Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/YG8gGKvgybLhSUzMA-4JIOw0crA.roa
File: YG8gGKvgybLhSUzMA-4JIOw0crA.roa (raw, json)
Hash identifier: yqXlr4Nq996/MSta3ADMhCNmvq03TzCrDeMZHoPsRWw=
Subject key identifier: 60:6F:20:18:AB:E0:C9:B2:E1:49:4C:CC:03:EE:09:20:EC:34:72:B0
Certificate issuer: /CN=0d6bb59e97bf3b1efc3569df956c45e472849861
Certificate serial: 018CC4930AAFEC89ED760A25FF7025D863AC
Authority key identifier: 0D:6B:B5:9E:97:BF:3B:1E:FC:35:69:DF:95:6C:45:E4:72:84:98:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWu1npe_Ox78NWnflWxF5HKEmGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/YG8gGKvgybLhSUzMA-4JIOw0crA.roa
Signing time: Mon 01 Jan 2024 10:30:20 +0000
ROA not before: Mon 01 Jan 2024 10:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40999
IP address blocks: 178.16.48.0/21 maxlen: 21
2a04:2101::/32 maxlen: 32
2a04:2100::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0a:af:ec:89:ed:76:0a:25:ff:70:25:d8:63:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d6bb59e97bf3b1efc3569df956c45e472849861
Validity
Not Before: Jan 1 10:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=606f2018abe0c9b2e1494ccc03ee0920ec3472b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4c:6e:30:5c:4d:d3:06:94:9b:ce:f0:ab:91:
74:49:e7:bc:cf:97:a4:5b:25:17:1a:70:55:81:54:
3d:76:af:33:67:4c:2a:de:72:00:0e:c1:8a:87:a9:
e4:ca:4e:a3:70:54:41:ec:7b:40:d6:8d:82:a5:03:
47:bc:c7:ed:79:25:0c:16:f9:cd:1a:c4:06:a9:8c:
c6:ef:84:d7:b7:b7:88:42:cd:70:cd:83:e0:af:79:
28:0e:53:26:94:b3:55:39:ad:e4:3f:e8:7c:67:17:
26:11:c5:e4:8f:36:0a:cb:97:a0:0e:84:c7:ea:96:
f7:7f:c0:0e:80:fe:76:da:ce:6c:69:e0:cb:fd:c6:
dd:f0:3f:49:10:fd:24:ae:f8:72:06:44:b5:1a:4a:
16:ca:26:f3:27:bc:09:4a:c8:6e:d9:21:12:89:14:
38:ca:3b:4b:d2:25:8c:eb:da:53:d6:dd:aa:e5:65:
f2:4f:77:42:e5:44:ad:be:1e:db:86:d8:c1:a2:93:
c8:b9:29:70:66:19:8c:38:5d:56:3e:3a:7a:23:53:
fc:b6:d5:54:1d:43:cc:b1:93:20:b5:70:49:72:36:
74:4b:a0:d0:a0:99:07:92:a5:73:53:e0:96:65:e8:
2b:ae:da:fc:39:7f:7c:30:b5:af:2a:55:96:0b:9c:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6F:20:18:AB:E0:C9:B2:E1:49:4C:CC:03:EE:09:20:EC:34:72:B0
X509v3 Authority Key Identifier:
keyid:0D:6B:B5:9E:97:BF:3B:1E:FC:35:69:DF:95:6C:45:E4:72:84:98:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWu1npe_Ox78NWnflWxF5HKEmGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/YG8gGKvgybLhSUzMA-4JIOw0crA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/DWu1npe_Ox78NWnflWxF5HKEmGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.48.0/21
IPv6:
2a04:2100::/31
Signature Algorithm: sha256WithRSAEncryption
59:d7:4b:96:ba:13:12:8f:20:23:8b:50:11:fd:59:b4:83:7c:
fa:aa:59:ab:49:82:65:f9:c8:84:60:96:21:1b:1f:17:66:2b:
43:80:69:de:8d:9c:08:22:03:a1:d3:a1:4b:20:f3:d2:5d:49:
61:b3:76:bd:3a:60:ad:a3:42:4c:5d:bd:25:15:0f:77:3f:52:
af:f7:fa:70:c8:df:82:72:5d:6d:63:a1:08:66:a2:59:1f:c9:
75:1a:cb:ac:e9:69:e0:39:87:dc:e2:34:bc:85:36:94:d7:8a:
b8:36:ba:b8:47:77:ff:8c:85:b1:4b:0c:ad:c2:fc:b0:48:63:
67:ab:cb:fd:6b:e8:ba:c0:e8:a8:12:f4:7b:b2:8b:bf:27:40:
13:83:49:8c:2d:23:06:fd:41:9c:96:f0:a2:a1:df:da:30:ad:
b4:63:3b:a1:52:e6:d9:38:3b:58:c8:89:62:20:cc:42:28:81:
c5:be:56:32:cf:86:66:e6:e8:44:ea:b8:fc:71:34:f1:b1:6a:
0c:07:3c:3e:10:37:76:27:03:70:72:53:e2:b7:eb:96:3a:70:
94:65:33:ab:53:06:42:b0:be:80:04:b8:bf:4d:c3:8c:15:16:
56:58:1a:4d:60:23:5a:0b:16:88:ab:24:f5:5e:1a:14:68:d2:
36:07:e6:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkwqv7Intdgol/3Al2GOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmJiNTllOTdiZjNiMWVmYzM1NjlkZjk1NmM0NWU0NzI4
NDk4NjEwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZmMjAxOGFiZTBjOWIyZTE0OTRjY2MwM2VlMDkyMGVjMzQ3MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkxuMFxN0waUm87wq5F0See8z5ek
WyUXGnBVgVQ9dq8zZ0wq3nIADsGKh6nkyk6jcFRB7HtA1o2CpQNHvMfteSUMFvnN
GsQGqYzG74TXt7eIQs1wzYPgr3koDlMmlLNVOa3kP+h8ZxcmEcXkjzYKy5egDoTH
6pb3f8AOgP522s5saeDL/cbd8D9JEP0krvhyBkS1GkoWyibzJ7wJSshu2SESiRQ4
yjtL0iWM69pT1t2q5WXyT3dC5UStvh7bhtjBopPIuSlwZhmMOF1WPjp6I1P8ttVU
HUPMsZMgtXBJcjZ0S6DQoJkHkqVzU+CWZegrrtr8OX98MLWvKlWWC5xEGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGBvIBir4Mmy4UlMzAPuCSDsNHKwMB8GA1UdIwQY
MBaAFA1rtZ6Xvzse/DVp35VsReRyhJhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFd1MW5wZV9PeDc4TlduZmxXeEY1SEtFbUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZDNkZTQtNzZhNS00OTQxLWI2MjYt
ZTk1NGUxNmFiMjdkLzEvWUc4Z0dLdmd5YkxoU1V6TUEtNEpJT3cwY3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZDNkZTQtNzZhNS00OTQxLWI2MjYtZTk1NGUxNmFiMjdk
LzEvRFd1MW5wZV9PeDc4TlduZmxXeEY1SEtFbUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDshAwMA0E
AgACMAcDBQEqBCEAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ10uWuhMSjyAji1AR/Vm0
g3z6qlmrSYJl+ciEYJYhGx8XZitDgGnejZwIIgOh06FLIPPSXUlhs3a9OmCto0JM
Xb0lFQ93P1Kv9/pwyN+Ccl1tY6EIZqJZH8l1Gsus6WngOYfc4jS8hTaU14q4Nrq4
R3f/jIWxSwytwvywSGNnq8v9a+i6wOioEvR7sou/J0ATg0mMLSMG/UGclvCiod/a
MK20YzuhUubZODtYyIliIMxCKIHFvlYyz4Zm5uhE6rj8cTTxsWoMBzw+EDd2JwNw
clPit+uWOnCUZTOrUwZCsL6ABLi/TcOMFRZWWBpNYCNaCxaIqyT1XhoUaNI2B+af
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:41:45 2025 by rpki-client