Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ySOyqFRb-WEL6LHJqCYISJa9sp8.roa
File: ySOyqFRb-WEL6LHJqCYISJa9sp8.roa (raw, json)
Hash identifier: dcb9EvyavKazc12M1V82f/mya2zaogsrMIHEosBCzWE=
Subject key identifier: C9:23:B2:A8:54:5B:F9:61:0B:E8:B1:C9:A8:26:08:48:96:BD:B2:9F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802E17457D7C4D2CB3467E18BA4C483
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ySOyqFRb-WEL6LHJqCYISJa9sp8.roa
Signing time: Tue 02 Jan 2024 02:31:21 +0000
ROA not before: Tue 02 Jan 2024 02:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20836
IP address blocks: 192.121.47.0/24 maxlen: 24
192.121.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:e1:74:57:d7:c4:d2:cb:34:67:e1:8b:a4:c4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c923b2a8545bf9610be8b1c9a826084896bdb29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:21:09:16:96:7c:4a:77:fd:33:e7:a0:91:ae:
28:86:a9:0d:b3:2b:f0:a3:4e:11:62:0c:7c:3d:d1:
de:a4:89:02:28:dd:e3:20:95:fa:97:42:76:0c:c5:
e4:c1:dc:53:5f:9f:4e:1f:cc:64:25:12:ac:a8:26:
4d:dd:30:49:a5:c9:a2:da:87:f2:aa:44:14:95:24:
8b:6c:31:f1:46:83:96:15:74:ee:d5:82:8a:93:d5:
00:c0:79:fd:38:92:e8:a7:87:02:c1:34:62:e8:73:
db:d8:e2:d8:c0:af:3c:6e:74:ca:82:00:ce:6e:f5:
4b:57:35:15:39:6b:60:75:68:fc:35:14:68:e4:40:
28:c5:a3:d3:c2:af:d9:b3:42:e2:52:3f:8c:4c:62:
0e:4b:78:58:2a:67:04:b3:1a:ca:2a:c1:ba:4c:75:
9e:e1:0f:eb:af:ba:41:97:2e:e9:5e:36:de:ec:80:
79:b8:ad:81:86:8d:2e:04:df:8c:93:dc:83:29:e1:
68:f4:a8:54:e2:07:22:0f:7f:6f:55:eb:66:13:c3:
bc:28:a5:ac:58:36:81:76:78:04:17:f0:38:0d:c9:
30:8d:4f:a8:c3:0c:8d:23:18:de:46:19:fd:9d:f5:
29:67:69:91:a8:4f:85:0c:9d:9f:e2:8f:7f:b2:20:
f2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:23:B2:A8:54:5B:F9:61:0B:E8:B1:C9:A8:26:08:48:96:BD:B2:9F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ySOyqFRb-WEL6LHJqCYISJa9sp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.46.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:c7:39:cc:0b:ed:c8:2f:8f:a3:41:49:03:d1:3e:8c:11:42:
6d:7c:b8:41:00:b2:b7:57:93:be:d9:cb:0c:9d:cc:2d:a5:ef:
1f:f2:54:d9:7f:00:b4:7a:e9:1e:b4:35:57:c2:fb:0d:83:6f:
d5:4f:96:7e:ba:ef:49:2d:c1:e2:aa:dd:cf:de:db:3a:60:4b:
c6:49:bd:3d:83:10:d0:e5:28:fa:cc:4b:0b:a2:f6:66:e6:59:
14:08:f7:6a:e2:1f:d5:e4:fa:54:bc:2a:ec:90:6f:f6:d4:c4:
9b:fe:19:6f:97:f0:b7:77:f1:3c:cb:3b:7f:d3:b2:a5:6f:be:
18:f2:0a:89:1a:ea:41:51:25:4b:21:9f:a6:9c:9b:7c:9d:a8:
8c:99:41:33:f6:b3:50:09:19:66:0c:57:0b:ee:2c:0f:1e:36:
fd:55:a2:63:bc:be:50:73:16:e5:33:67:d7:c4:93:61:e8:b3:
dc:87:d1:2d:89:3b:44:d7:24:60:b4:31:7d:e6:85:ce:80:39:
dc:a8:b3:4f:e5:fe:60:b9:93:c4:fd:0f:2a:89:52:e8:ee:c9:
5c:14:29:90:ec:af:78:c9:cb:f1:0d:0c:fc:c2:a1:94:7c:18:
c2:9c:71:2d:42:1c:66:ad:f1:e4:e4:d4:6a:20:6c:ad:0a:81:
15:72:4c:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAuF0V9fE0ss0Z+GLpMSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTIzYjJhODU0NWJmOTYxMGJlOGIxYzlhODI2MDg0ODk2YmRiMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyEJFpZ8Snf9M+egka4ohqkNsyvw
o04RYgx8PdHepIkCKN3jIJX6l0J2DMXkwdxTX59OH8xkJRKsqCZN3TBJpcmi2ofy
qkQUlSSLbDHxRoOWFXTu1YKKk9UAwHn9OJLop4cCwTRi6HPb2OLYwK88bnTKggDO
bvVLVzUVOWtgdWj8NRRo5EAoxaPTwq/Zs0LiUj+MTGIOS3hYKmcEsxrKKsG6THWe
4Q/rr7pBly7pXjbe7IB5uK2Bho0uBN+Mk9yDKeFo9KhU4gciD39vVetmE8O8KKWs
WDaBdngEF/A4DckwjU+owwyNIxjeRhn9nfUpZ2mRqE+FDJ2f4o9/siDymwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkjsqhUW/lhC+ixyagmCEiWvbKfMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEveVNPeXFGUmItV0VMNkxISnFDWUlTSmE5c3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwHkuMA0G
CSqGSIb3DQEBCwUAA4IBAQDHxznMC+3IL4+jQUkD0T6MEUJtfLhBALK3V5O+2csM
ncwtpe8f8lTZfwC0euketDVXwvsNg2/VT5Z+uu9JLcHiqt3P3ts6YEvGSb09gxDQ
5Sj6zEsLovZm5lkUCPdq4h/V5PpUvCrskG/21MSb/hlvl/C3d/E8yzt/07Klb74Y
8gqJGupBUSVLIZ+mnJt8naiMmUEz9rNQCRlmDFcL7iwPHjb9VaJjvL5QcxblM2fX
xJNh6LPch9EtiTtE1yRgtDF95oXOgDncqLNP5f5guZPE/Q8qiVLo7slcFCmQ7K94
ycvxDQz8wqGUfBjCnHEtQhxmrfHk5NRqIGytCoEVckx4
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:00:22 2025 by rpki-client