_Z_hTBBC6NNL-QXy6PQ.roa
File: y4CWPC0k_Z_hTBBC6NNL-QXy6PQ.roa (raw, json)
Hash identifier: U5Sr8CnLBAy/UPXYXcPqodC+nQR45YDP9sapqq8LdMU=
Subject key identifier: CB:80:96:3C:2D:24:FD:9F:E1:4C:10:42:E8:D3:4B:F9:05:F2:E8:F4
Certificate issuer: /CN=cfc0f99d79793a6f01e9ad627d1f968b0c2d0f3b
Certificate serial: 0192E82881D71BC71E5125E41858164E11E4
Authority key identifier: CF:C0:F9:9D:79:79:3A:6F:01:E9:AD:62:7D:1F:96:8B:0C:2D:0F:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/y4CWPC0k_Z_hTBBC6NNL-QXy6PQ.roa
Signing time: Fri 01 Nov 2024 14:37:01 +0000
ROA not before: Fri 01 Nov 2024 14:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 178.210.167.0/24 maxlen: 24
178.210.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 06:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e8:28:81:d7:1b:c7:1e:51:25:e4:18:58:16:4e:11:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc0f99d79793a6f01e9ad627d1f968b0c2d0f3b
Validity
Not Before: Nov 1 14:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb80963c2d24fd9fe14c1042e8d34bf905f2e8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9f:73:d2:5c:4f:06:59:e2:2a:b9:73:5f:6c:
25:f7:d5:69:c0:34:b8:6b:19:53:51:09:71:84:43:
9a:ea:fd:6c:8c:ff:fb:95:87:fa:cb:34:db:ee:5e:
25:5b:7b:b9:76:f6:e7:1a:a5:6e:6a:32:99:e1:65:
1b:e7:a0:1f:34:7d:87:4f:85:80:c7:1a:36:ef:10:
06:80:71:30:f4:0f:70:76:31:b7:2b:55:71:f2:0a:
e9:d5:9c:c6:11:31:e1:c6:bc:e9:42:24:3b:96:f8:
68:5e:51:9d:70:fd:cb:0d:23:60:aa:5a:4e:ca:84:
2a:b7:ce:7a:76:fb:a4:6b:c0:2b:b7:f8:14:7e:93:
e5:0c:d2:4c:24:1e:3b:a6:3e:53:13:60:c3:29:32:
ec:67:0c:4d:b5:ac:79:65:6a:44:72:3f:6f:dd:e8:
1e:2a:03:63:7a:03:9f:52:1a:35:3f:83:b6:2b:80:
be:ed:eb:30:34:b1:c2:15:98:97:ec:21:96:e7:2c:
f2:7d:7c:7a:d1:01:31:95:94:a3:6e:1e:c8:5a:1c:
7b:8f:6a:a8:c4:70:ea:67:90:c8:a9:8b:f7:b1:37:
75:d1:3a:11:6c:06:14:35:ed:cf:47:86:d0:35:58:
fb:d5:fd:88:fd:58:01:7d:9a:7c:53:59:26:7f:d8:
e7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:80:96:3C:2D:24:FD:9F:E1:4C:10:42:E8:D3:4B:F9:05:F2:E8:F4
X509v3 Authority Key Identifier:
keyid:CF:C0:F9:9D:79:79:3A:6F:01:E9:AD:62:7D:1F:96:8B:0C:2D:0F:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/y4CWPC0k_Z_hTBBC6NNL-QXy6PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.167.0/24
178.210.179.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:db:30:25:c0:8f:42:25:1c:dd:5c:a9:d7:bd:62:5a:1a:bb:
06:92:7a:31:6f:fd:a1:83:a7:5b:d8:97:88:ce:db:99:c1:cf:
a0:45:d3:d8:7f:9f:f4:ac:82:b9:ed:76:93:77:46:d9:03:bc:
9f:10:09:b1:61:f1:2c:b7:f6:41:be:59:96:8d:a9:32:56:c4:
89:14:f9:12:57:e6:53:c6:f4:20:58:3e:a4:77:20:d9:85:a8:
86:87:76:8d:c3:96:f9:01:51:26:5b:ec:12:57:dd:72:2c:61:
c5:8b:b1:de:7c:6b:1f:98:6d:ff:c2:b2:b1:4f:84:f5:9d:c8:
37:59:5c:2a:e5:98:99:78:df:18:d1:cd:59:87:63:ec:ee:bc:
b1:04:72:ca:87:e5:c2:d0:ed:53:cd:19:7f:41:20:5a:7b:e2:
3f:e2:d0:b7:8b:70:b5:47:24:89:92:78:c8:40:93:60:7b:e5:
6a:6a:8a:eb:15:68:2e:47:9f:e8:c8:66:15:12:50:2f:85:cb:
54:d9:ef:2b:3a:68:10:5e:dc:3f:97:7f:8d:62:bb:f2:b2:b0:
5f:6f:84:5c:c5:86:5b:0d:df:3d:29:ed:2c:0a:d2:44:8c:0b:
a1:87:42:0d:b4:a7:2b:9d:e9:a9:9e:7d:d4:50:f6:09:d9:74:
d8:1c:6e:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLoKIHXG8ceUSXkGFgWThHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzBmOTlkNzk3OTNhNmYwMWU5YWQ2MjdkMWY5NjhiMGMy
ZDBmM2IwHhcNMjQxMTAxMTQzNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjgwOTYzYzJkMjRmZDlmZTE0YzEwNDJlOGQzNGJmOTA1ZjJlOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z9z0lxPBlniKrlzX2wl99VpwDS4
axlTUQlxhEOa6v1sjP/7lYf6yzTb7l4lW3u5dvbnGqVuajKZ4WUb56AfNH2HT4WA
xxo27xAGgHEw9A9wdjG3K1Vx8grp1ZzGETHhxrzpQiQ7lvhoXlGdcP3LDSNgqlpO
yoQqt856dvuka8Art/gUfpPlDNJMJB47pj5TE2DDKTLsZwxNtax5ZWpEcj9v3ege
KgNjegOfUho1P4O2K4C+7eswNLHCFZiX7CGW5yzyfXx60QExlZSjbh7IWhx7j2qo
xHDqZ5DIqYv3sTd10ToRbAYUNe3PR4bQNVj71f2I/VgBfZp8U1kmf9jn+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMuAljwtJP2f4UwQQujTS/kF8uj0MB8GA1UdIwQY
MBaAFM/A+Z15eTpvAemtYn0flosMLQ87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhENW5YbDVPbThCNmExaWZSLVdpd3d0RHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9jNWRkM2UtOTM3Yi00MzRmLWJiYjgt
ODBjYzg2ZTUxODIyLzEveTRDV1BDMGtfWl9oVEJCQzZOTkwtUVh5NlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9jNWRkM2UtOTM3Yi00MzRmLWJiYjgtODBjYzg2ZTUxODIy
LzEvejhENW5YbDVPbThCNmExaWZSLVdpd3d0RHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstKnAwQA
stKzMA0GCSqGSIb3DQEBCwUAA4IBAQBK2zAlwI9CJRzdXKnXvWJaGrsGknoxb/2h
g6db2JeIztuZwc+gRdPYf5/0rIK57XaTd0bZA7yfEAmxYfEst/ZBvlmWjakyVsSJ
FPkSV+ZTxvQgWD6kdyDZhaiGh3aNw5b5AVEmW+wSV91yLGHFi7HefGsfmG3/wrKx
T4T1ncg3WVwq5ZiZeN8Y0c1Zh2Ps7ryxBHLKh+XC0O1TzRl/QSBae+I/4tC3i3C1
RySJknjIQJNge+VqaorrFWguR5/oyGYVElAvhctU2e8rOmgQXtw/l3+NYrvysrBf
b4RcxYZbDd89Ke0sCtJEjAuhh0INtKcrnempnn3UUPYJ2XTYHG41
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:36 2025 by rpki-client