Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/naYVA5OzIHrU5CFzrwFqoWlT5qk.roa
File: naYVA5OzIHrU5CFzrwFqoWlT5qk.roa (raw, json)
Hash identifier: TrWFLIT5ZpDhDJ8QfLiPrFnHO4eN5oscfVW8Nd681IE=
Subject key identifier: 9D:A6:15:03:93:B3:20:7A:D4:E4:21:73:AF:01:6A:A1:69:53:E6:A9
Certificate issuer: /CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Certificate serial: 018CC5DCC1C00DBDAB546582B852F638DE8A
Authority key identifier: 18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/naYVA5OzIHrU5CFzrwFqoWlT5qk.roa
Signing time: Mon 01 Jan 2024 16:30:28 +0000
ROA not before: Mon 01 Jan 2024 16:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196932
IP address blocks: 178.255.136.0/21 maxlen: 21
185.192.200.0/22 maxlen: 22
2a03:40e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Sep 2024 07:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c1:c0:0d:bd:ab:54:65:82:b8:52:f6:38:de:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Validity
Not Before: Jan 1 16:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da6150393b3207ad4e42173af016aa16953e6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:da:76:74:70:94:72:2c:48:43:36:aa:8a:a9:
f3:07:6f:99:03:e3:b0:71:30:90:d6:2e:9e:8d:3d:
c2:e7:f8:79:db:0a:a8:0c:85:e3:1d:76:5a:1f:42:
0e:f5:a3:70:62:07:15:a2:e2:42:06:8d:5f:64:45:
7d:10:56:3a:82:0c:ab:ff:26:e9:a1:ec:c9:8e:66:
a5:1e:6b:87:68:de:98:bf:7a:9b:55:4c:8f:7f:2d:
7b:7e:b3:a7:dc:1f:8f:2e:19:81:70:01:26:e6:28:
cf:d7:82:c8:07:09:03:23:8f:ee:b4:35:df:f0:17:
48:98:66:11:f8:2c:1e:ba:0f:c9:66:e4:16:c0:fc:
e4:2d:81:7b:c4:d9:2a:10:ed:2e:b2:f2:6b:39:34:
c0:9d:53:8c:07:68:c2:3f:6e:86:21:6b:6d:be:0b:
8d:e1:68:cc:cb:d1:9a:c8:64:c7:6d:3c:5b:67:10:
08:4a:cd:59:54:b0:0d:58:91:8d:3b:58:5f:2c:bd:
fd:04:41:65:c0:ac:a5:5a:0c:05:e6:a7:bf:78:58:
07:f7:98:7e:6b:f1:24:50:e8:0e:f8:6e:ad:6a:c6:
16:47:97:47:c8:2f:fe:6e:bc:92:30:5b:70:24:5d:
28:f6:74:51:f0:a6:5b:92:49:cb:ce:b4:4e:20:1b:
47:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A6:15:03:93:B3:20:7A:D4:E4:21:73:AF:01:6A:A1:69:53:E6:A9
X509v3 Authority Key Identifier:
keyid:18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/naYVA5OzIHrU5CFzrwFqoWlT5qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.136.0/21
185.192.200.0/22
IPv6:
2a03:40e0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:9c:02:a6:94:61:7e:cf:88:ee:06:97:8c:96:ff:a7:a5:d2:
81:98:58:76:b0:63:4b:1d:ed:a4:02:e9:25:fd:e9:1f:9c:bf:
ce:9e:ab:e6:a4:50:a3:78:b2:b5:d4:5b:1d:9e:b4:81:9b:10:
aa:62:db:c9:da:36:d3:6d:21:3e:c9:1d:b6:b0:17:67:7f:8e:
13:e4:73:69:9f:62:96:b3:04:22:b9:54:18:57:b4:4c:9e:07:
76:f1:f6:4c:e0:d2:e2:87:4c:4e:7e:eb:0e:ff:4c:de:21:94:
8a:4e:fe:8d:a5:a1:cd:4f:70:a5:35:49:28:90:b1:4d:ac:a4:
7e:85:7a:2b:f5:da:d8:7c:e9:00:1a:84:87:0d:18:f2:70:1b:
a0:53:f6:25:23:fd:4d:4a:d1:05:8a:93:e8:ba:31:7b:93:21:
3c:86:d1:1e:d9:ec:57:ac:9f:4b:d6:6c:9d:4c:a3:5a:20:ac:
d7:e0:a7:4d:7d:96:b8:f5:e7:d5:20:ff:1b:63:c7:2e:61:59:
d7:43:95:83:22:2f:59:76:34:f2:2e:24:73:4c:dd:60:2b:2e:
b6:57:e0:d2:f4:0c:e2:a7:fa:2b:40:7c:7b:27:8b:c7:7a:92:
a6:b4:88:a3:f7:0e:04:87:65:6c:c5:f7:95:2b:95:09:13:e4:
9a:00:5b:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3MHADb2rVGWCuFL2ON6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NThjYWE2ODMyYWEyYTNlN2NjNmQxNDQ1MTVmOGY0MzFi
NjY3NjIwHhcNMjQwMTAxMTYzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE2MTUwMzkzYjMyMDdhZDRlNDIxNzNhZjAxNmFhMTY5NTNlNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNp2dHCUcixIQzaqiqnzB2+ZA+Ow
cTCQ1i6ejT3C5/h52wqoDIXjHXZaH0IO9aNwYgcVouJCBo1fZEV9EFY6ggyr/ybp
oezJjmalHmuHaN6Yv3qbVUyPfy17frOn3B+PLhmBcAEm5ijP14LIBwkDI4/utDXf
8BdImGYR+Cweug/JZuQWwPzkLYF7xNkqEO0usvJrOTTAnVOMB2jCP26GIWttvguN
4WjMy9GayGTHbTxbZxAISs1ZVLANWJGNO1hfLL39BEFlwKylWgwF5qe/eFgH95h+
a/EkUOgO+G6tasYWR5dHyC/+brySMFtwJF0o9nRR8KZbkknLzrROIBtH0QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ2mFQOTsyB61OQhc68BaqFpU+apMB8GA1UdIwQY
MBaAFBhYyqaDKqKj58xtFEUV+PQxtmdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2Ut
YWFiN2ZjM2Y4YWM1LzEvbmFZVkE1T3pJSHJVNUNGenJ3RnFvV2xUNXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2UtYWFiN2ZjM2Y4YWM1
LzEvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv+IAwQC
ucDIMA0EAgACMAcDBQAqA0DgMA0GCSqGSIb3DQEBCwUAA4IBAQAenAKmlGF+z4ju
BpeMlv+npdKBmFh2sGNLHe2kAukl/ekfnL/OnqvmpFCjeLK11FsdnrSBmxCqYtvJ
2jbTbSE+yR22sBdnf44T5HNpn2KWswQiuVQYV7RMngd28fZM4NLih0xOfusO/0ze
IZSKTv6NpaHNT3ClNUkokLFNrKR+hXor9drYfOkAGoSHDRjycBugU/YlI/1NStEF
ipPoujF7kyE8htEe2exXrJ9L1mydTKNaIKzX4KdNfZa49efVIP8bY8cuYVnXQ5WD
Ii9ZdjTyLiRzTN1gKy62V+DS9Azip/orQHx7J4vHepKmtIij9w4Eh2VsxfeVK5UJ
E+SaAFux
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:10 2025 by rpki-client