Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/yjYTe0fBShC4qXoWrIGMHDrc878.roa
File: yjYTe0fBShC4qXoWrIGMHDrc878.roa (raw, json)
Hash identifier: +GxtOgUprQjGoKjas21uSKGQV4UM8die3A3X1QGNLF0=
Subject key identifier: CA:36:13:7B:47:C1:4A:10:B8:A9:7A:16:AC:81:8C:1C:3A:DC:F3:BF
Certificate issuer: /CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Certificate serial: 019421B21C15E6BF93B1138500C82C3C502E
Authority key identifier: 33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/yjYTe0fBShC4qXoWrIGMHDrc878.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24989
IP address blocks: 89.110.128.0/18 maxlen: 18
185.7.71.0/24 maxlen: 24
2a05:c700::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 08:19:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1c:15:e6:bf:93:b1:13:85:00:c8:2c:3c:50:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca36137b47c14a10b8a97a16ac818c1c3adcf3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3c:74:d4:7f:4e:83:05:55:38:f8:e5:44:26:
bb:10:28:11:27:de:5c:38:bb:8d:a1:28:48:3b:32:
fd:ea:bd:8b:24:66:66:4a:48:8f:ee:0d:41:8b:67:
c3:ca:06:2a:6e:96:20:eb:5d:25:d3:fd:13:78:46:
58:ff:a5:fc:45:c6:25:99:a4:0c:d3:cc:42:9e:9e:
56:d8:16:2c:48:83:1b:49:62:f4:bf:4a:4b:c4:17:
31:50:17:de:89:b5:36:74:d0:bf:04:0f:28:98:37:
c0:d6:f1:b8:af:6b:92:96:5a:36:92:dd:2a:c2:3b:
e6:a9:f4:b1:49:e0:ad:64:28:e0:fb:ef:62:b9:01:
c1:2b:e0:68:f3:fa:76:c7:6f:70:65:44:19:8e:39:
f2:63:23:35:a2:50:00:5e:dc:6e:c9:b1:b8:38:90:
80:31:a3:4c:48:55:e2:00:c7:7d:28:ff:51:75:29:
d6:42:11:b1:6a:bd:eb:28:12:00:1e:6e:57:8f:f6:
d8:8d:8b:05:c7:64:9a:c1:87:ca:4b:0c:9d:c1:9b:
63:08:01:98:59:d4:54:69:9d:2b:06:48:dd:36:50:
2a:79:df:7f:be:57:bf:b5:df:ba:9e:b6:6f:b2:8b:
2b:05:67:fb:e9:80:2f:5e:ab:a0:d4:38:d3:ab:8b:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:36:13:7B:47:C1:4A:10:B8:A9:7A:16:AC:81:8C:1C:3A:DC:F3:BF
X509v3 Authority Key Identifier:
keyid:33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/yjYTe0fBShC4qXoWrIGMHDrc878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/MxcGuRW6uNrCtVR_vIet62Hmrt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.110.128.0/18
185.7.71.0/24
IPv6:
2a05:c700::/32
Signature Algorithm: sha256WithRSAEncryption
50:5a:6d:1c:79:c7:7a:de:ad:4b:fc:43:19:bb:cc:23:ba:38:
a1:c1:07:90:6f:35:17:06:96:09:5a:e9:a6:83:45:ae:16:6d:
ef:3f:87:e3:36:5d:df:4d:21:d3:6c:d1:3b:6a:da:7b:8b:a0:
8e:8e:c2:9a:48:99:ea:b7:5b:36:c1:b4:42:33:29:77:be:12:
3a:7b:13:71:1c:15:8f:f1:87:5d:34:c6:53:a0:92:d2:eb:48:
72:a9:6a:b9:a3:8d:cd:1a:a5:7f:d0:e4:98:e8:95:8c:76:94:
da:cd:05:85:9e:d6:a4:dc:12:30:d7:ed:a6:71:30:70:4d:1f:
32:d3:39:df:66:9c:df:47:c2:c0:52:f5:b1:2d:06:8d:80:3b:
3a:3c:8e:2c:04:df:1c:f0:1c:b5:cc:47:da:74:81:b5:4c:6d:
6d:12:29:fd:c4:26:2a:c7:1c:0e:79:37:02:d8:60:00:10:81:
6a:fd:ed:4c:a9:f6:b7:c3:21:3b:ba:26:d1:04:7f:3c:2d:31:
a4:b6:3b:3e:0f:be:30:18:c5:8c:01:2b:c3:2a:b4:00:07:b4:
a9:25:d3:69:c7:c8:c0:f8:cd:b5:c2:6a:0e:56:ba:cd:0c:ab:
d5:7b:82:4d:87:e6:67:52:8f:eb:15:c5:e2:86:df:81:ab:aa:
17:de:76:a9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhshwV5r+TsROFAMgsPFAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMTcwNmI5MTViYWI4ZGFjMmI1NTQ3ZmJjODdhZGViNjFl
NmFlZGUwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM2MTM3YjQ3YzE0YTEwYjhhOTdhMTZhYzgxOGMxYzNhZGNmM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjx01H9OgwVVOPjlRCa7ECgRJ95c
OLuNoShIOzL96r2LJGZmSkiP7g1Bi2fDygYqbpYg610l0/0TeEZY/6X8RcYlmaQM
08xCnp5W2BYsSIMbSWL0v0pLxBcxUBfeibU2dNC/BA8omDfA1vG4r2uSllo2kt0q
wjvmqfSxSeCtZCjg++9iuQHBK+Bo8/p2x29wZUQZjjnyYyM1olAAXtxuybG4OJCA
MaNMSFXiAMd9KP9RdSnWQhGxar3rKBIAHm5Xj/bYjYsFx2SawYfKSwydwZtjCAGY
WdRUaZ0rBkjdNlAqed9/vle/td+6nrZvsosrBWf76YAvXqug1DjTq4sdTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMo2E3tHwUoQuKl6FqyBjBw63PO/MB8GA1UdIwQY
MBaAFDMXBrkVurjawrVUf7yHreth5q7eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAt
ZWM5NTE0OGZkMjM2LzEveWpZVGUwZkJTaEM0cVhvV3JJR01IRHJjODc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAtZWM5NTE0OGZkMjM2
LzEvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGWW6AAwQA
uQdHMA0EAgACMAcDBQAqBccAMA0GCSqGSIb3DQEBCwUAA4IBAQBQWm0cecd63q1L
/EMZu8wjujihwQeQbzUXBpYJWummg0WuFm3vP4fjNl3fTSHTbNE7atp7i6COjsKa
SJnqt1s2wbRCMyl3vhI6exNxHBWP8YddNMZToJLS60hyqWq5o43NGqV/0OSY6JWM
dpTazQWFntak3BIw1+2mcTBwTR8y0znfZpzfR8LAUvWxLQaNgDs6PI4sBN8c8By1
zEfadIG1TG1tEin9xCYqxxwOeTcC2GAAEIFq/e1Mqfa3wyE7uibRBH88LTGktjs+
D74wGMWMASvDKrQAB7SpJdNpx8jA+M21wmoOVrrNDKvVe4JNh+ZnUo/rFcXiht+B
q6oX3nap
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:13:00 2025 by rpki-client