Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/hyzLhdLyPuQbcnyiWljd1Q1VCSc.roa
File: hyzLhdLyPuQbcnyiWljd1Q1VCSc.roa (raw, json)
Hash identifier: OU1gY1/eic8wd2Okr1VZm+8xMd1V47Bcn1TP60NoRmY=
Subject key identifier: 87:2C:CB:85:D2:F2:3E:E4:1B:72:7C:A2:5A:58:DD:D5:0D:55:09:27
Certificate issuer: /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial: 018CC8DF75120A720143EA187C8C9EAF3131
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/hyzLhdLyPuQbcnyiWljd1Q1VCSc.roa
Signing time: Tue 02 Jan 2024 06:32:16 +0000
ROA not before: Tue 02 Jan 2024 06:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 178.236.226.0/24 maxlen: 24
178.236.235.0/24 maxlen: 24
185.2.50.0/23 maxlen: 24
185.2.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 14:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:75:12:0a:72:01:43:ea:18:7c:8c:9e:af:31:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Validity
Not Before: Jan 2 06:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=872ccb85d2f23ee41b727ca25a58ddd50d550927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:45:ee:15:7f:2b:6f:91:08:01:bd:a5:db:77:
8f:07:9c:8c:ca:4e:e7:ff:cb:42:e8:24:f4:45:d6:
16:20:45:5b:30:49:6c:25:4b:50:0f:58:ea:b0:e2:
bc:e6:74:bc:95:09:36:4b:01:b6:b3:94:6b:af:12:
07:25:57:8e:66:92:bd:a1:33:a0:0e:7b:cb:06:dd:
2c:94:f9:c0:e5:0d:c7:aa:ca:57:7a:16:2b:6d:d4:
18:66:33:a8:1d:d9:6d:48:11:0c:42:59:09:04:34:
6f:b8:8b:34:fa:83:48:47:9a:b2:28:a4:71:38:01:
18:2e:6a:48:41:bb:33:ad:58:57:a4:6d:27:b1:38:
61:d0:d3:8d:8c:fc:75:63:23:af:80:9f:ed:31:ab:
98:00:19:4a:cb:5f:08:85:a0:fc:86:d6:a9:b9:90:
f8:fd:62:d2:47:ee:56:0b:90:7a:0a:2c:d8:6b:2f:
4b:55:17:63:86:f2:62:93:56:85:2d:8c:a1:5d:c5:
8a:ca:f1:75:14:3e:53:24:ec:24:c2:26:40:c3:22:
64:db:84:44:81:c9:77:6d:bc:fe:15:46:00:4d:50:
1c:44:52:72:bf:0d:d0:73:ed:e1:fd:aa:02:cf:7e:
4c:6d:ef:ed:6b:0f:b1:9c:04:67:f7:ae:f5:d7:1a:
bf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:CB:85:D2:F2:3E:E4:1B:72:7C:A2:5A:58:DD:D5:0D:55:09:27
X509v3 Authority Key Identifier:
keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/hyzLhdLyPuQbcnyiWljd1Q1VCSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.226.0/24
178.236.235.0/24
185.2.49.0-185.2.51.255
Signature Algorithm: sha256WithRSAEncryption
8b:20:da:91:65:78:07:14:c9:1b:8e:03:05:ce:f0:79:01:d3:
3f:c6:f3:44:68:50:16:f6:8e:77:3a:c2:46:bd:cc:83:7e:ef:
ad:1d:40:0e:de:e3:03:89:41:85:f6:6f:72:1a:f3:21:a9:f0:
a4:92:5e:13:6b:76:9c:8a:06:d9:6f:f3:2c:74:bc:f6:2d:90:
c3:75:d7:74:69:36:ab:ff:b0:a6:a2:5c:ee:a6:0b:35:f8:c8:
1c:f7:a0:7c:65:c1:5f:ce:4a:77:af:83:78:86:79:17:6d:c8:
42:72:03:72:06:8d:08:3a:bc:1b:df:ee:6f:ba:2f:01:95:a3:
d4:4a:b7:af:a2:3c:8c:aa:e1:4d:0d:1f:f4:ee:b0:d1:c7:1b:
1f:0d:37:8d:dc:57:d4:88:da:00:b5:c8:f5:87:67:e2:70:d4:
37:2b:73:a2:d4:13:e7:2d:01:5e:29:90:14:13:32:1b:98:5b:
1e:0b:7b:f1:97:ca:3b:25:78:14:43:0d:fa:4e:ee:a0:70:b9:
d5:b6:fe:aa:e9:1c:54:b2:54:08:57:42:fd:f9:f6:75:09:d8:
df:1c:f1:ce:e0:9b:29:e2:79:45:91:18:b3:cb:58:75:1e:de:
9f:cc:0a:da:d8:28:55:40:67:ee:4e:c8:be:7b:a5:46:f2:ad:
2b:d7:33:49
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzI33USCnIBQ+oYfIyerzExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjQwMTAyMDYzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJjY2I4NWQyZjIzZWU0MWI3MjdjYTI1YTU4ZGRkNTBkNTUwOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0XuFX8rb5EIAb2l23ePB5yMyk7n
/8tC6CT0RdYWIEVbMElsJUtQD1jqsOK85nS8lQk2SwG2s5RrrxIHJVeOZpK9oTOg
DnvLBt0slPnA5Q3HqspXehYrbdQYZjOoHdltSBEMQlkJBDRvuIs0+oNIR5qyKKRx
OAEYLmpIQbszrVhXpG0nsThh0NONjPx1YyOvgJ/tMauYABlKy18IhaD8htapuZD4
/WLSR+5WC5B6CizYay9LVRdjhvJik1aFLYyhXcWKyvF1FD5TJOwkwiZAwyJk24RE
gcl3bbz+FUYATVAcRFJyvw3Qc+3h/aoCz35Mbe/taw+xnARn96711xq/DwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIcsy4XS8j7kG3J8olpY3dUNVQknMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvaHl6TGhkTHlQdVFiY255aVdsamQxUTFWQ1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAsuziAwQA
suzrMAwDBAC5AjEDBAK5AjAwDQYJKoZIhvcNAQELBQADggEBAIsg2pFleAcUyRuO
AwXO8HkB0z/G80RoUBb2jnc6wka9zIN+760dQA7e4wOJQYX2b3Ia8yGp8KSSXhNr
dpyKBtlv8yx0vPYtkMN113RpNqv/sKaiXO6mCzX4yBz3oHxlwV/OSnevg3iGeRdt
yEJyA3IGjQg6vBvf7m+6LwGVo9RKt6+iPIyq4U0NH/TusNHHGx8NN43cV9SI2gC1
yPWHZ+Jw1Dcrc6LUE+ctAV4pkBQTMhuYWx4Le/GXyjsleBRDDfpO7qBwudW2/qrp
HFSyVAhXQv359nUJ2N8c8c7gmynieUWRGLPLWHUe3p/MCtrYKFVAZ+5OyL57pUby
rSvXM0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:19 2024 by rpki-client on console-fra.rpki-client.org