Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YQWsFj7h-FCdTh0pe1AFWKq7JOc.roa
File: YQWsFj7h-FCdTh0pe1AFWKq7JOc.roa (raw, json)
Hash identifier: FXo8cG81KAfYTROku+vHtqDVSVaM6wQNJEdgbOmiF0E=
Subject key identifier: 61:05:AC:16:3E:E1:F8:50:9D:4E:1D:29:7B:50:05:58:AA:BB:24:E7
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196F72D7AC6F291C6998EC9539C1FE6FFFF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YQWsFj7h-FCdTh0pe1AFWKq7JOc.roa
Signing time: Thu 22 May 2025 08:47:55 +0000
ROA not before: Thu 22 May 2025 08:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 89.106.74.0/24 maxlen: 24
89.106.75.0/24 maxlen: 24
89.106.76.0/24 maxlen: 24
89.106.77.0/24 maxlen: 24
89.144.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 22:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:2d:7a:c6:f2:91:c6:99:8e:c9:53:9c:1f:e6:ff:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 22 08:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6105ac163ee1f8509d4e1d297b500558aabb24e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:76:2f:22:72:79:15:66:0d:a2:87:0a:5c:4f:
bb:4d:29:e3:9c:16:29:5b:27:bf:31:1b:ca:fe:87:
3e:5c:61:a6:cc:ed:dd:42:1b:45:93:50:5f:18:92:
29:83:5b:39:95:c6:13:d4:d4:0f:ca:35:43:21:c5:
96:0c:8f:02:68:48:a9:bf:ce:b1:ab:c6:66:90:49:
ef:f0:eb:df:67:e8:2d:6b:de:e9:34:6a:c5:31:ec:
88:b2:f7:20:3b:af:27:6f:cd:b0:2c:5d:59:83:eb:
d5:32:cb:f7:5f:ce:c3:bd:d1:3c:00:77:de:9c:eb:
28:0f:7c:60:c1:9a:a5:75:81:ef:c7:b8:35:04:bc:
10:16:9d:5f:1e:2f:c6:d2:4e:14:26:f1:01:8b:20:
dc:6a:76:d2:e9:9a:ba:88:4b:9b:94:aa:06:10:2b:
b2:ed:eb:ec:8a:1a:e8:a5:c6:cc:69:44:ab:76:86:
ee:d1:b4:1f:f2:19:45:58:b3:ab:8b:34:81:62:51:
de:2e:11:58:b0:38:f5:d7:0f:ae:a4:05:7d:53:fd:
81:1d:3b:86:48:1a:a6:8f:68:62:58:bd:cc:64:1b:
06:d6:42:03:a9:ba:84:6f:74:ea:85:b2:ea:ae:c3:
1c:02:37:b5:02:8c:1b:1d:78:1d:b1:cb:4f:5e:d2:
4c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:05:AC:16:3E:E1:F8:50:9D:4E:1D:29:7B:50:05:58:AA:BB:24:E7
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YQWsFj7h-FCdTh0pe1AFWKq7JOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.74.0-89.106.77.255
89.144.47.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:64:78:d1:cb:4f:9b:0c:9c:2d:73:9c:46:d5:d7:23:27:b4:
79:70:37:43:78:64:41:fe:48:95:ca:0b:c3:b2:d2:a7:4e:bf:
b7:cf:77:9f:d0:87:ac:ce:9b:87:d0:f8:3b:1a:e2:e4:4b:e6:
9b:25:14:04:44:de:c8:41:f3:10:9c:97:11:ea:08:82:10:30:
a5:d7:67:05:6c:e4:c1:87:79:19:a3:8b:61:33:64:ef:aa:78:
df:6a:72:ff:81:40:0c:9a:f8:4e:a7:27:0e:51:d4:95:0c:05:
e2:f5:01:52:c8:6c:15:11:15:c5:48:1d:68:65:e4:e5:e4:15:
b8:2b:32:eb:a1:0b:b8:3c:a8:5c:fa:9e:83:5e:29:a1:c8:bc:
3a:5b:e2:bd:e4:7b:6a:29:0e:86:b7:13:08:30:a9:d7:1f:42:
c2:43:68:84:13:8a:3b:b2:26:d5:01:eb:ab:f7:8a:cd:89:ae:
56:47:6e:fa:bc:74:d1:b0:f0:fc:20:e4:e0:c0:d5:bd:ec:da:
49:52:1c:b5:7a:c0:c3:e9:ca:97:34:c8:ee:24:d0:07:46:ad:
c5:a6:a6:29:eb:fc:c2:d3:a7:d2:4c:e4:57:35:f7:e4:7a:1a:
09:a7:6f:c3:36:c9:6c:45:13:40:0e:d7:2a:17:75:9b:a4:4b:
ce:7f:d3:2e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZb3LXrG8pHGmY7JU5wf5v//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTIyMDg0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA1YWMxNjNlZTFmODUwOWQ0ZTFkMjk3YjUwMDU1OGFhYmIyNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXYvInJ5FWYNoocKXE+7TSnjnBYp
Wye/MRvK/oc+XGGmzO3dQhtFk1BfGJIpg1s5lcYT1NQPyjVDIcWWDI8CaEipv86x
q8ZmkEnv8OvfZ+gta97pNGrFMeyIsvcgO68nb82wLF1Zg+vVMsv3X87DvdE8AHfe
nOsoD3xgwZqldYHvx7g1BLwQFp1fHi/G0k4UJvEBiyDcanbS6Zq6iEublKoGECuy
7evsihropcbMaUSrdobu0bQf8hlFWLOrizSBYlHeLhFYsDj11w+upAV9U/2BHTuG
SBqmj2hiWL3MZBsG1kIDqbqEb3TqhbLqrsMcAje1AowbHXgdsctPXtJMLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGEFrBY+4fhQnU4dKXtQBViquyTnMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWVFXc0ZqN2gtRkNkVGgwcGUxQUZXS3E3Sk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFZakoD
BAFZakwDBABZkC8wDQYJKoZIhvcNAQELBQADggEBAIxkeNHLT5sMnC1znEbV1yMn
tHlwN0N4ZEH+SJXKC8Oy0qdOv7fPd5/Qh6zOm4fQ+Dsa4uRL5pslFARE3shB8xCc
lxHqCIIQMKXXZwVs5MGHeRmji2EzZO+qeN9qcv+BQAya+E6nJw5R1JUMBeL1AVLI
bBURFcVIHWhl5OXkFbgrMuuhC7g8qFz6noNeKaHIvDpb4r3ke2opDoa3Ewgwqdcf
QsJDaIQTijuyJtUB66v3is2JrlZHbvq8dNGw8Pwg5ODA1b3s2klSHLV6wMPpypc0
yO4k0AdGrcWmpinr/MLTp9JM5Fc19+R6Ggmnb8M2yWxFE0AO1yoXdZukS85/0y4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:38:46 2025 by rpki-client