Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/yPcEN9P-_ycbqRZxVwtzu1hhzvw.roa
File: yPcEN9P-_ycbqRZxVwtzu1hhzvw.roa (raw, json)
Hash identifier: puLGr2BJe+JBm0jA0O3HeXJ/Fm9RSnmhVeCRwTllgSM=
Subject key identifier: C8:F7:04:37:D3:FE:FF:27:1B:A9:16:71:57:0B:73:BB:58:61:CE:FC
Certificate issuer: /CN=b43258a18cf4d1228e5c79070dfa6331168320c5
Certificate serial: 018CC4934B8B49881882F73E34DFBFE75B3B
Authority key identifier: B4:32:58:A1:8C:F4:D1:22:8E:5C:79:07:0D:FA:63:31:16:83:20:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/yPcEN9P-_ycbqRZxVwtzu1hhzvw.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 144.2.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4b:8b:49:88:18:82:f7:3e:34:df:bf:e7:5b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43258a18cf4d1228e5c79070dfa6331168320c5
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8f70437d3feff271ba91671570b73bb5861cefc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d4:d8:04:5c:8f:ae:0d:67:a2:fb:29:8e:58:
23:e1:c6:72:5e:dd:6b:66:1f:07:79:7b:ad:a6:28:
f0:f8:25:9c:17:cc:14:2b:1e:5e:d3:0f:06:79:22:
6d:d5:10:d4:d7:cb:ed:c9:c3:fc:a0:d7:17:0e:ab:
35:26:e8:ad:6b:88:11:39:db:46:f3:b7:b3:d5:35:
3b:6e:29:56:88:ec:b5:d3:33:7b:c1:0c:5f:9d:80:
71:6c:05:4b:05:d6:db:66:da:45:e9:3b:e2:5c:5f:
5d:d8:57:4e:4d:61:ee:2f:d2:2f:0c:85:e1:b9:23:
43:60:5e:ad:e5:71:c3:c1:ae:31:53:34:20:e6:41:
f9:fc:3e:66:67:53:ba:49:3d:cc:b6:67:15:af:fe:
ec:eb:d1:db:70:a8:7a:3d:61:40:eb:60:de:b4:f4:
75:5e:1b:1d:5d:43:40:11:75:17:15:e6:1f:9a:ae:
d7:4d:7b:21:4e:2a:80:4d:56:c6:0a:12:3f:58:1b:
98:c0:29:b0:c4:70:19:2e:e0:a7:86:51:c6:8a:79:
22:af:d1:2a:3c:f1:c1:b5:1e:f0:c6:3c:06:fe:64:
a4:34:6a:b3:b6:48:38:a6:9f:95:ca:f9:3c:1d:df:
25:e5:99:54:14:5d:72:06:65:e6:d3:b3:51:16:7e:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F7:04:37:D3:FE:FF:27:1B:A9:16:71:57:0B:73:BB:58:61:CE:FC
X509v3 Authority Key Identifier:
keyid:B4:32:58:A1:8C:F4:D1:22:8E:5C:79:07:0D:FA:63:31:16:83:20:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/yPcEN9P-_ycbqRZxVwtzu1hhzvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.154.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:2d:14:42:24:1b:b8:07:13:55:cd:61:eb:e7:f5:26:97:bb:
9b:7d:f8:b7:e7:aa:33:6d:fd:84:0c:93:30:06:85:53:04:d2:
e2:c9:3b:22:7f:c6:1a:dd:85:75:54:2c:bd:e1:bd:10:93:ff:
28:73:d7:5a:3a:aa:1e:f9:bc:98:d9:95:87:8e:41:3f:61:6f:
38:d4:c7:8d:4b:14:27:55:bf:c5:f5:c7:f8:74:c7:5b:c9:d7:
ab:76:c3:54:56:7b:6e:13:42:d9:51:cb:b2:53:c1:3c:9a:a1:
15:4e:86:1d:ff:18:a0:9b:9d:f5:76:3b:41:f9:d3:ea:e9:5f:
37:f1:0e:d0:ad:28:e5:90:5f:d3:cf:82:91:87:0b:c4:f9:29:
2a:fb:bd:d9:db:b9:ea:0e:02:9b:ef:96:17:2b:4a:1e:89:19:
79:6f:ce:91:ac:e0:8b:0d:db:26:91:bd:9e:76:dd:b0:d0:22:
02:e4:a1:37:84:8a:9f:29:bf:6b:c4:a6:b8:39:75:36:2e:8c:
f0:45:9b:ba:97:6f:d3:8a:99:7e:b1:f3:0e:7f:48:ba:91:35:
35:8d:19:7a:75:14:67:d5:0b:75:9f:b0:e4:7b:a4:5e:cb:9a:
d8:c0:6e:72:79:81:9e:34:54:db:08:c4:ae:e1:1d:f7:f7:ef:
bf:2b:e3:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk0uLSYgYgvc+NN+/51s7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzI1OGExOGNmNGQxMjI4ZTVjNzkwNzBkZmE2MzMxMTY4
MzIwYzUwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY3MDQzN2QzZmVmZjI3MWJhOTE2NzE1NzBiNzNiYjU4NjFjZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9TYBFyPrg1novspjlgj4cZyXt1r
Zh8HeXutpijw+CWcF8wUKx5e0w8GeSJt1RDU18vtycP8oNcXDqs1Juita4gROdtG
87ez1TU7bilWiOy10zN7wQxfnYBxbAVLBdbbZtpF6TviXF9d2FdOTWHuL9IvDIXh
uSNDYF6t5XHDwa4xUzQg5kH5/D5mZ1O6ST3MtmcVr/7s69HbcKh6PWFA62DetPR1
XhsdXUNAEXUXFeYfmq7XTXshTiqATVbGChI/WBuYwCmwxHAZLuCnhlHGinkir9Eq
PPHBtR7wxjwG/mSkNGqztkg4pp+Vyvk8Hd8l5ZlUFF1yBmXm07NRFn4K2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMj3BDfT/v8nG6kWcVcLc7tYYc78MB8GA1UdIwQY
MBaAFLQyWKGM9NEijlx5Bw36YzEWgyDFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wM2EzMjUtYTE2OS00NGNlLTg0ZWMt
NTcyOGZiMjRiZjBlLzEveVBjRU45UC1feWNicVJaeFZ3dHp1MWhoenZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wM2EzMjUtYTE2OS00NGNlLTg0ZWMtNTcyOGZiMjRiZjBl
LzEvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkAKaMA0G
CSqGSIb3DQEBCwUAA4IBAQCdLRRCJBu4BxNVzWHr5/Uml7ubffi356ozbf2EDJMw
BoVTBNLiyTsif8Ya3YV1VCy94b0Qk/8oc9daOqoe+byY2ZWHjkE/YW841MeNSxQn
Vb/F9cf4dMdbyderdsNUVntuE0LZUcuyU8E8mqEVToYd/xigm531djtB+dPq6V83
8Q7QrSjlkF/Tz4KRhwvE+Skq+73Z27nqDgKb75YXK0oeiRl5b86RrOCLDdsmkb2e
dt2w0CIC5KE3hIqfKb9rxKa4OXU2LozwRZu6l2/Tipl+sfMOf0i6kTU1jRl6dRRn
1Qt1n7Dke6Rey5rYwG5yeYGeNFTbCMSu4R339++/K+Np
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:51 2025 by rpki-client