Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/yVpiD-ZpUUptalAX7_8G4tOEsqY.roa
File: yVpiD-ZpUUptalAX7_8G4tOEsqY.roa (raw, json)
Hash identifier: BXzBFMnGW8g99Lh9mdc/N5E1FZuBusl+u6DuSD6p3Sk=
Subject key identifier: C9:5A:62:0F:E6:69:51:4A:6D:6A:50:17:EF:FF:06:E2:D3:84:B2:A6
Certificate issuer: /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial: 019368316F2E0A5FCA675A9AC0A95DCC2359
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/yVpiD-ZpUUptalAX7_8G4tOEsqY.roa
Signing time: Tue 26 Nov 2024 11:18:10 +0000
ROA not before: Tue 26 Nov 2024 11:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3360
IP address blocks: 193.19.196.0/24 maxlen: 24
193.19.197.0/24 maxlen: 24
194.125.246.0/24 maxlen: 24
194.125.247.0/24 maxlen: 24
195.22.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:31:6f:2e:0a:5f:ca:67:5a:9a:c0:a9:5d:cc:23:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Validity
Not Before: Nov 26 11:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c95a620fe669514a6d6a5017efff06e2d384b2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0c:df:be:38:ab:a4:ab:67:a8:89:d3:62:5d:
27:ca:b6:8e:61:de:e6:c8:b4:00:c2:04:52:5b:54:
a2:fe:24:53:ae:ba:8d:d5:ea:2a:c2:b8:2c:f5:20:
66:63:51:92:4e:08:65:ae:e4:a2:e0:54:50:de:72:
b7:11:b0:ca:da:2c:e9:fc:21:71:14:c9:71:ad:17:
1a:bc:55:77:5c:86:e1:4c:fc:85:a9:11:6d:9f:8c:
32:f8:08:11:75:07:87:4b:03:d4:c9:59:88:32:6d:
03:9e:78:dc:2a:06:c9:cd:3f:70:c1:b6:f0:38:57:
2b:bc:25:cd:b1:12:74:3d:25:e4:39:bb:7c:67:80:
85:c8:7a:9f:91:34:b6:39:5c:5f:7d:e8:c9:c3:e2:
69:6b:17:18:ef:16:43:30:dc:80:f4:01:72:79:67:
d6:32:a2:25:e9:82:c9:f0:f3:79:d8:f5:62:b1:4d:
4f:03:3e:73:13:1e:d9:49:79:d1:3e:be:59:a6:9e:
5b:70:5d:5e:a0:c8:b0:3f:f4:62:87:72:01:81:f9:
d4:05:68:03:3f:e1:4d:0a:61:54:1c:26:4e:61:05:
e8:e8:58:3d:87:b8:c6:99:b9:ad:36:7b:7e:ef:d4:
da:84:6a:02:72:35:01:41:d1:e8:cb:af:32:64:a3:
4c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5A:62:0F:E6:69:51:4A:6D:6A:50:17:EF:FF:06:E2:D3:84:B2:A6
X509v3 Authority Key Identifier:
keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/yVpiD-ZpUUptalAX7_8G4tOEsqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.196.0/23
194.125.246.0/23
195.22.158.0/24
Signature Algorithm: sha256WithRSAEncryption
86:13:59:e9:69:1e:e1:4c:20:b1:d8:2b:26:81:a0:cf:33:b1:
65:78:fe:75:4f:07:13:92:78:5b:e9:49:ac:ca:27:4d:c7:de:
ce:18:ae:88:73:66:10:9c:91:74:5c:04:87:b0:fb:3e:e9:85:
ce:96:62:b6:4d:a7:67:66:2f:ed:6a:74:63:05:90:6e:66:24:
c6:1f:b4:62:41:f9:a6:c6:93:60:5c:de:30:43:55:ae:a7:07:
bb:21:38:88:bb:dd:2b:89:0a:46:16:c9:19:df:69:17:dc:f8:
bb:b5:3f:0b:71:f8:00:6b:5a:13:6b:bc:81:c0:7b:7d:88:29:
3c:52:fd:00:9d:3d:71:8d:07:7b:2e:83:23:5e:9b:50:43:ff:
ee:f2:64:95:61:49:fd:b7:40:a3:4f:8f:11:a0:31:52:9e:1e:
cb:21:12:46:68:12:f0:78:0d:de:8d:60:7a:b3:ec:67:79:22:
83:5e:01:03:21:f7:70:ca:bc:de:0a:2e:dc:81:ff:06:d0:48:
62:4e:8f:c1:ef:08:1e:06:3c:aa:a9:48:fe:26:a6:e6:aa:55:
f5:d7:89:74:86:a6:31:49:a6:99:9a:a4:95:87:b4:17:8a:fd:
23:26:bd:41:9d:66:d2:f9:80:5c:c7:5f:eb:16:fe:fa:f9:42:
ab:5f:a4:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNoMW8uCl/KZ1qawKldzCNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjQxMTI2MTExODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVhNjIwZmU2Njk1MTRhNmQ2YTUwMTdlZmZmMDZlMmQzODRiMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gzfvjirpKtnqInTYl0nyraOYd7m
yLQAwgRSW1Si/iRTrrqN1eoqwrgs9SBmY1GSTghlruSi4FRQ3nK3EbDK2izp/CFx
FMlxrRcavFV3XIbhTPyFqRFtn4wy+AgRdQeHSwPUyVmIMm0DnnjcKgbJzT9wwbbw
OFcrvCXNsRJ0PSXkObt8Z4CFyHqfkTS2OVxffejJw+JpaxcY7xZDMNyA9AFyeWfW
MqIl6YLJ8PN52PVisU1PAz5zEx7ZSXnRPr5Zpp5bcF1eoMiwP/Rih3IBgfnUBWgD
P+FNCmFUHCZOYQXo6Fg9h7jGmbmtNnt+79TahGoCcjUBQdHoy68yZKNM+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMlaYg/maVFKbWpQF+//BuLThLKmMB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEveVZwaUQtWnBVVXB0YWxBWDdfOEc0dE9Fc3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRPEAwQB
wn32AwQAwxaeMA0GCSqGSIb3DQEBCwUAA4IBAQCGE1npaR7hTCCx2CsmgaDPM7Fl
eP51TwcTknhb6UmsyidNx97OGK6Ic2YQnJF0XASHsPs+6YXOlmK2TadnZi/tanRj
BZBuZiTGH7RiQfmmxpNgXN4wQ1Wupwe7ITiIu90riQpGFskZ32kX3Pi7tT8LcfgA
a1oTa7yBwHt9iCk8Uv0AnT1xjQd7LoMjXptQQ//u8mSVYUn9t0CjT48RoDFSnh7L
IRJGaBLweA3ejWB6s+xneSKDXgEDIfdwyrzeCi7cgf8G0EhiTo/B7wgeBjyqqUj+
JqbmqlX114l0hqYxSaaZmqSVh7QXiv0jJr1BnWbS+YBcx1/rFv76+UKrX6R1
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:56:23 2025 by rpki-client