Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/YYRzPULgQj_OgncaqW4cPfyew6o.roa
File: YYRzPULgQj_OgncaqW4cPfyew6o.roa (raw, json)
Hash identifier: cw0BmQwojsRPdjUi4q5wHk/EPrY8dT6EMz6oXm/o8DE=
Subject key identifier: 61:84:73:3D:42:E0:42:3F:CE:82:77:1A:A9:6E:1C:3D:FC:9E:C3:AA
Certificate issuer: /CN=e87cc680c85983e7bf74498d0e6be800f86451c3
Certificate serial: 018CC50045CA0257F07D8930E6FEA544BDB0
Authority key identifier: E8:7C:C6:80:C8:59:83:E7:BF:74:49:8D:0E:6B:E8:00:F8:64:51:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HzGgMhZg-e_dEmNDmvoAPhkUcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/YYRzPULgQj_OgncaqW4cPfyew6o.roa
Signing time: Mon 01 Jan 2024 12:29:38 +0000
ROA not before: Mon 01 Jan 2024 12:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51048
IP address blocks: 185.2.196.0/22 maxlen: 24
31.210.24.0/21 maxlen: 24
64.253.32.0/19 maxlen: 24
2a03:4300::/29 maxlen: 64
Validation: Failed, certificate revoked on Thu 07 Mar 2024 13:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:45:ca:02:57:f0:7d:89:30:e6:fe:a5:44:bd:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87cc680c85983e7bf74498d0e6be800f86451c3
Validity
Not Before: Jan 1 12:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6184733d42e0423fce82771aa96e1c3dfc9ec3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8d:40:d6:6b:43:54:3a:22:37:58:a8:5b:0b:
14:c2:d6:05:fd:ba:96:85:6a:69:f3:31:b7:10:f6:
29:c5:52:67:30:c4:cd:f3:42:57:65:9d:2f:65:14:
7c:4b:33:2b:f5:cc:4c:ea:b1:fa:28:f0:cb:17:23:
f2:2e:e8:69:bb:a9:7b:67:cb:e5:c2:e7:24:44:5d:
7a:3e:39:36:2a:91:c4:d1:24:c1:ba:ec:5b:44:ab:
64:c1:84:0e:13:a8:12:0a:51:9d:5b:4f:d5:d7:7e:
a0:a6:f3:a6:fc:bc:ad:69:17:ed:91:82:89:38:bf:
5a:ae:23:fa:60:61:bd:66:03:fd:9f:ff:32:74:3a:
b2:f0:81:53:be:1f:92:89:23:9d:0a:b5:60:59:c9:
24:86:73:2d:5b:38:4d:15:f5:0f:6f:1c:cb:6b:b0:
73:46:22:f4:7e:eb:96:92:6a:1f:79:54:02:fc:34:
2e:0d:30:20:c2:ec:e5:cc:23:75:f4:ea:d1:ed:b2:
41:08:19:7c:4f:dd:45:96:30:23:e8:6b:9a:bf:14:
81:f9:a5:75:27:ff:f2:97:a5:e6:b6:a1:9d:d2:43:
01:d4:c9:14:ff:3d:5f:91:16:5d:48:41:0a:1a:10:
5f:8c:e6:5b:39:33:f6:3f:ad:33:0a:67:e8:a8:79:
c3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:84:73:3D:42:E0:42:3F:CE:82:77:1A:A9:6E:1C:3D:FC:9E:C3:AA
X509v3 Authority Key Identifier:
keyid:E8:7C:C6:80:C8:59:83:E7:BF:74:49:8D:0E:6B:E8:00:F8:64:51:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HzGgMhZg-e_dEmNDmvoAPhkUcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/YYRzPULgQj_OgncaqW4cPfyew6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/6HzGgMhZg-e_dEmNDmvoAPhkUcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.24.0/21
64.253.32.0/19
185.2.196.0/22
IPv6:
2a03:4300::/29
Signature Algorithm: sha256WithRSAEncryption
39:be:8b:0e:e2:58:31:a6:2e:88:71:64:38:b1:5b:94:03:57:
88:c5:d1:44:b8:44:43:40:9f:2e:90:79:fa:cd:fd:69:3a:57:
62:57:9c:61:f0:9a:33:3f:6b:31:4a:ae:02:83:3a:8e:f7:c2:
d3:fa:b5:d1:08:e9:7a:33:a9:ad:58:85:df:20:70:63:5e:fb:
4a:1b:ce:af:79:c0:cc:16:2f:49:0f:b5:45:59:3a:a7:58:5f:
fb:e9:c5:42:f3:a1:13:9c:c4:53:26:92:8e:b8:52:bd:4d:0b:
f8:73:68:68:13:fa:3e:46:02:ab:b6:6e:9e:38:f2:f2:57:f5:
6b:36:9a:13:cf:45:43:45:34:9a:ea:ce:18:c0:36:cf:76:d8:
dd:a1:24:b0:30:c7:a0:92:66:e8:32:46:12:47:72:9c:2f:a2:
d2:2b:ac:35:ec:1d:b6:1d:f7:6a:e3:46:8a:1c:e2:6d:35:6c:
cf:53:89:4a:47:d7:68:8f:1f:d6:ba:66:84:27:51:1f:56:90:
26:41:1e:6f:c5:62:4b:82:c9:12:2b:49:b5:f5:66:2b:9d:62:
f7:66:5d:20:1e:07:a4:92:96:95:02:2c:3b:c7:d7:af:64:14:
59:91:9b:4c:76:22:92:fc:51:7d:7d:5e:4a:cb:cd:7c:80:ef:
de:b0:c9:a6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAEXKAlfwfYkw5v6lRL2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NjNjgwYzg1OTgzZTdiZjc0NDk4ZDBlNmJlODAwZjg2
NDUxYzMwHhcNMjQwMTAxMTIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTg0NzMzZDQyZTA0MjNmY2U4Mjc3MWFhOTZlMWMzZGZjOWVjM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI1A1mtDVDoiN1ioWwsUwtYF/bqW
hWpp8zG3EPYpxVJnMMTN80JXZZ0vZRR8SzMr9cxM6rH6KPDLFyPyLuhpu6l7Z8vl
wuckRF16Pjk2KpHE0STBuuxbRKtkwYQOE6gSClGdW0/V136gpvOm/LytaRftkYKJ
OL9ariP6YGG9ZgP9n/8ydDqy8IFTvh+SiSOdCrVgWckkhnMtWzhNFfUPbxzLa7Bz
RiL0fuuWkmofeVQC/DQuDTAgwuzlzCN19OrR7bJBCBl8T91FljAj6GuavxSB+aV1
J//yl6XmtqGd0kMB1MkU/z1fkRZdSEEKGhBfjOZbOTP2P60zCmfoqHnDZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGGEcz1C4EI/zoJ3GqluHD38nsOqMB8GA1UdIwQY
MBaAFOh8xoDIWYPnv3RJjQ5r6AD4ZFHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6R2dNaFpnLWVfZEVtTkRtdm9BUGhrVWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yOWFmNTktMGI3Yi00ZDgwLThmOWYt
MTRkMDJlMzBkMjI3LzEvWVlSelBVTGdRal9PZ25jYXFXNGNQZnlldzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yOWFmNTktMGI3Yi00ZDgwLThmOWYtMTRkMDJlMzBkMjI3
LzEvNkh6R2dNaFpnLWVfZEVtTkRtdm9BUGhrVWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH9IYAwQF
QP0gAwQCuQLEMA0EAgACMAcDBQMqA0MAMA0GCSqGSIb3DQEBCwUAA4IBAQA5vosO
4lgxpi6IcWQ4sVuUA1eIxdFEuERDQJ8ukHn6zf1pOldiV5xh8JozP2sxSq4CgzqO
98LT+rXRCOl6M6mtWIXfIHBjXvtKG86vecDMFi9JD7VFWTqnWF/76cVC86ETnMRT
JpKOuFK9TQv4c2hoE/o+RgKrtm6eOPLyV/VrNpoTz0VDRTSa6s4YwDbPdtjdoSSw
MMegkmboMkYSR3KcL6LSK6w17B22Hfdq40aKHOJtNWzPU4lKR9dojx/WumaEJ1Ef
VpAmQR5vxWJLgskSK0m19WYrnWL3Zl0gHgekkpaVAiw7x9evZBRZkZtMdiKS/FF9
fV5Ky818gO/esMmm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:15 2025 by rpki-client