Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/yCurq0ZUIoxIShLP1KKDF9hPUYQ.roa
File: yCurq0ZUIoxIShLP1KKDF9hPUYQ.roa (raw, json)
Hash identifier: T+89pLRXwrByR5yPoMBU33eKRrCT08RHsCMIu4iYn8c=
Subject key identifier: C8:2B:AB:AB:46:54:22:8C:48:4A:12:CF:D4:A2:83:17:D8:4F:51:84
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018CC64B2B39F1129995E09FBED7DAD028F3
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/yCurq0ZUIoxIShLP1KKDF9hPUYQ.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207409
IP address blocks: 45.9.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2b:39:f1:12:99:95:e0:9f:be:d7:da:d0:28:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c82babab4654228c484a12cfd4a28317d84f5184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:97:f7:39:d6:ab:c5:e7:e5:35:66:19:fe:
3c:8d:2a:3d:f6:c6:4e:cf:ba:7a:72:5d:91:e5:26:
6b:1c:4b:1f:55:4b:aa:08:df:d9:a1:bd:c3:42:33:
5e:df:a7:e0:74:a1:3e:bd:7d:41:18:ea:90:3b:a0:
9a:d8:9c:e7:25:b1:1b:1e:82:17:30:ed:33:86:e0:
17:a2:52:08:ee:9f:ec:3b:55:26:f9:aa:94:ca:a4:
01:3b:ac:df:9b:62:4d:a8:8b:5d:1b:52:8c:ef:ae:
94:ea:71:91:ec:95:43:f2:67:2f:18:dc:5f:36:7e:
f7:e0:f0:84:88:83:9e:28:4b:17:fe:45:cb:50:13:
1b:c5:0d:d1:dc:28:b8:04:64:e2:ee:58:d8:86:15:
36:c8:0a:47:f0:91:ca:07:c7:9e:58:01:67:37:3c:
1a:c3:3c:c9:65:f9:e3:e9:b1:49:d8:07:ab:f1:34:
8f:73:24:8b:33:1b:4c:e4:ac:4b:72:c1:ee:ff:83:
e6:ee:19:4b:fd:33:c8:c7:b0:6f:de:1d:9b:11:d3:
80:12:12:11:ca:47:51:8d:37:31:06:7b:b9:58:f1:
22:3a:92:d7:6a:fd:4f:67:46:fe:82:f6:34:eb:af:
66:9a:d7:5c:76:53:87:46:5c:c0:8a:8a:63:84:f0:
17:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2B:AB:AB:46:54:22:8C:48:4A:12:CF:D4:A2:83:17:D8:4F:51:84
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/yCurq0ZUIoxIShLP1KKDF9hPUYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.255.0/24
Signature Algorithm: sha256WithRSAEncryption
80:27:26:90:ad:16:73:e0:19:80:27:74:2d:80:a4:e1:cb:65:
a4:ec:68:48:00:f6:9b:b6:ed:fa:15:21:34:56:47:f7:8b:02:
9e:e4:58:f6:d8:8a:20:f9:5d:2e:ff:c0:95:1e:bc:13:a2:18:
f4:42:88:30:4a:bd:06:f0:11:70:ae:27:5c:5b:1a:33:1e:ac:
3f:5a:e4:99:d7:7a:b6:64:15:e0:7d:fa:b9:2d:8e:41:47:65:
88:ec:a8:63:26:2b:aa:7f:69:8e:87:64:a0:2f:db:d3:3e:d0:
0d:db:b5:65:e1:16:a2:11:a5:31:26:bb:53:69:a2:2f:51:1e:
c6:8b:95:1c:b5:95:93:f7:20:19:28:92:ab:ea:f5:a6:46:f7:
a1:8d:ec:77:08:0c:63:0e:55:1e:03:e6:40:c7:0e:89:a2:bf:
25:92:cb:9c:bf:4d:17:52:16:0d:60:2a:ba:03:22:e4:1c:69:
73:a5:94:4b:43:4d:b8:2e:da:64:37:3c:e8:ac:34:80:72:13:
2f:f8:52:bd:89:5b:7e:91:c0:ee:c4:3b:d7:ba:cd:93:6c:dd:
85:66:b0:5d:24:1c:36:f4:2c:df:d5:71:ae:5f:62:ea:21:d9:
8b:59:ae:bf:a3:dc:ab:ea:b9:7f:72:2c:04:15:27:5f:a1:83:
ae:2c:40:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSys58RKZleCfvtfa0CjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODJiYWJhYjQ2NTQyMjhjNDg0YTEyY2ZkNGEyODMxN2Q4NGY1MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWuX9znWq8Xn5TVmGf48jSo99sZO
z7p6cl2R5SZrHEsfVUuqCN/Zob3DQjNe36fgdKE+vX1BGOqQO6Ca2JznJbEbHoIX
MO0zhuAXolII7p/sO1Um+aqUyqQBO6zfm2JNqItdG1KM766U6nGR7JVD8mcvGNxf
Nn734PCEiIOeKEsX/kXLUBMbxQ3R3Ci4BGTi7ljYhhU2yApH8JHKB8eeWAFnNzwa
wzzJZfnj6bFJ2Aer8TSPcySLMxtM5KxLcsHu/4Pm7hlL/TPIx7Bv3h2bEdOAEhIR
ykdRjTcxBnu5WPEiOpLXav1PZ0b+gvY0669mmtdcdlOHRlzAiopjhPAXhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgrq6tGVCKMSEoSz9SigxfYT1GEMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEveUN1cnEwWlVJb3hJU2hMUDFLS0RGOWhQVVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQn/MA0G
CSqGSIb3DQEBCwUAA4IBAQCAJyaQrRZz4BmAJ3QtgKThy2Wk7GhIAPabtu36FSE0
Vkf3iwKe5Fj22Iog+V0u/8CVHrwTohj0QogwSr0G8BFwridcWxozHqw/WuSZ13q2
ZBXgffq5LY5BR2WI7KhjJiuqf2mOh2SgL9vTPtAN27Vl4RaiEaUxJrtTaaIvUR7G
i5UctZWT9yAZKJKr6vWmRvehjex3CAxjDlUeA+ZAxw6Jor8lksucv00XUhYNYCq6
AyLkHGlzpZRLQ024LtpkNzzorDSAchMv+FK9iVt+kcDuxDvXus2TbN2FZrBdJBw2
9Czf1XGuX2LqIdmLWa6/o9yr6rl/ciwEFSdfoYOuLEDt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:30 2025 by rpki-client