Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/YcVtdayKhIA-7aqN0poZhTIgP7o.roa
File: YcVtdayKhIA-7aqN0poZhTIgP7o.roa (raw, json)
Hash identifier: aTbgm+cOYWgCzw8BqVcCPVcwh3dkP2PlvSyX5R6tAO8=
Subject key identifier: 61:C5:6D:75:AC:8A:84:80:3E:ED:AA:8D:D2:9A:19:85:32:20:3F:BA
Certificate issuer: /CN=dd158a0da03266df144c89a7b6e35a761c4998f7
Certificate serial: 01941F8C5D5ECA37A1D4D0C79A7B891CA281
Authority key identifier: DD:15:8A:0D:A0:32:66:DF:14:4C:89:A7:B6:E3:5A:76:1C:49:98:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3RWKDaAyZt8UTImntuNadhxJmPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/YcVtdayKhIA-7aqN0poZhTIgP7o.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20649
IP address blocks: 46.36.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 22:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5d:5e:ca:37:a1:d4:d0:c7:9a:7b:89:1c:a2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd158a0da03266df144c89a7b6e35a761c4998f7
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61c56d75ac8a84803eedaa8dd29a198532203fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fa:de:e5:39:9e:94:3a:35:44:10:af:20:68:
06:e0:bd:67:c5:3b:d1:98:f5:29:d9:26:06:0d:45:
ed:53:87:fc:25:fc:99:a6:21:e9:0d:3f:86:5b:74:
dc:5a:f1:4d:56:5d:0b:fd:76:fb:0a:c6:f8:88:8d:
ff:b5:2f:99:c4:3f:54:d1:e5:d3:e2:b3:80:1a:b9:
1a:56:2c:9e:5a:05:fc:8b:f6:d5:78:30:28:2a:07:
72:56:8c:13:17:b1:5c:13:a8:ca:ee:3f:90:e3:3f:
b6:c9:bb:95:44:81:b7:54:46:d2:9c:35:bc:55:bb:
56:0b:56:be:8b:7c:2d:72:f1:14:6d:33:77:d1:68:
e4:52:41:81:02:87:69:fc:c8:34:b9:bb:dd:d3:fc:
36:6d:14:e7:82:b1:3d:66:57:d2:55:18:b5:e3:d5:
05:4a:b0:81:00:90:58:55:0b:af:8b:e5:a6:4e:9e:
a0:d2:b5:39:9e:9d:a8:1f:a6:0d:b4:0b:8f:76:05:
e4:9d:8f:49:c5:9f:a9:e4:c0:4d:f6:99:7b:d1:64:
1a:4c:ec:c1:8b:b8:c9:0f:c8:72:0d:aa:12:0a:63:
d2:72:74:64:c9:4a:ab:17:fd:da:a1:3e:71:12:3c:
87:38:51:72:18:b1:7e:42:38:14:d5:dc:23:9d:63:
25:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C5:6D:75:AC:8A:84:80:3E:ED:AA:8D:D2:9A:19:85:32:20:3F:BA
X509v3 Authority Key Identifier:
keyid:DD:15:8A:0D:A0:32:66:DF:14:4C:89:A7:B6:E3:5A:76:1C:49:98:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RWKDaAyZt8UTImntuNadhxJmPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/YcVtdayKhIA-7aqN0poZhTIgP7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/3RWKDaAyZt8UTImntuNadhxJmPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.200.0/24
Signature Algorithm: sha256WithRSAEncryption
44:97:cf:7a:d0:0a:51:f1:76:7f:46:05:f0:2d:be:7d:c7:f3:
00:13:c9:35:fe:d5:9f:45:28:34:e1:2b:57:2e:b1:d6:a7:35:
2a:5a:ae:6a:cb:36:17:ce:75:f0:0e:3c:4d:c8:ee:24:cd:96:
01:6f:fa:28:aa:d2:35:13:4a:a7:94:13:1c:51:f9:28:81:8c:
af:35:bf:0d:e8:59:9c:b8:23:c2:f5:61:05:14:e8:1b:27:c8:
c7:26:8b:42:a5:6f:30:60:ba:f0:90:05:2e:b6:5f:1f:46:f8:
1c:24:ba:ee:a4:1b:6d:d7:58:e9:9e:91:05:b0:99:f8:db:3a:
21:88:2f:72:37:83:e1:2f:1f:7e:33:84:ed:52:a5:89:dc:4b:
83:8c:35:10:d6:4e:c9:9a:db:47:77:ae:27:a3:b6:9b:bd:f3:
e4:c8:e5:80:61:37:a2:2c:f4:5a:f5:b4:fe:32:3a:63:01:2a:
ae:f4:8e:20:a7:de:b5:fa:39:cb:0a:9e:4c:b8:39:a5:d8:3f:
5e:d9:0f:69:88:6b:df:86:df:7b:fc:27:35:d2:b9:90:c9:eb:
49:1f:b4:83:36:77:5e:ab:37:85:87:3b:87:e8:95:4e:ab:40:
f3:50:9c:2c:2d:c2:ce:fd:19:39:84:25:f1:40:f0:66:e8:af:
41:57:2a:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjF1eyjeh1NDHmnuJHKKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTU4YTBkYTAzMjY2ZGYxNDRjODlhN2I2ZTM1YTc2MWM0
OTk4ZjcwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM1NmQ3NWFjOGE4NDgwM2VlZGFhOGRkMjlhMTk4NTMyMjAzZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPre5TmelDo1RBCvIGgG4L1nxTvR
mPUp2SYGDUXtU4f8JfyZpiHpDT+GW3TcWvFNVl0L/Xb7Csb4iI3/tS+ZxD9U0eXT
4rOAGrkaViyeWgX8i/bVeDAoKgdyVowTF7FcE6jK7j+Q4z+2ybuVRIG3VEbSnDW8
VbtWC1a+i3wtcvEUbTN30WjkUkGBAodp/Mg0ubvd0/w2bRTngrE9ZlfSVRi149UF
SrCBAJBYVQuvi+WmTp6g0rU5np2oH6YNtAuPdgXknY9JxZ+p5MBN9pl70WQaTOzB
i7jJD8hyDaoSCmPScnRkyUqrF/3aoT5xEjyHOFFyGLF+QjgU1dwjnWMlrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHFbXWsioSAPu2qjdKaGYUyID+6MB8GA1UdIwQY
MBaAFN0Vig2gMmbfFEyJp7bjWnYcSZj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JXS0RhQXladDhVVEltbnR1TmFkaHhKbVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8wYjU1YWItYWNjOC00MWRhLTljODAt
ZThmMjBhYWRkZTk5LzEvWWNWdGRheUtoSUEtN2FxTjBwb1poVElnUDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8wYjU1YWItYWNjOC00MWRhLTljODAtZThmMjBhYWRkZTk5
LzEvM1JXS0RhQXladDhVVEltbnR1TmFkaHhKbVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiTIMA0G
CSqGSIb3DQEBCwUAA4IBAQBEl8960ApR8XZ/RgXwLb59x/MAE8k1/tWfRSg04StX
LrHWpzUqWq5qyzYXznXwDjxNyO4kzZYBb/ooqtI1E0qnlBMcUfkogYyvNb8N6Fmc
uCPC9WEFFOgbJ8jHJotCpW8wYLrwkAUutl8fRvgcJLrupBtt11jpnpEFsJn42zoh
iC9yN4PhLx9+M4TtUqWJ3EuDjDUQ1k7JmttHd64no7abvfPkyOWAYTeiLPRa9bT+
MjpjASqu9I4gp961+jnLCp5MuDml2D9e2Q9piGvfht97/Cc10rmQyetJH7SDNnde
qzeFhzuH6JVOq0DzUJwsLcLO/Rk5hCXxQPBm6K9BVyo9
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:59 2025 by rpki-client