Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/yQKyYYocHZEBy81XchICSoRhdlk.roa
File: yQKyYYocHZEBy81XchICSoRhdlk.roa (raw, json)
Hash identifier: Qsj9zK2m6ZSDrlkZdQGXRZZxYgZjl0icW5z8KwSO0OM=
Subject key identifier: C9:02:B2:61:8A:1C:1D:91:01:CB:CD:57:72:12:02:4A:84:61:76:59
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195124F5227796D753478988ABE2F24AEB2
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/yQKyYYocHZEBy81XchICSoRhdlk.roa
Signing time: Mon 17 Feb 2025 05:09:03 +0000
ROA not before: Mon 17 Feb 2025 05:09:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 14:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:4f:52:27:79:6d:75:34:78:98:8a:be:2f:24:ae:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 17 05:09:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c902b2618a1c1d9101cbcd577212024a84617659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bd:fe:6e:c3:0d:95:92:31:f6:1b:3f:a4:ae:
01:8e:72:3d:26:ef:21:81:6e:f1:16:d8:cc:58:a4:
95:fc:e8:97:0f:be:ae:86:d0:bc:70:4a:c5:99:31:
ae:57:49:64:bc:9b:c8:d0:ae:29:fa:6d:be:ab:03:
f7:5f:72:70:69:87:da:d8:f4:66:db:1d:16:10:16:
aa:97:66:3a:41:b7:51:a2:60:44:b3:7c:b1:9a:4f:
4b:96:1d:aa:4d:f3:c1:25:7d:53:1f:1a:99:3d:1e:
97:75:20:c4:5f:f0:1e:2e:fd:d2:dd:6c:5c:eb:49:
77:b2:04:ba:d5:1f:e6:a2:7e:57:0b:92:28:f1:a5:
70:9d:5a:06:a8:3b:cf:d1:43:42:4e:11:0d:8f:95:
27:db:62:23:1e:e1:43:dc:d0:55:4a:03:08:b7:07:
3b:93:c1:ae:2b:ba:41:b6:ca:69:cd:dd:fd:c7:83:
2b:d8:59:65:8f:ff:d3:e7:7b:0a:ed:84:de:9e:c7:
0b:1d:5d:95:c9:97:b1:ea:61:fb:7e:24:4e:52:8b:
34:ad:72:22:d6:2a:db:1c:0f:0f:1f:a6:11:b9:d9:
06:39:7f:79:67:b4:0d:8f:90:fd:e5:6f:c7:91:4b:
a5:7c:5a:83:11:09:3d:b4:c1:65:0d:d2:9e:01:fe:
0b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:02:B2:61:8A:1C:1D:91:01:CB:CD:57:72:12:02:4A:84:61:76:59
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/yQKyYYocHZEBy81XchICSoRhdlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
87.239.131.0/24
89.106.69.0/24
94.103.163.0/24
94.249.153.0/24
94.249.158.0/24
94.249.195.0/24
94.249.215.0/24
94.249.237.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
185.13.159.0/24
185.47.143.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:83:c2:65:5f:25:38:37:7c:88:3b:7e:a9:17:bb:10:1e:6a:
9a:d7:8f:2e:76:8f:0a:4d:b8:0c:ea:8f:c8:1c:2c:e6:ef:66:
48:f8:b0:86:8a:3f:e2:cb:01:72:2b:60:22:da:ee:6b:a9:85:
85:fb:f2:db:93:e9:f5:46:e5:4d:a1:3a:f2:8e:97:92:89:e5:
7d:4a:28:ea:fc:41:aa:a7:5c:09:1c:69:b0:11:59:a0:03:68:
d0:7c:77:85:2a:a8:ac:57:6b:75:1f:a7:4d:89:09:8a:16:84:
91:07:89:a5:e5:aa:24:aa:06:7c:27:fd:a0:b1:f9:d3:e6:e1:
e6:43:cf:4c:85:bf:a4:e8:b4:97:8d:10:ab:fd:be:c6:67:a7:
81:92:78:cf:fb:be:0f:6c:ec:34:20:ec:af:b6:c2:bc:13:32:
fa:74:ab:68:2e:04:20:47:19:27:6f:c1:2e:43:59:18:90:bd:
09:55:fe:54:ec:ab:6d:00:0e:a0:1b:da:2d:a1:23:2d:eb:15:
c9:c7:6c:09:4a:00:38:b5:86:0b:94:e3:9e:87:bd:e0:59:7e:
08:40:4b:22:65:dd:a9:2c:09:af:4c:6e:02:a8:57:fa:be:3b:
0d:a1:f3:02:a7:f4:e8:e3:ac:10:f7:91:24:39:86:7c:8f:14:
be:93:14:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZUST1IneW11NHiYir4vJK6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjE3MDUwOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTAyYjI2MThhMWMxZDkxMDFjYmNkNTc3MjEyMDI0YTg0NjE3NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb3+bsMNlZIx9hs/pK4BjnI9Ju8h
gW7xFtjMWKSV/OiXD76uhtC8cErFmTGuV0lkvJvI0K4p+m2+qwP3X3JwaYfa2PRm
2x0WEBaql2Y6QbdRomBEs3yxmk9Llh2qTfPBJX1THxqZPR6XdSDEX/AeLv3S3Wxc
60l3sgS61R/mon5XC5Io8aVwnVoGqDvP0UNCThENj5Un22IjHuFD3NBVSgMItwc7
k8GuK7pBtsppzd39x4Mr2Fllj//T53sK7YTenscLHV2VyZex6mH7fiROUos0rXIi
1irbHA8PH6YRudkGOX95Z7QNj5D95W/HkUulfFqDEQk9tMFlDdKeAf4LSQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFMkCsmGKHB2RAcvNV3ISAkqEYXZZMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveVFLeVlZb2NIWkVCeTgxWGNoSUNTb1JoZGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABVOBAwQA
Ba+KAwQAV++DAwQAWWpFAwQAXmejAwQAXvmZAwQAXvmeAwQAXvnDAwQAXvnXAwQA
XvntAwQAX9cgAwQAX9ciAwQAshKQAwQAuQ2cAwQAuQ2fAwQAuS+PAwQA2UWmMA0G
CSqGSIb3DQEBCwUAA4IBAQCjg8JlXyU4N3yIO36pF7sQHmqa148udo8KTbgM6o/I
HCzm72ZI+LCGij/iywFyK2Ai2u5rqYWF+/Lbk+n1RuVNoTryjpeSieV9Sijq/EGq
p1wJHGmwEVmgA2jQfHeFKqisV2t1H6dNiQmKFoSRB4ml5aokqgZ8J/2gsfnT5uHm
Q89Mhb+k6LSXjRCr/b7GZ6eBknjP+74PbOw0IOyvtsK8EzL6dKtoLgQgRxknb8Eu
Q1kYkL0JVf5U7KttAA6gG9otoSMt6xXJx2wJSgA4tYYLlOOeh73gWX4IQEsiZd2p
LAmvTG4CqFf6vjsNofMCp/To46wQ95EkOYZ8jxS+kxTy
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:13:03 2025 by rpki-client