Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/YWQNgxDLE_1XF50aL4Jrrr8-iKM.roa
File: YWQNgxDLE_1XF50aL4Jrrr8-iKM.roa (raw, json)
Hash identifier: w93XcxueAfKimc4ezSj/rSJxNDGc6Iby8sPmtZxha2s=
Subject key identifier: 61:64:0D:83:10:CB:13:FD:57:17:9D:1A:2F:82:6B:AE:BF:3E:88:A3
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 0193699BF9B9981BA25102035CBB01522357
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/YWQNgxDLE_1XF50aL4Jrrr8-iKM.roa
Signing time: Tue 26 Nov 2024 17:54:09 +0000
ROA not before: Tue 26 Nov 2024 17:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35539
IP address blocks: 31.134.192.0/21 maxlen: 21
46.160.192.0/18 maxlen: 18
46.160.192.0/19 maxlen: 19
46.160.224.0/19 maxlen: 19
93.95.160.0/21 maxlen: 21
93.95.160.0/22 maxlen: 22
93.95.164.0/22 maxlen: 22
93.123.128.0/17 maxlen: 17
93.123.128.0/18 maxlen: 18
93.123.192.0/18 maxlen: 18
95.131.208.0/21 maxlen: 21
95.131.208.0/22 maxlen: 22
95.131.212.0/22 maxlen: 22
217.194.240.0/20 maxlen: 20
217.194.240.0/21 maxlen: 21
217.194.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:69:9b:f9:b9:98:1b:a2:51:02:03:5c:bb:01:52:23:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: Nov 26 17:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61640d8310cb13fd57179d1a2f826baebf3e88a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:54:d3:4a:e4:2b:20:ca:84:da:7a:e8:4a:94:
f6:23:7f:25:8b:6e:49:38:a1:38:93:a1:94:10:ef:
cf:ad:fc:df:01:bf:ad:94:a4:70:62:e4:7a:a1:d5:
55:d2:e5:08:26:08:54:09:83:7b:5d:56:7d:7d:17:
e7:57:06:7f:79:46:57:23:03:0a:2e:25:5f:84:34:
f0:3f:0d:a0:bf:18:a1:43:72:e7:6d:28:bf:09:c8:
f6:c3:04:47:c7:42:2f:4a:af:ee:c8:ae:93:c7:41:
db:02:96:dd:ec:85:03:b2:ff:72:66:91:2c:3a:63:
c4:28:6f:0f:07:d4:10:66:9b:16:ae:23:58:05:32:
7e:c8:6a:14:da:eb:bc:39:6f:be:59:69:70:e1:0a:
01:36:e9:14:28:70:13:cd:07:21:26:62:17:1f:9a:
dc:dd:f5:83:cd:12:19:b7:3d:00:4f:1c:46:4c:5a:
1b:61:d3:69:e6:5b:ed:b3:65:db:00:16:76:7a:5e:
af:d2:f3:e0:e5:50:b8:26:5b:e8:77:4b:fb:64:d3:
4f:c8:5c:64:50:d0:c6:3b:af:d5:fe:98:3b:2e:fe:
9a:0c:29:69:56:0c:bc:13:d5:42:f5:17:93:d6:8a:
2c:62:0b:34:ab:89:2c:b0:e1:ba:e7:d8:0c:ab:f7:
38:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:64:0D:83:10:CB:13:FD:57:17:9D:1A:2F:82:6B:AE:BF:3E:88:A3
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/YWQNgxDLE_1XF50aL4Jrrr8-iKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.192.0/21
46.160.192.0/18
93.95.160.0/21
93.123.128.0/17
95.131.208.0/21
217.194.240.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:ee:e4:d1:df:91:71:71:20:a5:24:4e:95:b0:c6:3e:a2:b5:
83:f5:01:91:82:47:5a:de:b9:12:ce:94:09:64:1b:70:3a:78:
04:4e:ff:8a:14:3f:11:d1:69:8a:e5:f3:34:15:0b:c7:13:b8:
20:56:41:54:74:06:d8:69:cc:a3:b5:a0:71:8c:c7:c2:65:f6:
eb:7e:25:f7:47:9e:cd:0d:6b:75:d1:29:ca:3e:90:8c:16:d8:
1f:12:a7:09:d9:91:14:51:25:b8:3e:f4:b6:1a:38:db:27:aa:
cf:66:aa:7a:b9:9b:ed:72:4e:73:cc:36:f6:ad:f2:a7:55:b1:
26:af:cc:e5:2a:7b:87:a1:f4:07:fa:7e:d8:e8:67:9d:cb:ca:
eb:8a:f2:07:21:f3:0b:b8:d7:b6:c4:f4:55:d4:20:08:16:eb:
bd:e3:01:14:29:fc:d4:b0:73:67:20:02:6d:c4:34:4c:c9:05:
ce:c5:d2:29:97:2e:c2:9d:6f:22:c7:8a:60:c3:9e:17:f4:07:
4e:60:d4:90:3e:e2:41:35:ea:f8:39:02:c0:84:4d:cf:54:38:
95:f9:cd:31:15:e3:db:00:8b:f0:26:f2:f1:bb:92:30:da:a6:
04:80:0b:84:99:26:2c:77:82:c7:be:c8:eb:48:05:fc:4c:4b:
bd:1a:c1:9e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNpm/m5mBuiUQIDXLsBUiNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjQxMTI2MTc1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTY0MGQ4MzEwY2IxM2ZkNTcxNzlkMWEyZjgyNmJhZWJmM2U4OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VTTSuQrIMqE2nroSpT2I38li25J
OKE4k6GUEO/PrfzfAb+tlKRwYuR6odVV0uUIJghUCYN7XVZ9fRfnVwZ/eUZXIwMK
LiVfhDTwPw2gvxihQ3LnbSi/Ccj2wwRHx0IvSq/uyK6Tx0HbApbd7IUDsv9yZpEs
OmPEKG8PB9QQZpsWriNYBTJ+yGoU2uu8OW++WWlw4QoBNukUKHATzQchJmIXH5rc
3fWDzRIZtz0ATxxGTFobYdNp5lvts2XbABZ2el6v0vPg5VC4Jlvod0v7ZNNPyFxk
UNDGO6/V/pg7Lv6aDClpVgy8E9VC9ReT1oosYgs0q4kssOG659gMq/c4gwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGFkDYMQyxP9VxedGi+Ca66/PoijMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvWVdRTmd4RExFXzFYRjUwYUw0SnJycjgtaUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDH4bAAwQG
LqDAAwQDXV+gAwQHXXuAAwQDX4PQAwQE2cLwMA0GCSqGSIb3DQEBCwUAA4IBAQCL
7uTR35FxcSClJE6VsMY+orWD9QGRgkda3rkSzpQJZBtwOngETv+KFD8R0WmK5fM0
FQvHE7ggVkFUdAbYacyjtaBxjMfCZfbrfiX3R57NDWt10SnKPpCMFtgfEqcJ2ZEU
USW4PvS2GjjbJ6rPZqp6uZvtck5zzDb2rfKnVbEmr8zlKnuHofQH+n7Y6Gedy8rr
ivIHIfMLuNe2xPRV1CAIFuu94wEUKfzUsHNnIAJtxDRMyQXOxdIply7CnW8ix4pg
w54X9AdOYNSQPuJBNer4OQLAhE3PVDiV+c0xFePbAIvwJvLxu5Iw2qYEgAuEmSYs
d4LHvsjrSAX8TEu9GsGe
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:26 2025 by rpki-client