Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/yHVK99E27Q7roFjbYVlOuAa6d8Y.roa
File: yHVK99E27Q7roFjbYVlOuAa6d8Y.roa (raw, json)
Hash identifier: 3iTWpp/TdtbvIQWG9p5tfivPutOVJm6YQU7vC2uviXM=
Subject key identifier: C8:75:4A:F7:D1:36:ED:0E:EB:A0:58:DB:61:59:4E:B8:06:BA:77:C6
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 018CC3B6D8E4A008DC4A100CBBA6C63716A9
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/yHVK99E27Q7roFjbYVlOuAa6d8Y.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30790
IP address blocks: 195.123.186.0/24 maxlen: 24
195.123.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 11:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d8:e4:a0:08:dc:4a:10:0c:bb:a6:c6:37:16:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8754af7d136ed0eeba058db61594eb806ba77c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:5b:76:fd:2f:5d:bf:74:df:da:7a:94:1f:
a0:5f:87:68:54:c1:56:bc:03:5d:1e:e9:9d:0f:b0:
e6:87:26:54:d9:ac:d6:27:d5:46:68:b7:70:43:88:
95:46:8a:05:a8:ef:ee:ab:25:cb:8f:14:8d:92:19:
46:9d:0f:3a:2e:b9:67:1c:83:be:a5:9b:15:3b:51:
c8:77:1a:7f:72:5a:28:da:8f:1d:48:4b:fa:d4:00:
45:95:b0:0a:57:0f:f9:40:1e:40:e5:a9:34:21:53:
51:84:73:1e:04:11:a5:af:e6:e0:76:48:3f:07:fb:
98:76:83:ed:1b:33:fe:12:dc:0f:ec:45:94:f8:14:
3c:31:a4:f5:ed:a9:8f:aa:67:2b:d7:cf:14:4f:56:
a0:32:cb:bb:85:a0:bd:bd:ed:af:95:77:71:82:34:
d8:92:fb:34:f3:02:b4:fc:28:5b:44:df:cf:cd:41:
46:8a:e5:6c:f0:8b:00:1c:39:20:40:9b:4c:78:6a:
3b:84:7c:e0:37:11:ad:2f:7a:40:8e:b4:c5:48:68:
9a:e6:07:cd:4a:82:25:95:d4:f9:05:f3:59:15:e1:
84:0c:0b:11:f4:d3:5b:9d:3d:ce:bb:cd:a4:fa:6d:
30:7c:ad:bb:29:9c:eb:4b:79:99:ef:38:78:a1:02:
36:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:75:4A:F7:D1:36:ED:0E:EB:A0:58:DB:61:59:4E:B8:06:BA:77:C6
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/yHVK99E27Q7roFjbYVlOuAa6d8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.185.0-195.123.186.255
Signature Algorithm: sha256WithRSAEncryption
2b:06:13:8e:de:95:0f:e2:6e:b1:b8:de:ac:99:29:04:bf:3d:
ae:cd:0d:68:4b:8c:d6:96:b9:11:5e:62:6a:08:9b:a3:b7:98:
eb:eb:18:8d:db:4d:a3:58:23:85:39:53:e8:0c:57:11:36:78:
be:de:65:02:b8:ed:bc:7c:c7:be:87:3c:ff:b2:28:11:61:a1:
fd:aa:fd:77:9e:54:35:2d:a8:cd:0a:7a:75:f4:6a:bb:53:9c:
be:35:7d:7f:b9:7b:21:a8:d2:29:f1:2f:50:e9:80:90:91:a2:
3d:3a:19:ea:2f:48:a8:39:39:a3:ac:5c:12:e2:48:2c:1d:ba:
32:2f:21:5e:4d:1a:63:b9:42:f2:c9:2d:4f:17:16:88:7c:1f:
ec:cd:aa:18:b6:f3:0d:73:8e:bd:2f:58:8a:35:fe:f1:1d:22:
cd:f3:ce:3b:5e:39:22:0c:08:04:11:37:4a:31:ee:68:a9:67:
7f:9d:63:1f:e1:ea:c8:66:0b:94:40:82:27:e3:c4:91:65:61:
4f:b3:4d:b7:2d:96:be:b3:36:f3:59:9a:36:ff:ef:b2:45:04:
ff:be:04:8a:1e:45:6e:4a:5f:62:c1:5e:de:f7:3c:c0:50:03:
61:eb:17:35:03:e6:f1:37:5d:08:8c:77:8e:45:cb:73:e6:e9:
72:e5:aa:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDttjkoAjcShAMu6bGNxapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODc1NGFmN2QxMzZlZDBlZWJhMDU4ZGI2MTU5NGViODA2YmE3N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviRbdv0vXb9039p6lB+gX4doVMFW
vANdHumdD7DmhyZU2azWJ9VGaLdwQ4iVRooFqO/uqyXLjxSNkhlGnQ86LrlnHIO+
pZsVO1HIdxp/cloo2o8dSEv61ABFlbAKVw/5QB5A5ak0IVNRhHMeBBGlr+bgdkg/
B/uYdoPtGzP+EtwP7EWU+BQ8MaT17amPqmcr188UT1agMsu7haC9ve2vlXdxgjTY
kvs08wK0/ChbRN/PzUFGiuVs8IsAHDkgQJtMeGo7hHzgNxGtL3pAjrTFSGia5gfN
SoIlldT5BfNZFeGEDAsR9NNbnT3Ou82k+m0wfK27KZzrS3mZ7zh4oQI2pwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMh1SvfRNu0O66BY22FZTrgGunfGMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEveUhWSzk5RTI3UTdyb0ZqYllWbE91QWE2ZDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADDe7kD
BADDe7owDQYJKoZIhvcNAQELBQADggEBACsGE47elQ/ibrG43qyZKQS/Pa7NDWhL
jNaWuRFeYmoIm6O3mOvrGI3bTaNYI4U5U+gMVxE2eL7eZQK47bx8x76HPP+yKBFh
of2q/XeeVDUtqM0KenX0artTnL41fX+5eyGo0inxL1DpgJCRoj06GeovSKg5OaOs
XBLiSCwdujIvIV5NGmO5QvLJLU8XFoh8H+zNqhi28w1zjr0vWIo1/vEdIs3zzjte
OSIMCAQRN0ox7mipZ3+dYx/h6shmC5RAgifjxJFlYU+zTbctlr6zNvNZmjb/77JF
BP++BIoeRW5KX2LBXt73PMBQA2HrFzUD5vE3XQiMd45Fy3Pm6XLlqg4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org