Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/1-YAYvIwHPm012P3OE_sYBiZGgRE.roa
File: 1-YAYvIwHPm012P3OE_sYBiZGgRE.roa (raw, json)
Hash identifier: E2Pin0SosuOE3LPVpTvl5rUoXTQN8yzQiAXQaPoYS+I=
Subject key identifier: F9:80:18:BC:8C:07:3E:6D:35:D8:FD:CE:13:FB:18:06:26:46:81:11
Certificate issuer: /CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Certificate serial: 018CC3B72B73278C6FB8D69FB082F9016B91
Authority key identifier: 65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/1-YAYvIwHPm012P3OE_sYBiZGgRE.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.170.189.0/24 maxlen: 24
185.170.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2b:73:27:8c:6f:b8:d6:9f:b0:82:f9:01:6b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f98018bc8c073e6d35d8fdce13fb180626468111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1f:79:09:ea:26:e8:ce:16:ed:81:94:92:6c:
1a:75:fb:e2:6d:09:84:8d:79:08:3d:2b:28:e9:01:
8a:5e:1f:e7:74:69:9c:c2:c0:2b:ac:67:bb:99:2f:
f0:c4:39:c1:5e:6e:d6:97:d0:c7:a6:c9:94:29:56:
53:03:74:dc:76:86:59:30:8b:ad:26:ec:98:67:d4:
d4:d7:9e:e8:48:6a:a0:f1:6f:01:f3:a0:72:42:a8:
2a:d6:fd:f3:b4:ae:bb:fc:85:f1:db:c6:77:dc:81:
04:b0:ae:19:49:d4:b1:be:83:0c:31:46:a3:76:1b:
30:05:cd:85:d6:4e:3e:4a:07:96:ae:0a:0f:85:1e:
e6:1d:f1:56:0e:73:93:e1:79:73:d5:68:b0:0e:24:
3e:d9:88:eb:a9:51:2c:23:27:66:1a:ad:a7:99:8b:
01:5a:4b:99:98:ac:49:3c:c5:db:97:d4:09:d7:c2:
43:40:31:5c:63:33:7c:0c:6d:57:58:52:8d:f4:da:
db:15:45:a6:5f:d9:ec:9e:f5:96:7a:80:b8:7e:d7:
2d:ed:82:59:32:f2:93:85:28:c8:28:97:56:2b:e7:
50:e0:53:9e:b0:a6:04:0c:df:12:c6:4d:8c:96:95:
27:36:85:ab:5f:aa:fa:20:dd:f3:19:e2:da:00:16:
d2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:80:18:BC:8C:07:3E:6D:35:D8:FD:CE:13:FB:18:06:26:46:81:11
X509v3 Authority Key Identifier:
keyid:65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/1-YAYvIwHPm012P3OE_sYBiZGgRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.188.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:f8:6e:86:a2:d6:4b:cc:f2:49:bc:50:67:2f:db:1e:f9:10:
0b:86:38:d9:1a:0c:23:d3:94:02:b3:22:3b:08:39:e4:d9:7c:
b7:86:c9:08:0b:38:32:6b:e5:9d:5b:be:c6:35:98:29:f0:3e:
6c:c2:4c:39:03:ca:88:45:78:64:c7:2c:98:d9:ef:60:be:a4:
e2:09:2a:56:88:d4:ce:01:da:a1:97:4b:d0:94:74:dd:a9:e4:
3a:9a:72:c3:a6:3b:71:78:bf:d0:12:fc:9c:72:b7:d1:2e:da:
7b:7f:78:30:50:25:ba:db:58:f6:0f:de:f2:ee:23:88:c6:d1:
1d:aa:1f:28:6c:49:b0:62:44:54:be:86:f1:75:22:25:e6:22:
f9:a2:36:b9:0b:02:c4:03:ab:5d:e3:61:6e:30:b6:0c:91:d5:
d0:6e:8f:24:5d:ba:70:d0:4c:72:5e:fb:ea:55:19:d4:71:a9:
7c:18:1f:07:30:47:0e:99:56:54:c5:10:fb:44:04:8f:8f:e3:
6c:d1:c4:5e:bc:9a:05:b0:4a:21:cc:e5:e8:79:d9:64:99:5c:
aa:0c:ab:4a:69:dd:3c:ec:a5:ba:83:12:68:03:f5:b1:09:09:
40:79:07:b7:1f:e4:cd:00:98:d1:50:63:31:a6:3a:a8:d0:0a:
be:9b:22:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDtytzJ4xvuNafsIL5AWuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmNjMjUwMTJlM2E0YzhiMTYyNmRkNzU3YzdiMDUxMGU0
NTczNDEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTgwMThiYzhjMDczZTZkMzVkOGZkY2UxM2ZiMTgwNjI2NDY4MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx95Ceom6M4W7YGUkmwadfvibQmE
jXkIPSso6QGKXh/ndGmcwsArrGe7mS/wxDnBXm7Wl9DHpsmUKVZTA3TcdoZZMIut
JuyYZ9TU157oSGqg8W8B86ByQqgq1v3ztK67/IXx28Z33IEEsK4ZSdSxvoMMMUaj
dhswBc2F1k4+SgeWrgoPhR7mHfFWDnOT4Xlz1WiwDiQ+2YjrqVEsIydmGq2nmYsB
WkuZmKxJPMXbl9QJ18JDQDFcYzN8DG1XWFKN9NrbFUWmX9nsnvWWeoC4ftct7YJZ
MvKThSjIKJdWK+dQ4FOesKYEDN8Sxk2MlpUnNoWrX6r6IN3zGeLaABbSCQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmAGLyMBz5tNdj9zhP7GAYmRoERMB8GA1UdIwQY
MBaAFGVswlAS46TIsWJt11fHsFEORXNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzkt
ODIwMzI1ZjUzY2NiLzEvMS1ZQVl2SXdIUG0wMTJQM09FX3NZQmlaR2dSRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvNmRiNDZkLWJjMmQtNDVkNy1hMjc5LTgyMDMyNWY1M2Nj
Yi8xL1pXekNVQkxqcE1peFltM1hWOGV3VVE1RmMwRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmqvDAN
BgkqhkiG9w0BAQsFAAOCAQEAXPhuhqLWS8zySbxQZy/bHvkQC4Y42RoMI9OUArMi
Owg55Nl8t4bJCAs4MmvlnVu+xjWYKfA+bMJMOQPKiEV4ZMcsmNnvYL6k4gkqVojU
zgHaoZdL0JR03ankOppyw6Y7cXi/0BL8nHK30S7ae394MFAluttY9g/e8u4jiMbR
HaofKGxJsGJEVL6G8XUiJeYi+aI2uQsCxAOrXeNhbjC2DJHV0G6PJF26cNBMcl77
6lUZ1HGpfBgfBzBHDplWVMUQ+0QEj4/jbNHEXryaBbBKIczl6HnZZJlcqgyrSmnd
POyluoMSaAP1sQkJQHkHtx/kzQCY0VBjMaY6qNAKvpsivA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:29:04 2025 by rpki-client