Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/CYybXi7FVW53h3__njDWwePXFIo.roa
File: CYybXi7FVW53h3__njDWwePXFIo.roa (raw, json)
Hash identifier: ucYJxc/oRqlUtcG/Xphf/8Ah2gxhgjW/EJnwu7ugsX0=
Subject key identifier: 09:8C:9B:5E:2E:C5:55:6E:77:87:7F:FF:9E:30:D6:C1:E3:D7:14:8A
Certificate issuer: /CN=d261cfbc07ec306377dcb16a97a1160c7a6d82cc
Certificate serial: 0193F30D009F9AA20227479FE424F74F19B9
Authority key identifier: D2:61:CF:BC:07:EC:30:63:77:DC:B1:6A:97:A1:16:0C:7A:6D:82:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mHPvAfsMGN33LFql6EWDHptgsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/CYybXi7FVW53h3__njDWwePXFIo.roa
Signing time: Mon 23 Dec 2024 10:25:35 +0000
ROA not before: Mon 23 Dec 2024 10:25:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43495
IP address blocks: 91.197.88.0/22 maxlen: 22
194.4.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:0d:00:9f:9a:a2:02:27:47:9f:e4:24:f7:4f:19:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d261cfbc07ec306377dcb16a97a1160c7a6d82cc
Validity
Not Before: Dec 23 10:25:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=098c9b5e2ec5556e77877fff9e30d6c1e3d7148a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ed:ab:a1:a1:89:1d:8e:9c:c0:39:e8:75:62:
95:67:ac:c8:e2:da:44:ea:1b:43:e9:fe:d7:c1:ef:
7f:e8:44:b2:92:a0:0d:6b:a6:f2:45:25:7e:28:d3:
30:f8:60:95:3d:78:93:4c:70:81:7f:69:6a:f6:ed:
60:52:5e:15:d2:1f:94:71:a5:bf:ca:9d:e9:07:a6:
50:28:fc:19:d6:6f:d3:29:ef:61:8f:8b:a4:f1:23:
d3:f8:76:9f:5b:a7:a6:cf:04:9e:90:41:22:e2:53:
bc:62:66:1d:57:d3:74:4c:6e:7e:73:97:cf:cd:ea:
2c:43:3b:1d:3b:8c:f9:16:a3:13:48:c8:d6:95:21:
a2:59:9b:29:72:c6:ec:16:de:7f:9f:12:10:5e:cd:
79:d6:4b:e1:c1:f6:d9:ce:8a:76:f0:23:2f:07:b0:
65:c8:b6:19:4a:71:83:dc:40:1f:21:f5:60:46:d6:
d4:e1:45:2c:d3:9d:a5:c0:c0:39:9e:5e:3f:c7:7e:
0b:84:e6:2a:47:86:42:72:e9:76:fc:5a:33:80:b1:
f6:76:1b:37:af:f1:6b:74:3b:30:6d:6b:81:91:5a:
61:5e:44:c5:fb:be:a5:db:53:1e:77:ff:d9:ee:98:
be:a5:a1:40:bc:bd:e4:24:6b:97:2e:42:07:7e:15:
a0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8C:9B:5E:2E:C5:55:6E:77:87:7F:FF:9E:30:D6:C1:E3:D7:14:8A
X509v3 Authority Key Identifier:
keyid:D2:61:CF:BC:07:EC:30:63:77:DC:B1:6A:97:A1:16:0C:7A:6D:82:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mHPvAfsMGN33LFql6EWDHptgsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/CYybXi7FVW53h3__njDWwePXFIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/0mHPvAfsMGN33LFql6EWDHptgsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.88.0/22
194.4.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:61:96:2f:31:c6:6e:28:ff:ac:01:fc:ca:dd:51:d5:94:80:
44:b7:01:31:fa:01:9e:e4:19:e4:d5:a2:e8:87:38:c5:3e:77:
c8:7e:45:88:a4:9b:28:ac:8c:55:6a:58:89:8f:47:37:e2:18:
4f:9d:47:31:15:68:7c:96:61:b9:6b:30:a5:00:f7:96:fa:7f:
a2:66:65:20:e1:c6:f2:34:ca:3c:4a:14:db:a6:64:a9:c0:26:
4b:62:79:5c:4e:4b:e5:bc:50:9b:d1:17:f7:09:75:af:88:aa:
6e:60:5f:f8:54:13:06:0c:61:64:62:e2:80:d2:12:78:cc:60:
6b:ae:42:89:84:ce:b2:27:0d:53:51:10:03:fd:48:70:d3:74:
0b:89:af:dd:c9:76:b9:bd:b3:6a:f4:02:f1:00:84:53:55:5f:
de:9c:0a:f0:8a:37:01:7a:fc:33:09:cd:c9:a5:b5:ec:55:b5:
15:d0:85:62:16:c7:ec:3a:16:b7:d3:bf:46:8a:37:c0:34:9e:
b0:bc:57:c8:3a:84:90:73:62:4c:90:7a:6f:f5:b0:98:c7:50:
6d:64:6e:49:a0:83:c9:15:65:4a:18:76:6f:47:2c:69:41:45:
68:dd:70:fe:6d:e3:13:14:f1:41:50:d2:1d:c5:e2:9e:28:de:
74:14:2b:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPzDQCfmqICJ0ef5CT3Txm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjFjZmJjMDdlYzMwNjM3N2RjYjE2YTk3YTExNjBjN2E2
ZDgyY2MwHhcNMjQxMjIzMTAyNTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOThjOWI1ZTJlYzU1NTZlNzc4NzdmZmY5ZTMwZDZjMWUzZDcxNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO2roaGJHY6cwDnodWKVZ6zI4tpE
6htD6f7Xwe9/6ESykqANa6byRSV+KNMw+GCVPXiTTHCBf2lq9u1gUl4V0h+UcaW/
yp3pB6ZQKPwZ1m/TKe9hj4uk8SPT+HafW6emzwSekEEi4lO8YmYdV9N0TG5+c5fP
zeosQzsdO4z5FqMTSMjWlSGiWZspcsbsFt5/nxIQXs151kvhwfbZzop28CMvB7Bl
yLYZSnGD3EAfIfVgRtbU4UUs052lwMA5nl4/x34LhOYqR4ZCcul2/FozgLH2dhs3
r/FrdDswbWuBkVphXkTF+76l21Med//Z7pi+paFAvL3kJGuXLkIHfhWgowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAmMm14uxVVud4d//54w1sHj1xSKMB8GA1UdIwQY
MBaAFNJhz7wH7DBjd9yxapehFgx6bYLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1IUHZBZnNNR04zM0xGcWw2RVdESHB0Z3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80ZWFmYzktNTQ3My00NjAyLWExNDkt
OTIyYTE2ZDExN2RkLzEvQ1l5YlhpN0ZWVzUzaDNfX25qRFd3ZVBYRklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80ZWFmYzktNTQ3My00NjAyLWExNDktOTIyYTE2ZDExN2Rk
LzEvMG1IUHZBZnNNR04zM0xGcWw2RVdESHB0Z3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8VYAwQC
wgQ8MA0GCSqGSIb3DQEBCwUAA4IBAQCpYZYvMcZuKP+sAfzK3VHVlIBEtwEx+gGe
5Bnk1aLohzjFPnfIfkWIpJsorIxValiJj0c34hhPnUcxFWh8lmG5azClAPeW+n+i
ZmUg4cbyNMo8ShTbpmSpwCZLYnlcTkvlvFCb0Rf3CXWviKpuYF/4VBMGDGFkYuKA
0hJ4zGBrrkKJhM6yJw1TURAD/Uhw03QLia/dyXa5vbNq9ALxAIRTVV/enArwijcB
evwzCc3JpbXsVbUV0IViFsfsOha3079GijfANJ6wvFfIOoSQc2JMkHpv9bCYx1Bt
ZG5JoIPJFWVKGHZvRyxpQUVo3XD+beMTFPFBUNIdxeKeKN50FCt7
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:05:41 2025 by rpki-client