Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/ysPlAYkNAU5CulvaMNZNZKM9Yps.roa
File: ysPlAYkNAU5CulvaMNZNZKM9Yps.roa (raw, json)
Hash identifier: pZ+zlDJdId2k92Ao/bQ+ymfSsMBOPh2LIV8ARmOwAIk=
Subject key identifier: CA:C3:E5:01:89:0D:01:4E:42:BA:5B:DA:30:D6:4D:64:A3:3D:62:9B
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 018CC500087576CBAEFCAB249F115492170C
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/ysPlAYkNAU5CulvaMNZNZKM9Yps.roa
Signing time: Mon 01 Jan 2024 12:29:22 +0000
ROA not before: Mon 01 Jan 2024 12:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198034
IP address blocks: 185.153.28.0/23 maxlen: 23
185.153.30.0/23 maxlen: 23
45.10.44.0/24 maxlen: 24
2a12:9240::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 May 2024 14:20:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:08:75:76:cb:ae:fc:ab:24:9f:11:54:92:17:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Jan 1 12:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cac3e501890d014e42ba5bda30d64d64a33d629b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ae:42:81:0e:86:66:f9:36:65:95:a3:7f:e5:
9a:fd:e7:c1:0d:7b:45:40:97:c6:d1:f2:c3:3f:8f:
4d:ad:00:78:19:26:49:36:8f:37:51:d9:e5:46:35:
0b:b4:66:50:02:89:55:f0:35:72:8d:4e:63:04:6a:
46:39:92:c3:26:b8:5e:87:c4:da:c8:5a:3d:9f:6c:
24:44:be:d4:a8:29:4c:fd:38:e1:94:14:07:d1:93:
14:c3:21:12:66:b0:ac:d5:ea:ac:8f:64:7f:25:5a:
f1:56:ff:1c:52:bf:b3:77:17:fb:e3:61:a5:f9:69:
9f:17:9a:e1:cd:cd:91:2a:42:a3:16:83:3b:7d:6e:
54:3f:0f:48:d0:e2:47:1b:80:0f:68:80:ba:49:dd:
bb:d8:c4:72:72:48:c7:80:24:5f:21:a5:33:ce:25:
46:68:e9:a9:cd:6e:cd:a0:6c:ba:9d:4f:56:5b:34:
e5:26:6a:5e:3f:d1:87:f0:22:dd:aa:ea:0c:97:79:
b5:6e:bc:01:2e:5f:57:e8:40:74:be:60:30:6a:63:
be:40:20:16:f7:35:6e:79:2e:5b:0f:c1:db:db:14:
1d:f3:77:a5:0d:88:b9:d6:60:df:29:ef:c3:90:21:
5a:ac:4e:b2:28:c6:a4:b0:9c:44:b1:ae:60:49:7f:
76:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C3:E5:01:89:0D:01:4E:42:BA:5B:DA:30:D6:4D:64:A3:3D:62:9B
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/ysPlAYkNAU5CulvaMNZNZKM9Yps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.44.0/24
185.153.28.0/22
IPv6:
2a12:9240::/32
Signature Algorithm: sha256WithRSAEncryption
79:c7:a6:29:69:ff:3e:1a:23:12:47:03:08:04:1f:63:e1:d2:
ab:cf:66:2c:16:2d:07:f2:9a:5d:a5:5c:3f:6f:b9:90:8b:e3:
5f:54:d9:e5:d6:49:39:63:87:48:69:9a:eb:30:c7:06:1e:b8:
ee:cf:1c:2c:a5:e1:11:a7:67:cd:73:7f:4a:d2:37:a3:01:f9:
83:c6:90:a0:c3:e2:9e:ed:25:17:77:d5:2a:4e:fa:dc:9d:58:
2b:cf:4b:4e:45:3b:52:3f:e7:12:c9:82:18:a0:42:e1:c5:b4:
d4:b2:d3:67:b0:52:5b:30:81:b7:85:3d:c2:b1:77:13:58:ba:
5a:fa:33:b9:70:2f:2c:19:9b:29:59:b1:17:c9:a0:3c:9d:1c:
1b:b5:41:82:8c:62:0d:99:7f:ee:dc:fb:93:6a:a0:a9:db:f9:
c5:0d:0b:db:28:cb:da:bf:6f:eb:57:34:96:4f:a3:61:bc:5c:
ef:d2:ed:6e:9f:eb:2d:e2:93:30:83:34:4c:ea:99:b2:5f:9d:
28:d3:d5:8c:37:5d:a8:e1:d2:0f:cf:c8:e4:ef:71:ea:7b:f2:
39:f3:d3:97:fe:49:fe:4d:4f:10:cc:ed:5b:ca:8b:20:8b:62:
82:92:a8:cb:b0:ac:14:0c:87:01:e8:ae:9f:1e:24:3d:d1:7a:
82:73:50:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAAh1dsuu/KsknxFUkhcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjQwMTAxMTIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMzZTUwMTg5MGQwMTRlNDJiYTViZGEzMGQ2NGQ2NGEzM2Q2MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK5CgQ6GZvk2ZZWjf+Wa/efBDXtF
QJfG0fLDP49NrQB4GSZJNo83UdnlRjULtGZQAolV8DVyjU5jBGpGOZLDJrheh8Ta
yFo9n2wkRL7UqClM/TjhlBQH0ZMUwyESZrCs1eqsj2R/JVrxVv8cUr+zdxf742Gl
+WmfF5rhzc2RKkKjFoM7fW5UPw9I0OJHG4APaIC6Sd272MRyckjHgCRfIaUzziVG
aOmpzW7NoGy6nU9WWzTlJmpeP9GH8CLdquoMl3m1brwBLl9X6EB0vmAwamO+QCAW
9zVueS5bD8Hb2xQd83elDYi51mDfKe/DkCFarE6yKMaksJxEsa5gSX92gQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMrD5QGJDQFOQrpb2jDWTWSjPWKbMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEveXNQbEFZa05BVTVDdWx2YU1OWk5aS005WXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQosAwQC
uZkcMA0EAgACMAcDBQAqEpJAMA0GCSqGSIb3DQEBCwUAA4IBAQB5x6Ypaf8+GiMS
RwMIBB9j4dKrz2YsFi0H8ppdpVw/b7mQi+NfVNnl1kk5Y4dIaZrrMMcGHrjuzxws
peERp2fNc39K0jejAfmDxpCgw+Ke7SUXd9UqTvrcnVgrz0tORTtSP+cSyYIYoELh
xbTUstNnsFJbMIG3hT3CsXcTWLpa+jO5cC8sGZspWbEXyaA8nRwbtUGCjGINmX/u
3PuTaqCp2/nFDQvbKMvav2/rVzSWT6NhvFzv0u1un+st4pMwgzRM6pmyX50o09WM
N12o4dIPz8jk73Hqe/I589OX/kn+TU8QzO1byosgi2KCkqjLsKwUDIcB6K6fHiQ9
0XqCc1D4
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:37 2025 by rpki-client