Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/YEVAPM6WRIbb0u8MOwNgNVJwjFs.roa
File: YEVAPM6WRIbb0u8MOwNgNVJwjFs.roa (raw, json)
Hash identifier: b8a3glctMf3XL7Vacf+i0A1er+oOPaB8/fBSFoMLD/Q=
Subject key identifier: 60:45:40:3C:CE:96:44:86:DB:D2:EF:0C:3B:03:60:35:52:70:8C:5B
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 01942520E1DDBAE74A30A307504408947B4E
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/YEVAPM6WRIbb0u8MOwNgNVJwjFs.roa
Signing time: Thu 02 Jan 2025 03:48:19 +0000
ROA not before: Thu 02 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.195.0.0/22 maxlen: 24
2a01:77c0:1619::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Mar 2025 22:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:e1:dd:ba:e7:4a:30:a3:07:50:44:08:94:7b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Jan 2 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6045403cce964486dbd2ef0c3b03603552708c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9e:cf:bd:b0:50:3c:d8:9f:e0:9e:60:e0:60:
de:49:b4:41:98:28:b5:d6:c4:b5:7b:d6:23:13:35:
64:d7:63:ad:01:b0:c6:8a:4a:f9:87:49:d2:81:78:
12:45:0d:ba:d8:f9:04:6c:1d:6d:43:fc:94:aa:71:
63:36:02:d0:73:17:06:3c:9b:b4:f0:ca:07:a5:bf:
92:54:fa:d9:4f:32:45:0b:95:dd:bc:24:ef:fc:45:
d9:f6:2e:8a:6c:10:ad:b6:a4:ff:97:8e:6d:50:8e:
35:00:40:df:5f:4b:a2:3b:45:dc:cf:b0:29:47:2f:
f0:0a:66:a5:eb:2c:1e:85:2a:13:4c:1e:f8:45:1c:
3d:3f:d6:be:61:ad:c4:d5:23:a2:df:1e:ef:b4:5c:
77:5e:ff:ba:e2:b0:8a:67:c6:18:c1:23:4c:b6:cc:
75:d4:aa:c8:ce:a5:19:d2:4f:4e:67:4e:77:10:44:
94:d2:ef:a3:f7:b0:79:1f:a0:06:e7:39:34:9f:28:
7a:32:a1:5b:b5:51:2f:58:48:d7:05:96:47:a1:26:
83:0d:a2:ff:f0:d7:f6:8e:fb:39:27:45:59:cf:4b:
e8:9a:58:a5:86:c0:94:42:56:45:fb:b6:5c:df:5d:
08:15:1b:24:01:ee:49:0a:7f:0b:15:b6:23:3c:49:
29:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:45:40:3C:CE:96:44:86:DB:D2:EF:0C:3B:03:60:35:52:70:8C:5B
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/YEVAPM6WRIbb0u8MOwNgNVJwjFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.0.0/22
IPv6:
2a01:77c0:1619::/48
Signature Algorithm: sha256WithRSAEncryption
81:ac:7c:0f:cf:55:83:80:ba:60:76:49:a1:d3:1f:4f:ad:a5:
eb:e8:b0:ab:69:04:4a:87:59:1e:20:f8:52:72:97:15:c7:ba:
90:30:7d:2a:7d:59:2f:f8:c4:42:d0:e4:48:8e:ee:36:51:93:
ed:05:10:b1:e5:3e:92:96:67:c3:c9:24:f9:55:0c:5b:de:ce:
65:91:a8:15:20:fe:02:61:4f:68:92:b7:a5:12:d6:2e:81:ca:
30:7b:75:91:0f:cf:de:1b:07:fd:d3:2e:94:02:a4:f2:11:cc:
7f:6b:a1:60:d7:bc:c5:4b:a0:b8:08:90:72:b0:98:5f:07:fe:
16:ec:c8:80:d3:2e:3b:e3:66:7a:25:ce:2e:2d:6d:2c:7b:44:
2e:82:69:a8:f4:0e:f6:84:35:93:74:17:da:1a:c1:7a:b8:41:
04:4f:2d:2e:ac:56:53:a6:54:8b:a7:48:9a:b2:bd:79:e7:3f:
be:87:03:24:98:a9:68:a0:ec:7e:be:b5:5b:c2:ba:ac:cb:19:
fe:27:7c:49:0b:50:98:f1:86:ce:9c:38:2f:a1:03:56:dd:e1:
56:f5:42:a9:95:a4:d9:04:12:2d:62:13:d7:23:7e:b1:99:5f:
58:e0:1d:cb:8c:88:c4:5b:fb:37:f4:41:47:98:d8:b7:d1:12:
56:82:4f:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIOHduudKMKMHUEQIlHtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjUwMTAyMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQ1NDAzY2NlOTY0NDg2ZGJkMmVmMGMzYjAzNjAzNTUyNzA4YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J7PvbBQPNif4J5g4GDeSbRBmCi1
1sS1e9YjEzVk12OtAbDGikr5h0nSgXgSRQ262PkEbB1tQ/yUqnFjNgLQcxcGPJu0
8MoHpb+SVPrZTzJFC5XdvCTv/EXZ9i6KbBCttqT/l45tUI41AEDfX0uiO0Xcz7Ap
Ry/wCmal6ywehSoTTB74RRw9P9a+Ya3E1SOi3x7vtFx3Xv+64rCKZ8YYwSNMtsx1
1KrIzqUZ0k9OZ053EESU0u+j97B5H6AG5zk0nyh6MqFbtVEvWEjXBZZHoSaDDaL/
8Nf2jvs5J0VZz0vomlilhsCUQlZF+7Zc310IFRskAe5JCn8LFbYjPEkpKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGBFQDzOlkSG29LvDDsDYDVScIxbMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvWUVWQVBNNldSSWJiMHU4TU93TmdOVkp3akZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCucMAMA8E
AgACMAkDBwAqAXfAFhkwDQYJKoZIhvcNAQELBQADggEBAIGsfA/PVYOAumB2SaHT
H0+tpevosKtpBEqHWR4g+FJylxXHupAwfSp9WS/4xELQ5EiO7jZRk+0FELHlPpKW
Z8PJJPlVDFvezmWRqBUg/gJhT2iSt6US1i6ByjB7dZEPz94bB/3TLpQCpPIRzH9r
oWDXvMVLoLgIkHKwmF8H/hbsyIDTLjvjZnolzi4tbSx7RC6Caaj0DvaENZN0F9oa
wXq4QQRPLS6sVlOmVIunSJqyvXnnP76HAySYqWig7H6+tVvCuqzLGf4nfEkLUJjx
hs6cOC+hA1bd4Vb1QqmVpNkEEi1iE9cjfrGZX1jgHcuMiMRb+zf0QUeY2LfRElaC
T7c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:45:17 2025 by rpki-client