Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2f5a1d-f94a-4bb0-a014-e451b5907ea4/1/yX23dugcsDgbcq_9RuZnehHN7Ck.roa
File: yX23dugcsDgbcq_9RuZnehHN7Ck.roa (raw, json)
Hash identifier: mty4538GE2grWpJU8OOC34wl8vXIO/TrVW4rdSDHGb0=
Subject key identifier: C9:7D:B7:76:E8:1C:B0:38:1B:72:AF:FD:46:E6:67:7A:11:CD:EC:29
Certificate issuer: /CN=02c34f8373be7ffb1a35eb38860565bc3c451be6
Certificate serial: 018CC5DC3B1578875F76758BA1E4DF7D684C
Authority key identifier: 02:C3:4F:83:73:BE:7F:FB:1A:35:EB:38:86:05:65:BC:3C:45:1B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsNPg3O-f_saNes4hgVlvDxFG-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2f5a1d-f94a-4bb0-a014-e451b5907ea4/1/yX23dugcsDgbcq_9RuZnehHN7Ck.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29605
IP address blocks: 185.207.44.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3b:15:78:87:5f:76:75:8b:a1:e4:df:7d:68:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02c34f8373be7ffb1a35eb38860565bc3c451be6
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c97db776e81cb0381b72affd46e6677a11cdec29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:14:e4:ee:ce:8f:ed:b4:b7:8a:57:75:42:c6:
c0:87:6f:52:a6:7a:42:0f:2f:bd:a4:42:88:65:5e:
de:83:75:27:3e:cd:2e:0f:38:a0:27:e2:5c:e8:f6:
bb:40:44:8a:ab:de:75:88:e9:d1:0c:0d:6a:2b:7c:
19:03:89:a9:9f:db:cd:76:b0:37:b0:e7:e4:5e:30:
11:dd:99:ad:fe:9c:6d:a1:f7:57:74:3f:05:e9:92:
c2:04:53:a2:9f:d0:c0:f5:56:11:3b:ef:80:68:50:
f7:e3:1d:95:e5:32:21:e9:60:6d:88:31:65:2d:a3:
60:c4:1e:03:dc:cd:cd:72:77:40:33:91:3b:2a:cf:
d1:be:bf:81:16:af:19:3c:96:97:22:f1:88:54:9b:
e8:79:cf:ce:4e:d4:d7:ba:d4:19:1e:02:e6:cb:19:
78:44:e1:f2:5a:0e:2a:d5:a5:92:ed:a4:fe:f6:df:
4c:fa:6b:07:6b:3b:61:10:3d:74:b0:2a:51:5c:f9:
23:1f:62:8f:bf:19:8b:96:90:b5:cc:38:32:04:47:
29:13:a5:77:6d:5f:c9:ec:65:a0:b6:51:2d:79:e5:
a3:d7:00:aa:e4:45:12:66:88:9c:ea:77:37:d9:8b:
91:8b:13:9a:3c:7f:e0:a9:95:f3:3f:11:96:57:00:
18:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7D:B7:76:E8:1C:B0:38:1B:72:AF:FD:46:E6:67:7A:11:CD:EC:29
X509v3 Authority Key Identifier:
keyid:02:C3:4F:83:73:BE:7F:FB:1A:35:EB:38:86:05:65:BC:3C:45:1B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsNPg3O-f_saNes4hgVlvDxFG-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2f5a1d-f94a-4bb0-a014-e451b5907ea4/1/yX23dugcsDgbcq_9RuZnehHN7Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2f5a1d-f94a-4bb0-a014-e451b5907ea4/1/AsNPg3O-f_saNes4hgVlvDxFG-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.44.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:54:c1:00:1d:bd:02:90:52:8c:a9:9b:94:c4:03:df:d0:24:
97:93:5b:0a:90:6d:a7:d2:50:2a:b1:98:d7:d1:5d:34:22:a6:
7f:01:f2:df:b2:6c:7e:55:fa:e8:11:ed:ad:d2:32:3f:24:4b:
42:0b:d8:6d:49:b2:33:b8:02:a1:ca:bc:9c:bb:ba:d9:50:b0:
5e:a1:76:ce:11:d1:b1:74:66:7b:8f:c5:eb:84:4b:48:95:0e:
45:80:44:2c:86:18:4e:60:2e:ab:ec:07:56:d6:30:45:2b:b3:
5e:1d:9b:ab:d6:f5:1f:fb:12:da:3c:d3:76:cd:47:e1:9a:74:
76:a8:9e:3f:d1:f1:9f:96:0b:bc:ce:a4:d9:25:34:e9:b8:69:
86:7d:c1:d4:89:3d:62:c3:f2:8a:37:63:77:9c:14:ba:0b:aa:
73:9f:b7:e0:f6:67:9f:23:00:19:e8:6a:26:2c:4c:c2:31:4a:
9b:6f:08:ac:9f:4c:58:ab:18:b8:ad:51:c3:c5:b6:57:a7:77:
be:37:11:e0:fb:2e:e4:46:10:a3:f3:24:e7:ec:e0:15:8a:cf:
90:d1:ed:8d:a0:82:1d:6e:4a:f4:6a:28:af:43:f3:56:f9:e8:
b2:37:e4:ba:19:fb:9e:a7:25:ff:e7:ac:19:67:c7:d1:8c:af:
6d:69:cd:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3DsVeIdfdnWLoeTffWhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYzM0ZjgzNzNiZTdmZmIxYTM1ZWIzODg2MDU2NWJjM2M0
NTFiZTYwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdkYjc3NmU4MWNiMDM4MWI3MmFmZmQ0NmU2Njc3YTExY2RlYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxTk7s6P7bS3ild1QsbAh29SpnpC
Dy+9pEKIZV7eg3UnPs0uDzigJ+Jc6Pa7QESKq951iOnRDA1qK3wZA4mpn9vNdrA3
sOfkXjAR3Zmt/pxtofdXdD8F6ZLCBFOin9DA9VYRO++AaFD34x2V5TIh6WBtiDFl
LaNgxB4D3M3NcndAM5E7Ks/Rvr+BFq8ZPJaXIvGIVJvoec/OTtTXutQZHgLmyxl4
ROHyWg4q1aWS7aT+9t9M+msHazthED10sCpRXPkjH2KPvxmLlpC1zDgyBEcpE6V3
bV/J7GWgtlEteeWj1wCq5EUSZoic6nc32YuRixOaPH/gqZXzPxGWVwAY6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl9t3boHLA4G3Kv/UbmZ3oRzewpMB8GA1UdIwQY
MBaAFALDT4Nzvn/7GjXrOIYFZbw8RRvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXNOUGczTy1mX3NhTmVzNGhnVmx2RHhGRy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yZjVhMWQtZjk0YS00YmIwLWEwMTQt
ZTQ1MWI1OTA3ZWE0LzEveVgyM2R1Z2NzRGdiY3FfOVJ1Wm5laEhON0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yZjVhMWQtZjk0YS00YmIwLWEwMTQtZTQ1MWI1OTA3ZWE0
LzEvQXNOUGczTy1mX3NhTmVzNGhnVmx2RHhGRy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuc8sMA0G
CSqGSIb3DQEBCwUAA4IBAQCMVMEAHb0CkFKMqZuUxAPf0CSXk1sKkG2n0lAqsZjX
0V00IqZ/AfLfsmx+VfroEe2t0jI/JEtCC9htSbIzuAKhyrycu7rZULBeoXbOEdGx
dGZ7j8XrhEtIlQ5FgEQshhhOYC6r7AdW1jBFK7NeHZur1vUf+xLaPNN2zUfhmnR2
qJ4/0fGflgu8zqTZJTTpuGmGfcHUiT1iw/KKN2N3nBS6C6pzn7fg9mefIwAZ6Gom
LEzCMUqbbwisn0xYqxi4rVHDxbZXp3e+NxHg+y7kRhCj8yTn7OAVis+Q0e2NoIId
bkr0aiivQ/NW+eiyN+S6GfuepyX/56wZZ8fRjK9tac1q
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:12 2025 by rpki-client