Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/aba260-0850-4460-8053-94ca9c165779/1/yEey01MWkDSUNpOb3bBhQIb5Ww0.roa
File: yEey01MWkDSUNpOb3bBhQIb5Ww0.roa (raw, json)
Hash identifier: YQpT4J9IyyMabqmglbATxVtqsDtW4r/9f51eOiXgQk0=
Subject key identifier: C8:47:B2:D3:53:16:90:34:94:36:93:9B:DD:B0:61:40:86:F9:5B:0D
Certificate issuer: /CN=11362f3cfb94b9223c78433197c4e0ca12dbd70a
Certificate serial: 018CC72694641F08A8C0A0317F7D0B207A1B
Authority key identifier: 11:36:2F:3C:FB:94:B9:22:3C:78:43:31:97:C4:E0:CA:12:DB:D7:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ETYvPPuUuSI8eEMxl8TgyhLb1wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/aba260-0850-4460-8053-94ca9c165779/1/yEey01MWkDSUNpOb3bBhQIb5Ww0.roa
Signing time: Mon 01 Jan 2024 22:30:43 +0000
ROA not before: Mon 01 Jan 2024 22:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49788
IP address blocks: 193.0.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:94:64:1f:08:a8:c0:a0:31:7f:7d:0b:20:7a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11362f3cfb94b9223c78433197c4e0ca12dbd70a
Validity
Not Before: Jan 1 22:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c847b2d3531690349436939bddb0614086f95b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f8:f1:ad:47:81:db:98:8c:2e:a4:2e:ff:86:
e9:e8:84:09:5a:c2:35:18:3d:89:36:b1:f0:76:bb:
fc:d1:ee:ba:fc:3c:62:78:f5:ce:36:1b:e3:2a:11:
02:11:b3:c6:03:10:b5:e9:52:7f:60:1e:2e:11:c0:
5b:50:16:a3:69:5c:0d:20:70:ff:a0:c8:2f:41:a5:
92:8f:9e:bf:13:b6:a3:94:70:02:b9:1c:13:d8:b3:
c7:6c:01:ec:60:12:98:d0:0f:c1:d8:2c:46:3f:99:
44:8e:40:a0:65:95:4c:5d:88:37:7f:72:c2:c6:0c:
5c:d9:a4:7a:37:08:a0:cb:fe:0e:e4:4d:b8:cf:63:
2d:a9:54:cd:3f:70:0e:a8:37:ed:d6:35:c1:b6:62:
c7:da:75:f0:62:5f:b2:3d:e6:10:0a:6b:d7:3f:da:
87:ae:a3:c4:57:a9:be:d5:ea:fd:d3:73:78:8f:e1:
51:bd:6c:f6:c0:bd:0b:c3:f7:08:13:a8:ab:ff:60:
bc:3f:52:fd:0c:11:0e:93:ee:81:9b:5f:18:5d:8c:
fd:a3:30:2b:45:a8:99:84:62:7f:d7:43:1d:1c:32:
12:d7:5c:7d:e8:98:61:19:12:a3:20:a4:dd:23:a1:
40:ab:c6:07:f4:87:41:4a:ab:24:f5:01:33:db:aa:
01:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:47:B2:D3:53:16:90:34:94:36:93:9B:DD:B0:61:40:86:F9:5B:0D
X509v3 Authority Key Identifier:
keyid:11:36:2F:3C:FB:94:B9:22:3C:78:43:31:97:C4:E0:CA:12:DB:D7:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ETYvPPuUuSI8eEMxl8TgyhLb1wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/aba260-0850-4460-8053-94ca9c165779/1/yEey01MWkDSUNpOb3bBhQIb5Ww0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/aba260-0850-4460-8053-94ca9c165779/1/ETYvPPuUuSI8eEMxl8TgyhLb1wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.222.0/24
Signature Algorithm: sha256WithRSAEncryption
52:bd:1d:f2:4a:00:bf:94:0b:90:0e:0b:5f:5f:a3:c7:ea:7d:
fb:3d:cc:f7:bf:de:20:57:da:51:12:b9:8a:80:4a:d1:b5:6c:
63:59:c6:a7:8b:c6:4d:12:92:e7:96:3d:bf:c2:f3:99:fe:ae:
7d:47:e9:6f:8f:a2:e0:ce:10:58:7a:3f:e0:cd:4b:1d:dd:c6:
13:b9:8b:f5:96:cd:18:94:05:df:05:c5:00:70:98:ed:68:94:
c3:25:05:82:eb:37:4e:54:40:9c:57:ae:e8:f4:78:98:21:46:
de:03:17:2f:9e:9c:9b:81:ce:f7:87:fe:ff:e6:32:35:81:bd:
ed:73:a1:55:a0:5c:7e:a9:43:fd:ec:23:8e:06:30:69:0b:69:
9d:10:cc:8c:3e:5c:5d:68:11:54:94:c2:61:f6:32:09:50:31:
59:4e:cf:9c:f4:57:17:42:37:79:04:98:8d:0d:e9:d7:76:2c:
f2:03:1c:82:b4:b8:ca:75:c7:01:0c:e0:ef:88:12:b1:19:7d:
e3:05:f4:6f:e4:60:5d:67:62:25:3b:a4:18:a1:3b:0d:bd:4d:
b6:61:34:7a:5a:5e:26:f2:92:b0:0f:29:70:35:01:6b:86:d3:
6f:b6:a6:11:67:4b:f4:47:c0:3a:81:3f:09:9f:df:f4:cd:b1:
c3:78:6f:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJpRkHwiowKAxf30LIHobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMzYyZjNjZmI5NGI5MjIzYzc4NDMzMTk3YzRlMGNhMTJk
YmQ3MGEwHhcNMjQwMTAxMjIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ3YjJkMzUzMTY5MDM0OTQzNjkzOWJkZGIwNjE0MDg2Zjk1YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPjxrUeB25iMLqQu/4bp6IQJWsI1
GD2JNrHwdrv80e66/DxiePXONhvjKhECEbPGAxC16VJ/YB4uEcBbUBajaVwNIHD/
oMgvQaWSj56/E7ajlHACuRwT2LPHbAHsYBKY0A/B2CxGP5lEjkCgZZVMXYg3f3LC
xgxc2aR6Nwigy/4O5E24z2MtqVTNP3AOqDft1jXBtmLH2nXwYl+yPeYQCmvXP9qH
rqPEV6m+1er903N4j+FRvWz2wL0Lw/cIE6ir/2C8P1L9DBEOk+6Bm18YXYz9ozAr
RaiZhGJ/10MdHDIS11x96JhhGRKjIKTdI6FAq8YH9IdBSqsk9QEz26oB5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhHstNTFpA0lDaTm92wYUCG+VsNMB8GA1UdIwQY
MBaAFBE2Lzz7lLkiPHhDMZfE4MoS29cKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVRZdlBQdVV1U0k4ZUVNeGw4VGd5aExiMXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hYmEyNjAtMDg1MC00NDYwLTgwNTMt
OTRjYTljMTY1Nzc5LzEveUVleTAxTVdrRFNVTnBPYjNiQmhRSWI1V3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hYmEyNjAtMDg1MC00NDYwLTgwNTMtOTRjYTljMTY1Nzc5
LzEvRVRZdlBQdVV1U0k4ZUVNeGw4VGd5aExiMXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQDeMA0G
CSqGSIb3DQEBCwUAA4IBAQBSvR3ySgC/lAuQDgtfX6PH6n37Pcz3v94gV9pRErmK
gErRtWxjWcani8ZNEpLnlj2/wvOZ/q59R+lvj6LgzhBYej/gzUsd3cYTuYv1ls0Y
lAXfBcUAcJjtaJTDJQWC6zdOVECcV67o9HiYIUbeAxcvnpybgc73h/7/5jI1gb3t
c6FVoFx+qUP97COOBjBpC2mdEMyMPlxdaBFUlMJh9jIJUDFZTs+c9FcXQjd5BJiN
DenXdizyAxyCtLjKdccBDODviBKxGX3jBfRv5GBdZ2IlO6QYoTsNvU22YTR6Wl4m
8pKwDylwNQFrhtNvtqYRZ0v0R8A6gT8Jn9/0zbHDeG9i
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:46 2025 by rpki-client