Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/y5E34c8VDkzPrr_ypYdj-crN5tk.roa
File: y5E34c8VDkzPrr_ypYdj-crN5tk.roa (raw, json)
Hash identifier: mhl62JeM+fFUDHjm4fzZfbYlqaKaEYdZruZYBm1pVOs=
Subject key identifier: CB:91:37:E1:CF:15:0E:4C:CF:AE:BF:F2:A5:87:63:F9:CA:CD:E6:D9
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018CCA2B0C1F6E216C886BF972B7B97E6A23
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/y5E34c8VDkzPrr_ypYdj-crN5tk.roa
Signing time: Tue 02 Jan 2024 12:34:27 +0000
ROA not before: Tue 02 Jan 2024 12:34:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200856
IP address blocks: 212.19.58.0/24 maxlen: 32
2a02:2e0:406::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:0c:1f:6e:21:6c:88:6b:f9:72:b7:b9:7e:6a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 2 12:34:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb9137e1cf150e4ccfaebff2a58763f9cacde6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:96:3d:4f:e3:de:83:1d:cf:c2:9d:57:aa:
f1:f1:3d:f9:2a:08:a3:a1:b4:ab:d3:f1:05:a8:bd:
ea:e2:45:d7:9b:a6:8c:7c:e9:8d:f4:75:fc:98:ae:
a8:b3:00:ed:77:6e:b7:12:37:38:6f:cb:51:89:2f:
38:b7:f4:9a:ec:bc:d1:e3:79:52:c3:09:1d:b7:86:
75:86:46:04:35:20:2f:5e:a3:89:f6:7d:06:1c:96:
34:21:ed:cf:c9:bc:3b:b6:01:7e:45:40:62:7f:36:
72:e0:14:bf:e6:22:f4:20:91:9d:95:7d:c9:66:dc:
38:72:c6:be:f9:81:f5:f0:bd:e5:18:23:40:8f:9f:
4a:c1:6e:5c:14:23:fb:bd:5d:48:13:58:39:d1:8d:
3f:82:e1:61:3d:25:72:8e:8e:40:14:a8:c1:7b:d8:
a2:de:81:a6:8e:54:83:22:11:d8:73:15:b3:f2:dc:
ed:35:9d:5c:06:35:f2:8a:c0:9f:5f:e5:85:31:b4:
75:42:c3:ae:1f:d5:2a:d5:b4:c9:27:0c:b9:85:bd:
be:7d:01:95:1c:cf:41:f0:bc:a9:88:d9:a1:e9:cf:
b2:62:1c:76:24:b6:aa:16:15:a0:e6:a9:3e:ff:b1:
98:d1:bc:e9:24:c2:0f:2b:7d:49:e6:bb:02:93:b9:
fb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:91:37:E1:CF:15:0E:4C:CF:AE:BF:F2:A5:87:63:F9:CA:CD:E6:D9
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/y5E34c8VDkzPrr_ypYdj-crN5tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.19.58.0/24
IPv6:
2a02:2e0:406::/48
Signature Algorithm: sha256WithRSAEncryption
74:07:7c:12:7c:01:66:41:8f:41:36:f3:d7:10:55:a5:60:1e:
2c:94:a3:26:bd:b6:f1:13:2e:79:a7:e7:96:a9:fe:76:a7:fb:
d0:9c:46:7b:2c:1c:1c:6b:01:18:22:33:b3:d9:9c:cc:cb:11:
b1:24:db:19:cd:eb:51:5b:50:17:03:a6:fa:8c:64:29:92:91:
e6:08:e1:80:3c:e4:0f:75:f8:f3:e6:98:8f:a3:b2:dc:29:bf:
ac:9b:da:25:22:3c:c4:63:15:b7:c3:a9:e3:49:a0:f2:d9:67:
18:d6:1f:62:02:6c:90:fc:65:6b:18:7e:95:6d:de:e5:30:31:
0b:db:16:83:9e:58:f4:91:f1:51:8a:42:5b:b5:10:dd:bf:e0:
d3:4b:42:1b:d4:c3:de:12:ae:b3:65:ea:b6:e5:a4:57:52:85:
c7:01:82:10:19:5d:37:ba:6c:70:6f:63:af:34:9c:38:79:07:
a1:06:fd:db:60:50:75:f5:56:b3:77:9b:38:30:5c:76:47:a9:
30:6d:a3:d3:20:bd:27:61:bd:7c:e9:29:0b:da:26:6e:c3:f6:
bf:51:b5:da:8d:6c:63:cc:9a:2a:a5:b7:ad:d4:1f:90:ac:1e:
19:2c:97:a5:84:29:89:4a:69:84:83:b4:52:c6:b8:33:9a:aa:
40:fa:25:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKwwfbiFsiGv5cre5fmojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMTAyMTIzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjkxMzdlMWNmMTUwZTRjY2ZhZWJmZjJhNTg3NjNmOWNhY2RlNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLGWPU/j3oMdz8KdV6rx8T35Kgij
obSr0/EFqL3q4kXXm6aMfOmN9HX8mK6oswDtd263Ejc4b8tRiS84t/Sa7LzR43lS
wwkdt4Z1hkYENSAvXqOJ9n0GHJY0Ie3Pybw7tgF+RUBifzZy4BS/5iL0IJGdlX3J
Ztw4csa++YH18L3lGCNAj59KwW5cFCP7vV1IE1g50Y0/guFhPSVyjo5AFKjBe9ii
3oGmjlSDIhHYcxWz8tztNZ1cBjXyisCfX+WFMbR1QsOuH9Uq1bTJJwy5hb2+fQGV
HM9B8LypiNmh6c+yYhx2JLaqFhWg5qk+/7GY0bzpJMIPK31J5rsCk7n7uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMuRN+HPFQ5Mz66/8qWHY/nKzebZMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEveTVFMzRjOFZEa3pQcnJfeXBZZGotY3JONXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1BM6MA8E
AgACMAkDBwAqAgLgBAYwDQYJKoZIhvcNAQELBQADggEBAHQHfBJ8AWZBj0E289cQ
VaVgHiyUoya9tvETLnmn55ap/nan+9CcRnssHBxrARgiM7PZnMzLEbEk2xnN61Fb
UBcDpvqMZCmSkeYI4YA85A91+PPmmI+jstwpv6yb2iUiPMRjFbfDqeNJoPLZZxjW
H2ICbJD8ZWsYfpVt3uUwMQvbFoOeWPSR8VGKQlu1EN2/4NNLQhvUw94SrrNl6rbl
pFdShccBghAZXTe6bHBvY680nDh5B6EG/dtgUHX1VrN3mzgwXHZHqTBto9MgvSdh
vXzpKQvaJm7D9r9RtdqNbGPMmiqlt63UH5CsHhksl6WEKYlKaYSDtFLGuDOaqkD6
JZg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:23 2025 by rpki-client