Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/y0rKdFX4702N0rfuCAE00RRZWmE.roa
File: y0rKdFX4702N0rfuCAE00RRZWmE.roa (raw, json)
Hash identifier: dU6vSEiqSuFV56ennmx3g0TT2e3wiBno3JTyJmxd7hk=
Subject key identifier: CB:4A:CA:74:55:F8:EF:4D:8D:D2:B7:EE:08:01:34:D1:14:59:5A:61
Certificate issuer: /CN=82f2455dcf45ae65a6fdccf8f7821ce3c524011d
Certificate serial: 0194274877F1EA8223ACD1A48C292863B586
Authority key identifier: 82:F2:45:5D:CF:45:AE:65:A6:FD:CC:F8:F7:82:1C:E3:C5:24:01:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gvJFXc9FrmWm_cz494Ic48UkAR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/y0rKdFX4702N0rfuCAE00RRZWmE.roa
Signing time: Thu 02 Jan 2025 13:50:48 +0000
ROA not before: Thu 02 Jan 2025 13:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42067
IP address blocks: 91.151.160.0/24 maxlen: 24
91.151.161.0/24 maxlen: 24
91.151.162.0/24 maxlen: 24
212.93.160.0/19 maxlen: 19
212.93.160.0/24 maxlen: 24
212.93.161.0/24 maxlen: 24
212.93.162.0/24 maxlen: 24
212.93.163.0/24 maxlen: 24
212.93.164.0/24 maxlen: 24
212.93.165.0/24 maxlen: 24
212.93.170.0/24 maxlen: 24
212.93.176.0/24 maxlen: 24
212.93.177.0/24 maxlen: 24
212.93.178.0/24 maxlen: 24
212.93.179.0/24 maxlen: 24
212.93.180.0/24 maxlen: 24
212.93.181.0/24 maxlen: 24
212.93.182.0/24 maxlen: 24
212.93.183.0/24 maxlen: 24
212.93.186.0/24 maxlen: 24
212.93.187.0/24 maxlen: 24
212.93.188.0/24 maxlen: 24
212.93.189.0/24 maxlen: 24
212.93.190.0/24 maxlen: 24
212.93.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 06:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:77:f1:ea:82:23:ac:d1:a4:8c:29:28:63:b5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82f2455dcf45ae65a6fdccf8f7821ce3c524011d
Validity
Not Before: Jan 2 13:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb4aca7455f8ef4d8dd2b7ee080134d114595a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e7:0a:87:52:7e:ae:ea:a6:b2:1a:2a:ba:0e:
1d:6a:b5:5d:66:7a:e0:fe:8b:8a:53:3f:d0:9f:2b:
45:06:ec:87:6f:6c:8c:ba:b0:10:4e:71:ac:8f:17:
65:77:03:c5:89:98:29:96:de:27:95:54:14:ad:77:
a2:5b:07:10:23:a0:ea:e1:73:75:36:aa:1d:6d:f0:
5f:ab:2f:9e:85:58:cc:47:7d:97:0d:58:c2:6a:2d:
5a:7a:ba:f5:80:b8:1b:bd:a9:05:49:0b:82:61:e2:
4c:b7:e5:f5:ed:e7:fa:a3:23:1d:54:40:67:70:50:
6b:6a:a0:b8:ce:09:87:4f:7c:6c:3a:9e:bb:8c:1a:
2c:1f:60:24:f8:d4:0c:27:b7:2a:5a:f4:a0:14:07:
dc:91:25:48:10:b4:ad:92:44:fb:e3:3e:dc:0f:de:
f1:c1:48:1d:d3:28:5f:60:bc:b1:eb:73:d5:91:88:
53:01:d2:06:39:0a:32:7d:a9:3b:b0:20:0d:75:4c:
22:f0:1e:e1:ed:5f:ef:6e:14:cc:6e:f6:73:fa:63:
9b:3d:d6:2a:ed:a4:63:44:77:59:31:a9:56:2c:0b:
b7:62:ec:f9:2b:a3:81:82:d4:2c:94:f4:13:6b:52:
28:9a:58:e7:f7:50:c0:26:08:43:80:6c:91:76:1c:
e2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4A:CA:74:55:F8:EF:4D:8D:D2:B7:EE:08:01:34:D1:14:59:5A:61
X509v3 Authority Key Identifier:
keyid:82:F2:45:5D:CF:45:AE:65:A6:FD:CC:F8:F7:82:1C:E3:C5:24:01:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvJFXc9FrmWm_cz494Ic48UkAR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/y0rKdFX4702N0rfuCAE00RRZWmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/gvJFXc9FrmWm_cz494Ic48UkAR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.160.0-91.151.162.255
212.93.160.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:ea:38:b0:48:81:96:6e:d7:8c:d7:91:7a:60:e9:b0:15:ed:
22:95:3d:9f:98:1d:3a:02:3d:80:58:a4:24:62:60:77:39:bd:
51:3e:42:52:14:9d:0f:29:f0:5f:1c:d0:0b:8e:54:2b:52:a0:
72:21:d0:00:de:26:15:69:e3:df:99:cc:77:30:12:08:11:33:
5d:ba:31:c2:ff:e2:be:4c:e9:e7:5b:81:10:ee:0a:de:1f:da:
5e:18:2c:f6:a7:59:05:ad:2a:cf:a0:7a:ac:4f:e6:09:b4:35:
5f:82:52:45:3d:e1:62:79:2b:7f:f7:f8:9b:6d:09:f5:a0:82:
41:dc:47:93:9d:10:15:0a:8f:4a:27:84:4e:4c:f9:48:57:36:
b8:ef:a2:f5:52:66:d6:d8:92:ee:d8:b8:7b:78:c5:b4:09:9c:
f4:19:21:0d:e7:d8:ff:01:94:d9:15:59:47:15:cd:20:49:af:
09:09:9d:5b:d0:3a:e5:91:1f:36:09:a4:bb:52:d7:56:e7:f4:
9b:a7:4a:aa:4c:e5:71:bd:c9:37:31:e1:17:6b:26:eb:e6:e9:
5a:7d:85:7d:08:fd:fd:57:40:f0:be:66:4c:4f:db:51:ca:2f:
e5:f5:8b:b7:7b:09:f0:b0:a5:d5:49:71:c5:01:ea:87:cd:93:
46:71:19:e0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnSHfx6oIjrNGkjCkoY7WGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZjI0NTVkY2Y0NWFlNjVhNmZkY2NmOGY3ODIxY2UzYzUy
NDAxMWQwHhcNMjUwMTAyMTM1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRhY2E3NDU1ZjhlZjRkOGRkMmI3ZWUwODAxMzRkMTE0NTk1YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOcKh1J+ruqmshoqug4darVdZnrg
/ouKUz/QnytFBuyHb2yMurAQTnGsjxdldwPFiZgplt4nlVQUrXeiWwcQI6Dq4XN1
NqodbfBfqy+ehVjMR32XDVjCai1aerr1gLgbvakFSQuCYeJMt+X17ef6oyMdVEBn
cFBraqC4zgmHT3xsOp67jBosH2Ak+NQMJ7cqWvSgFAfckSVIELStkkT74z7cD97x
wUgd0yhfYLyx63PVkYhTAdIGOQoyfak7sCANdUwi8B7h7V/vbhTMbvZz+mObPdYq
7aRjRHdZMalWLAu3Yuz5K6OBgtQslPQTa1Iomljn91DAJghDgGyRdhzicwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMtKynRV+O9NjdK37ggBNNEUWVphMB8GA1UdIwQY
MBaAFILyRV3PRa5lpv3M+PeCHOPFJAEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZKRlhjOUZybVdtX2N6NDk0SWM0OFVrQVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81YTI0ZGUtNDRmMC00YTU0LTkxMzct
ZWNkOWZhZmYyNjJjLzEveTByS2RGWDQ3MDJOMHJmdUNBRTAwUlJaV21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81YTI0ZGUtNDRmMC00YTU0LTkxMzctZWNkOWZhZmYyNjJj
LzEvZ3ZKRlhjOUZybVdtX2N6NDk0SWM0OFVrQVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVbl6AD
BABbl6IDBAXUXaAwDQYJKoZIhvcNAQELBQADggEBAFvqOLBIgZZu14zXkXpg6bAV
7SKVPZ+YHToCPYBYpCRiYHc5vVE+QlIUnQ8p8F8c0AuOVCtSoHIh0ADeJhVp49+Z
zHcwEggRM126McL/4r5M6edbgRDuCt4f2l4YLPanWQWtKs+geqxP5gm0NV+CUkU9
4WJ5K3/3+JttCfWggkHcR5OdEBUKj0onhE5M+UhXNrjvovVSZtbYku7YuHt4xbQJ
nPQZIQ3n2P8BlNkVWUcVzSBJrwkJnVvQOuWRHzYJpLtS11bn9JunSqpM5XG9yTcx
4RdrJuvm6Vp9hX0I/f1XQPC+ZkxP21HKL+X1i7d7CfCwpdVJccUB6ofNk0ZxGeA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:23:32 2025 by rpki-client