Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/y_tQrkCpAwd_fd1pAGH6dz-SNl4.roa
File: y_tQrkCpAwd_fd1pAGH6dz-SNl4.roa (raw, json)
Hash identifier: vXHCJUCT/ZDtAmiWxCZCCTsQUynZ0Lf65yO4+v0vbLg=
Subject key identifier: CB:FB:50:AE:40:A9:03:07:7F:7D:DD:69:00:61:FA:77:3F:92:36:5E
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019527520A521807D9BC80AA4F145743FB2A
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/y_tQrkCpAwd_fd1pAGH6dz-SNl4.roa
Signing time: Fri 21 Feb 2025 07:04:02 +0000
ROA not before: Fri 21 Feb 2025 07:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 2.56.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 15:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:0a:52:18:07:d9:bc:80:aa:4f:14:57:43:fb:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Feb 21 07:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbfb50ae40a903077f7ddd690061fa773f92365e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ae:b4:a2:9b:08:a4:44:74:93:b8:5b:8e:b5:
c9:9b:b0:de:54:5e:5f:7b:aa:fa:0b:64:07:51:b5:
7f:e5:fa:22:05:a6:7f:38:22:99:15:e5:2d:57:99:
ec:c9:5b:fe:43:36:3c:e8:33:46:aa:ec:f8:44:df:
2f:bc:b5:e9:f2:e9:ba:51:15:9c:d8:c8:33:a6:6d:
0a:ef:9d:94:bc:64:a0:4a:b3:2e:cc:26:63:5a:6f:
12:f3:90:51:eb:ee:94:be:b0:c7:8e:ca:59:b4:b8:
7e:e4:27:d6:27:c6:80:fc:db:dc:27:3a:c8:c4:1a:
c8:a3:ab:5d:8b:6f:5d:04:36:56:b1:67:cf:c4:29:
a0:8e:eb:14:8e:63:3e:fd:24:f7:6c:35:48:e2:11:
e0:d3:e2:89:60:c1:24:f2:c5:97:a0:64:f9:4b:b5:
7d:82:d3:1a:1d:19:8b:69:f3:52:8b:d7:7f:4f:b5:
2f:f6:79:13:0a:8f:57:4d:b5:f6:70:05:a4:6e:3b:
e6:ba:61:82:c6:e1:7f:b9:fd:3b:fd:c6:a8:f5:c5:
36:01:14:5a:dc:ec:d4:cd:b4:f8:0b:55:9c:38:59:
3d:bc:ca:7a:b0:8a:0a:c4:7f:09:73:14:3d:f8:6e:
eb:5d:a2:74:0f:a1:a1:67:79:d5:ec:d8:11:6c:f3:
93:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FB:50:AE:40:A9:03:07:7F:7D:DD:69:00:61:FA:77:3F:92:36:5E
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/y_tQrkCpAwd_fd1pAGH6dz-SNl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.137.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:01:ee:c3:d1:8f:16:f8:14:c0:97:04:58:19:2a:41:62:35:
d8:10:4b:22:16:55:5f:f2:7f:1f:3f:74:5f:2c:61:81:fd:2b:
e6:0b:c0:16:7b:a4:66:5b:fa:05:cc:e6:68:dd:f7:dd:b7:64:
3d:3a:af:36:ba:76:01:56:1f:16:58:47:fa:9a:15:35:0b:50:
77:3c:16:0b:74:70:7e:9c:c6:55:4b:89:9c:8e:98:ee:53:f2:
cc:42:54:15:93:72:c9:3e:89:1e:ac:3c:2e:67:57:4d:e2:c1:
16:66:1c:4d:3e:b0:14:3e:f8:37:b5:4d:c1:4f:96:a5:ac:6d:
e3:43:9d:5e:ba:70:33:20:33:dc:fd:03:d5:5b:84:c9:64:3c:
15:b3:30:a2:8c:0b:69:da:8c:bc:39:1b:39:37:8e:69:dc:f9:
6c:d8:c7:33:3f:6d:ba:65:bf:f1:73:34:8e:87:83:25:bf:e3:
00:1f:23:4b:d6:ca:98:cd:7a:3c:f6:84:2f:a9:79:4c:56:c8:
63:f4:11:8d:08:ec:2a:6f:7b:8f:7c:73:dc:81:0b:e9:47:26:
94:e8:2f:51:35:a1:3e:d7:92:4a:ea:b1:94:05:e4:67:31:08:
45:9b:b6:88:7c:4d:82:40:76:ea:51:51:3a:07:fb:96:a4:1a:
7f:b4:8c:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUnUgpSGAfZvICqTxRXQ/sqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMjIxMDcwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmZiNTBhZTQwYTkwMzA3N2Y3ZGRkNjkwMDYxZmE3NzNmOTIzNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9q60opsIpER0k7hbjrXJm7DeVF5f
e6r6C2QHUbV/5foiBaZ/OCKZFeUtV5nsyVv+QzY86DNGquz4RN8vvLXp8um6URWc
2Mgzpm0K752UvGSgSrMuzCZjWm8S85BR6+6UvrDHjspZtLh+5CfWJ8aA/NvcJzrI
xBrIo6tdi29dBDZWsWfPxCmgjusUjmM+/ST3bDVI4hHg0+KJYMEk8sWXoGT5S7V9
gtMaHRmLafNSi9d/T7Uv9nkTCo9XTbX2cAWkbjvmumGCxuF/uf07/cao9cU2ARRa
3OzUzbT4C1WcOFk9vMp6sIoKxH8JcxQ9+G7rXaJ0D6GhZ3nV7NgRbPOTnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMv7UK5AqQMHf33daQBh+nc/kjZeMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEveV90UXJrQ3BBd2RfZmQxcEFHSDZkei1TTmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjiJMA0G
CSqGSIb3DQEBCwUAA4IBAQBtAe7D0Y8W+BTAlwRYGSpBYjXYEEsiFlVf8n8fP3Rf
LGGB/SvmC8AWe6RmW/oFzOZo3ffdt2Q9Oq82unYBVh8WWEf6mhU1C1B3PBYLdHB+
nMZVS4mcjpjuU/LMQlQVk3LJPokerDwuZ1dN4sEWZhxNPrAUPvg3tU3BT5alrG3j
Q51eunAzIDPc/QPVW4TJZDwVszCijAtp2oy8ORs5N45p3Pls2MczP226Zb/xczSO
h4Mlv+MAHyNL1sqYzXo89oQvqXlMVshj9BGNCOwqb3uPfHPcgQvpRyaU6C9RNaE+
15JK6rGUBeRnMQhFm7aIfE2CQHbqUVE6B/uWpBp/tIxU
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:28:40 2025 by rpki-client