Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/yX6Br7BmjM-laiOnU-Of2yVCgQ4.roa
File: yX6Br7BmjM-laiOnU-Of2yVCgQ4.roa (raw, json)
Hash identifier: E1j6kCDXaKbaQo2RKRCcaqT2LiXFHHrA5I/v6LV2EWU=
Subject key identifier: C9:7E:81:AF:B0:66:8C:CF:A5:6A:23:A7:53:E3:9F:DB:25:42:81:0E
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 018CC26D0175424B958BFFE7CF75AC18EFC9
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/yX6Br7BmjM-laiOnU-Of2yVCgQ4.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8916
IP address blocks: 213.5.88.0/21 maxlen: 21
188.246.192.0/19 maxlen: 19
185.87.56.0/22 maxlen: 22
193.108.199.0/24 maxlen: 24
185.56.44.0/22 maxlen: 22
2a03:9800::/29 maxlen: 29
2001:67c:1b8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:01:75:42:4b:95:8b:ff:e7:cf:75:ac:18:ef:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c97e81afb0668ccfa56a23a753e39fdb2542810e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c5:54:bc:86:af:cb:9c:a9:89:e1:b2:8c:43:
20:88:04:dd:a8:0f:a4:18:7d:34:62:56:67:73:54:
5b:b9:dc:4d:fa:3f:a6:d4:b8:e5:35:61:67:01:a1:
09:55:03:da:a6:2b:c5:42:9c:c9:0e:c0:36:5f:69:
8e:bb:53:ee:c6:24:67:19:ea:44:f0:84:a1:7a:f7:
b7:86:c6:49:1a:6f:f7:bd:90:d4:1c:fb:8d:bf:9d:
86:14:da:e5:fc:81:00:1e:38:63:8b:85:68:4a:60:
49:44:32:b2:15:d0:d1:f3:fb:53:b7:ba:bb:80:18:
1d:13:0a:92:77:4e:33:de:49:e0:46:cb:23:36:a0:
6a:59:ee:f1:27:cf:d9:59:4f:5c:90:4a:e7:02:eb:
f4:08:f2:6f:45:17:6b:8b:ad:bd:93:df:27:84:f4:
88:77:65:bc:9d:dc:20:c1:0e:20:98:9f:6a:20:8f:
b7:99:d9:13:19:76:dd:c7:38:10:f1:f6:3e:53:7d:
be:93:d7:70:33:fe:80:b1:f7:51:50:ac:8b:6f:03:
2b:80:42:cb:30:68:57:73:c9:1c:3c:66:07:a5:17:
7f:6e:0c:fb:3f:b8:48:f2:f4:2e:f1:8a:10:3a:46:
5f:e1:de:cf:8c:3b:91:98:46:7d:8d:0d:89:57:28:
c8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7E:81:AF:B0:66:8C:CF:A5:6A:23:A7:53:E3:9F:DB:25:42:81:0E
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/yX6Br7BmjM-laiOnU-Of2yVCgQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.44.0/22
185.87.56.0/22
188.246.192.0/19
193.108.199.0/24
213.5.88.0/21
IPv6:
2001:67c:1b8::/48
2a03:9800::/29
Signature Algorithm: sha256WithRSAEncryption
c9:9f:ea:79:27:9a:de:a6:5b:15:00:c7:b3:86:0d:02:8d:af:
d8:40:93:39:30:2d:5d:5d:a9:a4:29:52:01:59:47:6e:6b:bb:
59:c9:9f:4f:55:8f:8c:d5:16:17:3a:6a:e9:70:16:74:a9:03:
8f:47:d7:07:aa:1e:d3:09:77:66:b7:6a:51:14:7c:29:6c:cb:
9b:dd:2d:0c:70:04:c9:e1:cd:6f:97:f2:b7:9d:27:04:74:a0:
ef:b2:94:d6:b1:ed:84:c8:d0:24:4b:8b:97:ce:f9:93:14:cc:
28:d9:36:3e:ad:c8:b8:be:2c:8f:d3:f2:dd:0e:a3:cb:1d:ca:
48:13:c5:42:05:81:1a:91:59:ec:56:98:9e:ee:4f:8f:f1:a5:
36:46:4a:f8:0a:a0:59:fe:60:14:58:85:20:7e:ff:fe:9c:97:
99:98:cd:68:77:27:23:4a:27:22:3f:9f:36:66:c7:94:90:fb:
f1:90:c8:79:59:ea:36:ad:0b:6e:50:ba:05:ed:eb:74:23:e6:
62:1a:62:f9:7d:07:9b:e3:3b:6b:1e:fd:a7:58:22:79:8c:ae:
68:d0:a3:69:37:19:73:5c:12:fc:cc:29:4b:9d:9f:bb:ae:e6:
89:b0:e7:35:83:2a:d8:b0:f4:f5:4c:4c:16:eb:81:e6:2c:34:
72:65:bb:1b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzCbQF1QkuVi//nz3WsGO/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdlODFhZmIwNjY4Y2NmYTU2YTIzYTc1M2UzOWZkYjI1NDI4MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsVUvIavy5ypieGyjEMgiATdqA+k
GH00YlZnc1RbudxN+j+m1LjlNWFnAaEJVQPapivFQpzJDsA2X2mOu1PuxiRnGepE
8ISheve3hsZJGm/3vZDUHPuNv52GFNrl/IEAHjhji4VoSmBJRDKyFdDR8/tTt7q7
gBgdEwqSd04z3kngRssjNqBqWe7xJ8/ZWU9ckErnAuv0CPJvRRdri629k98nhPSI
d2W8ndwgwQ4gmJ9qII+3mdkTGXbdxzgQ8fY+U32+k9dwM/6AsfdRUKyLbwMrgELL
MGhXc8kcPGYHpRd/bgz7P7hI8vQu8YoQOkZf4d7PjDuRmEZ9jQ2JVyjILQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMl+ga+wZozPpWojp1Pjn9slQoEOMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEveVg2QnI3Qm1qTS1sYWlPblUtT2YyeVZDZ1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCuTgsAwQC
uVc4AwQFvPbAAwQAwWzHAwQD1QVYMBYEAgACMBADBwAgAQZ8AbgDBQMqA5gAMA0G
CSqGSIb3DQEBCwUAA4IBAQDJn+p5J5replsVAMezhg0Cja/YQJM5MC1dXamkKVIB
WUdua7tZyZ9PVY+M1RYXOmrpcBZ0qQOPR9cHqh7TCXdmt2pRFHwpbMub3S0McATJ
4c1vl/K3nScEdKDvspTWse2EyNAkS4uXzvmTFMwo2TY+rci4viyP0/LdDqPLHcpI
E8VCBYEakVnsVpie7k+P8aU2Rkr4CqBZ/mAUWIUgfv/+nJeZmM1odycjSiciP582
ZseUkPvxkMh5Weo2rQtuULoF7et0I+ZiGmL5fQeb4ztrHv2nWCJ5jK5o0KNpNxlz
XBL8zClLnZ+7ruaJsOc1gyrYsPT1TEwW64HmLDRyZbsb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:00 2025 by rpki-client