Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3496a4-cc9f-4419-ad81-aaa2380982bc/1/bYuykGnfzpsdmLdIsc87u24XRQI.roa
File: bYuykGnfzpsdmLdIsc87u24XRQI.roa (raw, json)
Hash identifier: DLiVio68o7ffcLioMRMQAZvO5G1jod2sLRFTPzDrmEw=
Subject key identifier: 6D:8B:B2:90:69:DF:CE:9B:1D:98:B7:48:B1:CF:3B:BB:6E:17:45:02
Certificate issuer: /CN=79d437584abdb48213630dcaa5f00c9d2c3cc179
Certificate serial: 018CC7950B670D6F3E209E1CCC5506C83E84
Authority key identifier: 79:D4:37:58:4A:BD:B4:82:13:63:0D:CA:A5:F0:0C:9D:2C:3C:C1:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edQ3WEq9tIITYw3KpfAMnSw8wXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3496a4-cc9f-4419-ad81-aaa2380982bc/1/bYuykGnfzpsdmLdIsc87u24XRQI.roa
Signing time: Tue 02 Jan 2024 00:31:22 +0000
ROA not before: Tue 02 Jan 2024 00:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203183
IP address blocks: 185.143.92.0/22 maxlen: 24
144.2.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:0b:67:0d:6f:3e:20:9e:1c:cc:55:06:c8:3e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d437584abdb48213630dcaa5f00c9d2c3cc179
Validity
Not Before: Jan 2 00:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d8bb29069dfce9b1d98b748b1cf3bbb6e174502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d0:8d:32:e7:c8:7a:f4:d8:ab:23:55:eb:1a:
b9:59:22:7e:4c:15:84:6f:9e:c1:d1:9d:cc:e2:93:
1b:61:cb:b7:55:4e:d8:67:78:48:31:50:3e:d9:dd:
bf:b9:91:84:21:19:fd:8f:a6:da:73:1d:b2:19:94:
f0:21:12:77:68:d7:d6:dd:20:1b:41:35:91:17:cb:
55:5b:67:9a:23:32:e6:cf:42:d9:18:8b:a9:1a:c6:
38:02:a5:fe:39:26:ce:4e:f8:d7:ac:76:a3:6f:31:
2a:9c:71:7a:3c:43:da:c7:a7:1d:42:07:33:ea:3e:
0c:8d:10:05:e0:d0:3a:e2:05:fd:f9:c9:d7:58:32:
ba:0f:b5:92:2f:14:e4:4a:42:7c:e5:f2:64:67:b5:
19:ea:9f:a2:7e:63:48:75:ad:24:3d:ae:e2:5b:14:
15:90:3c:db:81:78:e6:38:3e:3f:ad:d9:05:b6:eb:
e3:b0:11:a0:99:32:4a:55:89:70:b9:58:8c:c9:71:
6c:02:9a:83:92:3c:32:52:58:58:53:df:91:d0:23:
72:28:bd:c0:ff:81:dc:63:3c:79:80:4c:2a:b5:00:
43:b6:62:da:12:4e:29:93:d1:0d:d5:c2:ce:72:f9:
25:8d:22:03:98:89:bf:b4:e8:6b:c5:24:41:3d:b8:
66:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8B:B2:90:69:DF:CE:9B:1D:98:B7:48:B1:CF:3B:BB:6E:17:45:02
X509v3 Authority Key Identifier:
keyid:79:D4:37:58:4A:BD:B4:82:13:63:0D:CA:A5:F0:0C:9D:2C:3C:C1:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edQ3WEq9tIITYw3KpfAMnSw8wXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3496a4-cc9f-4419-ad81-aaa2380982bc/1/bYuykGnfzpsdmLdIsc87u24XRQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3496a4-cc9f-4419-ad81-aaa2380982bc/1/edQ3WEq9tIITYw3KpfAMnSw8wXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.160.0/22
185.143.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:8b:ed:4b:a8:19:43:9a:c4:a8:5d:7a:44:ff:f2:9c:3b:1d:
7e:77:ce:8a:81:85:0a:e5:8e:7a:ca:5b:a6:8a:27:16:d9:dc:
e4:e6:b8:04:f0:cf:76:28:0c:04:ca:d3:18:24:a4:75:fe:18:
d5:6f:1d:a9:76:2e:2a:72:c2:19:27:40:c2:75:ed:58:58:5d:
97:46:8b:96:15:11:70:3a:de:0b:ec:7e:10:d7:5e:69:dc:4f:
e7:0e:12:6f:34:6f:e5:d2:5d:7f:19:1e:3e:5c:81:e2:5b:85:
87:5c:a2:f9:01:75:dc:64:b9:7a:21:b0:9d:91:91:bf:a7:5c:
1f:2e:82:b2:ee:bc:fb:b7:0c:60:ed:22:6d:4e:03:d2:0e:17:
7a:9b:7f:f6:40:94:4f:6b:2a:cf:1a:8d:3a:c4:9b:e5:42:1a:
84:06:5a:f6:ff:b7:c5:0b:ab:79:3b:ac:63:e3:25:50:38:72:
80:23:de:d5:e1:2a:cf:83:51:cf:04:43:a1:2f:02:95:72:de:
2b:61:b9:63:22:9b:c2:49:36:6b:ae:1e:17:a2:f4:0d:4c:8d:
59:b7:28:cb:1c:71:f6:ac:93:4a:8f:c6:42:bc:1a:01:7a:36:
85:e5:ca:37:46:9d:9d:8c:28:2a:8c:c0:09:43:e1:6b:7c:e6:
ad:82:25:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlQtnDW8+IJ4czFUGyD6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDQzNzU4NGFiZGI0ODIxMzYzMGRjYWE1ZjAwYzlkMmMz
Y2MxNzkwHhcNMjQwMTAyMDAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhiYjI5MDY5ZGZjZTliMWQ5OGI3NDhiMWNmM2JiYjZlMTc0NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9CNMufIevTYqyNV6xq5WSJ+TBWE
b57B0Z3M4pMbYcu3VU7YZ3hIMVA+2d2/uZGEIRn9j6bacx2yGZTwIRJ3aNfW3SAb
QTWRF8tVW2eaIzLmz0LZGIupGsY4AqX+OSbOTvjXrHajbzEqnHF6PEPax6cdQgcz
6j4MjRAF4NA64gX9+cnXWDK6D7WSLxTkSkJ85fJkZ7UZ6p+ifmNIda0kPa7iWxQV
kDzbgXjmOD4/rdkFtuvjsBGgmTJKVYlwuViMyXFsApqDkjwyUlhYU9+R0CNyKL3A
/4HcYzx5gEwqtQBDtmLaEk4pk9EN1cLOcvkljSIDmIm/tOhrxSRBPbhmRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2LspBp386bHZi3SLHPO7tuF0UCMB8GA1UdIwQY
MBaAFHnUN1hKvbSCE2MNyqXwDJ0sPMF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRRM1dFcTl0SUlUWXczS3BmQU1uU3c4d1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zNDk2YTQtY2M5Zi00NDE5LWFkODEt
YWFhMjM4MDk4MmJjLzEvYll1eWtHbmZ6cHNkbUxkSXNjODd1MjRYUlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zNDk2YTQtY2M5Zi00NDE5LWFkODEtYWFhMjM4MDk4MmJj
LzEvZWRRM1dFcTl0SUlUWXczS3BmQU1uU3c4d1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCkAKgAwQC
uY9cMA0GCSqGSIb3DQEBCwUAA4IBAQBai+1LqBlDmsSoXXpE//KcOx1+d86KgYUK
5Y56ylumiicW2dzk5rgE8M92KAwEytMYJKR1/hjVbx2pdi4qcsIZJ0DCde1YWF2X
RouWFRFwOt4L7H4Q115p3E/nDhJvNG/l0l1/GR4+XIHiW4WHXKL5AXXcZLl6IbCd
kZG/p1wfLoKy7rz7twxg7SJtTgPSDhd6m3/2QJRPayrPGo06xJvlQhqEBlr2/7fF
C6t5O6xj4yVQOHKAI97V4SrPg1HPBEOhLwKVct4rYbljIpvCSTZrrh4XovQNTI1Z
tyjLHHH2rJNKj8ZCvBoBejaF5co3Rp2djCgqjMAJQ+FrfOatgiXK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:44 2025 by rpki-client