Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/y-yJ1h80dQbRp_SVl0Y1GhLiu_A.roa
File: y-yJ1h80dQbRp_SVl0Y1GhLiu_A.roa (raw, json)
Hash identifier: 0NVwth8GnGLP/jED12S9Kn3fiPkZ6MzjtMY6HERVZ9Y=
Subject key identifier: CB:EC:89:D6:1F:34:75:06:D1:A7:F4:95:97:46:35:1A:12:E2:BB:F0
Certificate issuer: /CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Certificate serial: 018E130335DDC5F22EA6A193433FA21B5E23
Authority key identifier: 57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/y-yJ1h80dQbRp_SVl0Y1GhLiu_A.roa
Signing time: Wed 06 Mar 2024 09:06:01 +0000
ROA not before: Wed 06 Mar 2024 09:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202214
IP address blocks: 185.50.64.0/23 maxlen: 24
185.50.65.0/24 maxlen: 24
185.50.66.0/23 maxlen: 24
185.50.67.0/24 maxlen: 24
2a01:a6a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Mar 2024 09:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:03:35:dd:c5:f2:2e:a6:a1:93:43:3f:a2:1b:5e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Validity
Not Before: Mar 6 09:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbec89d61f347506d1a7f4959746351a12e2bbf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7e:ab:50:44:a3:71:9e:f5:c2:6c:c1:f6:a9:
44:53:d6:03:5e:8d:49:2a:2e:65:d5:25:1f:b1:ba:
f2:16:3c:63:a0:ec:a7:09:53:d2:97:57:4f:50:af:
a5:c4:37:0f:d0:dc:df:b6:78:24:b5:1b:8d:49:85:
83:d5:d0:59:01:b4:93:02:51:03:32:af:c0:f1:b1:
80:59:d8:91:7e:a1:0e:a5:21:29:1c:1d:7b:50:48:
f9:9a:3a:ea:c3:99:0c:9c:ab:83:ed:fa:cd:89:d2:
27:7b:0b:71:cf:31:66:58:57:cc:59:a3:5b:aa:7e:
19:cb:46:d1:95:79:66:49:18:04:2b:b0:8b:cc:60:
6e:d5:e1:65:af:46:7a:a5:6d:28:e3:0b:28:08:a7:
a9:48:60:2a:30:ed:d9:56:45:5d:e1:0a:bb:90:a4:
b1:91:23:51:73:43:df:95:44:de:9c:29:e4:2d:01:
7e:33:2d:a3:5b:7f:9c:54:c7:f5:5c:f7:ef:b9:c4:
46:4c:63:37:bc:7f:6e:06:87:51:cd:f6:5f:6c:bc:
6c:d4:db:ed:a9:cd:af:4b:cc:57:d8:75:dc:64:53:
56:1d:2d:2e:1c:20:62:24:81:ab:52:ac:ca:c1:c5:
53:fb:ee:82:a3:34:6a:60:a4:50:a6:e8:07:4e:1c:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EC:89:D6:1F:34:75:06:D1:A7:F4:95:97:46:35:1A:12:E2:BB:F0
X509v3 Authority Key Identifier:
keyid:57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/y-yJ1h80dQbRp_SVl0Y1GhLiu_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/V04loW5dOqEQrF6DNfiPY-VLQvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.64.0/22
IPv6:
2a01:a6a0::/32
Signature Algorithm: sha256WithRSAEncryption
05:c5:f1:c9:cc:f8:06:c4:e8:b7:d3:07:b8:8b:5c:1c:f9:10:
1e:ea:16:3d:fd:27:6f:25:5e:c9:01:66:84:e9:22:a2:ab:d8:
56:bc:24:4d:33:a2:fa:a0:35:54:83:d9:4f:8c:e3:ec:41:93:
0b:3a:c1:84:32:f5:88:ab:b5:c1:af:8e:0a:60:5f:13:8c:b1:
53:6e:e3:56:28:67:15:6e:95:43:60:b4:4d:70:79:9b:25:84:
c1:cf:4e:e7:fc:34:d3:41:e8:a8:15:bb:e5:2b:22:1d:38:07:
83:08:ca:90:1b:a2:d7:85:c1:3f:45:0d:e3:47:3a:4b:37:6a:
d7:78:a5:5e:df:2d:a8:e0:c8:e8:e9:71:e1:6e:03:56:1a:70:
58:3d:81:11:53:fb:11:36:87:57:cc:37:18:b8:be:9f:23:b9:
c2:d2:d9:18:52:5f:b2:8c:b9:4e:36:3b:63:98:64:a0:dd:e5:
2c:31:89:05:f8:74:fd:01:82:e4:e9:29:e3:2b:13:67:38:29:
1c:e0:1f:f4:44:a5:8b:b8:93:d0:a5:c8:56:86:0b:5f:45:a7:
73:2a:00:28:10:10:2e:b3:41:1d:c7:2e:5e:96:c2:9e:49:a1:
45:d4:c5:ee:fc:58:f7:7e:fc:f2:4b:9d:ed:0c:5b:ee:42:de:
16:17:52:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4TAzXdxfIupqGTQz+iG14jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGUyNWExNmU1ZDNhYTExMGFjNWU4MzM1Zjg4ZjYzZTU0
YjQyZjEwHhcNMjQwMzA2MDkwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmVjODlkNjFmMzQ3NTA2ZDFhN2Y0OTU5NzQ2MzUxYTEyZTJiYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA136rUESjcZ71wmzB9qlEU9YDXo1J
Ki5l1SUfsbryFjxjoOynCVPSl1dPUK+lxDcP0NzftngktRuNSYWD1dBZAbSTAlED
Mq/A8bGAWdiRfqEOpSEpHB17UEj5mjrqw5kMnKuD7frNidInewtxzzFmWFfMWaNb
qn4Zy0bRlXlmSRgEK7CLzGBu1eFlr0Z6pW0o4wsoCKepSGAqMO3ZVkVd4Qq7kKSx
kSNRc0PflUTenCnkLQF+My2jW3+cVMf1XPfvucRGTGM3vH9uBodRzfZfbLxs1Nvt
qc2vS8xX2HXcZFNWHS0uHCBiJIGrUqzKwcVT++6CozRqYKRQpugHThzPMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvsidYfNHUG0af0lZdGNRoS4rvwMB8GA1UdIwQY
MBaAFFdOJaFuXTqhEKxegzX4j2PlS0LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEt
NTcxYWYwNjZjZjFlLzEveS15SjFoODBkUWJScF9TVmwwWTFHaExpdV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEtNTcxYWYwNjZjZjFl
LzEvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTJAMA0E
AgACMAcDBQAqAaagMA0GCSqGSIb3DQEBCwUAA4IBAQAFxfHJzPgGxOi30we4i1wc
+RAe6hY9/SdvJV7JAWaE6SKiq9hWvCRNM6L6oDVUg9lPjOPsQZMLOsGEMvWIq7XB
r44KYF8TjLFTbuNWKGcVbpVDYLRNcHmbJYTBz07n/DTTQeioFbvlKyIdOAeDCMqQ
G6LXhcE/RQ3jRzpLN2rXeKVe3y2o4Mjo6XHhbgNWGnBYPYERU/sRNodXzDcYuL6f
I7nC0tkYUl+yjLlONjtjmGSg3eUsMYkF+HT9AYLk6SnjKxNnOCkc4B/0RKWLuJPQ
pchWhgtfRadzKgAoEBAus0Edxy5elsKeSaFF1MXu/Fj3fvzyS53tDFvuQt4WF1KN
-----END CERTIFICATE-----
Generated at Mon May 12 19:03:26 2025 by rpki-client