Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/ykHRT7yEQ3N3OhiWXKLe5R7JVmw.roa
File: ykHRT7yEQ3N3OhiWXKLe5R7JVmw.roa (raw, json)
Hash identifier: 3A/1Oy/+3JuzCbjoQoMyiT/vT/6fBqUjuXXtpqE5hd4=
Subject key identifier: CA:41:D1:4F:BC:84:43:73:77:3A:18:96:5C:A2:DE:E5:1E:C9:56:6C
Certificate issuer: /CN=79a295c80b54c2dbe77ba47de7daec6b986021b4
Certificate serial: 0195856690BE87920CCCABF9FF7892C5A4D9
Authority key identifier: 79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/ykHRT7yEQ3N3OhiWXKLe5R7JVmw.roa
Signing time: Tue 11 Mar 2025 13:30:46 +0000
ROA not before: Tue 11 Mar 2025 13:30:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213047
IP address blocks: 91.234.236.0/24 maxlen: 24
185.103.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 07:16:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:66:90:be:87:92:0c:cc:ab:f9:ff:78:92:c5:a4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a295c80b54c2dbe77ba47de7daec6b986021b4
Validity
Not Before: Mar 11 13:30:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca41d14fbc844373773a18965ca2dee51ec9566c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:41:57:2d:7f:c1:23:8a:13:a0:64:ac:b7:4c:
c0:1c:ff:6c:1a:f2:8e:58:d7:77:4d:1b:99:c7:b7:
56:5b:70:9e:44:20:7f:2e:80:d4:04:d1:b1:1f:51:
3e:4f:72:50:95:02:c7:ff:c8:37:07:7a:39:49:15:
8f:fc:a1:6d:3c:a2:02:cd:81:d9:cd:77:2f:55:df:
c5:19:f3:ce:4f:83:81:24:89:6d:40:24:19:cf:a7:
88:4c:ac:f0:e8:bc:08:92:71:cd:38:9c:38:74:ae:
6d:a9:9a:77:23:83:7a:23:bf:d0:64:65:3d:22:4e:
95:53:fb:4e:71:a8:d7:e7:20:64:42:4a:fe:bd:a2:
0e:b4:af:93:fa:52:00:31:a5:2b:33:c9:f2:57:84:
14:b6:e5:42:6f:6d:f6:18:d9:50:91:9a:d7:5a:4c:
1a:d1:3b:ab:b7:6a:52:f1:a5:59:ac:d6:fe:2f:a9:
27:4f:80:7a:56:5f:75:21:1d:a9:75:ff:44:94:d6:
3a:83:3f:93:4d:e2:5c:ae:2c:fe:d0:7f:1c:38:ce:
85:f8:57:b5:e3:2e:08:cb:b8:53:a1:96:da:9a:90:
89:ce:e2:b4:a3:06:5f:f2:ae:0c:96:a4:6e:f9:ec:
a9:15:61:4e:b8:73:41:85:27:9a:23:f4:bb:85:83:
4f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:41:D1:4F:BC:84:43:73:77:3A:18:96:5C:A2:DE:E5:1E:C9:56:6C
X509v3 Authority Key Identifier:
keyid:79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/ykHRT7yEQ3N3OhiWXKLe5R7JVmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eaKVyAtUwtvne6R959rsa5hgIbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.236.0/24
185.103.118.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b1:6b:8f:55:49:75:e5:a7:d6:44:a7:f2:ec:b9:c8:c4:10:
e0:30:ad:52:20:7d:78:57:e6:1a:fa:39:49:72:cc:d7:89:d7:
3c:93:7d:5d:40:26:1d:82:7d:fc:53:eb:36:31:81:07:d6:3b:
4f:16:ce:9f:9a:84:0d:41:ae:2d:52:40:5a:08:f9:1f:ef:38:
54:3c:21:bd:f5:45:6f:f4:28:60:c1:6e:a0:5f:16:a6:47:bd:
25:f5:be:64:4a:27:8f:ea:2b:f7:ba:7a:8a:d6:21:17:4f:c3:
1a:a6:69:32:9f:7c:1e:ad:15:2c:13:9e:44:8a:7d:03:92:70:
ca:bd:23:41:58:c1:6f:59:6a:61:69:72:9e:c4:da:9d:15:38:
8f:ee:0e:ce:a8:8d:fa:01:c9:92:4d:66:ba:66:30:79:c3:07:
74:24:a4:ac:3a:22:52:73:96:e9:cd:40:26:fc:16:e0:53:ac:
d1:1c:e7:a5:1f:77:e9:55:55:1e:f6:df:a4:56:f7:92:93:c5:
89:a4:a1:3c:c7:98:58:bf:b3:df:4e:43:e9:82:9c:3a:36:78:
8e:0b:a1:0a:14:e9:df:a5:c9:7b:ba:08:03:63:41:1f:9e:e2:
47:96:b9:69:ce:dc:2d:9d:06:f0:90:60:48:1d:a2:e8:6b:9e:
54:87:04:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWFZpC+h5IMzKv5/3iSxaTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTI5NWM4MGI1NGMyZGJlNzdiYTQ3ZGU3ZGFlYzZiOTg2
MDIxYjQwHhcNMjUwMzExMTMzMDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQxZDE0ZmJjODQ0MzczNzczYTE4OTY1Y2EyZGVlNTFlYzk1NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kFXLX/BI4oToGSst0zAHP9sGvKO
WNd3TRuZx7dWW3CeRCB/LoDUBNGxH1E+T3JQlQLH/8g3B3o5SRWP/KFtPKICzYHZ
zXcvVd/FGfPOT4OBJIltQCQZz6eITKzw6LwIknHNOJw4dK5tqZp3I4N6I7/QZGU9
Ik6VU/tOcajX5yBkQkr+vaIOtK+T+lIAMaUrM8nyV4QUtuVCb232GNlQkZrXWkwa
0Turt2pS8aVZrNb+L6knT4B6Vl91IR2pdf9ElNY6gz+TTeJcriz+0H8cOM6F+Fe1
4y4Iy7hToZbampCJzuK0owZf8q4MlqRu+eypFWFOuHNBhSeaI/S7hYNPvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMpB0U+8hENzdzoYllyi3uUeyVZsMB8GA1UdIwQY
MBaAFHmilcgLVMLb53ukfefa7GuYYCG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEt
MmJiYjQ4ZWZiMGVkLzEveWtIUlQ3eUVRM04zT2hpV1hLTGU1UjdKVm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEtMmJiYjQ4ZWZiMGVk
LzEvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+rsAwQA
uWd2MA0GCSqGSIb3DQEBCwUAA4IBAQAWsWuPVUl15afWRKfy7LnIxBDgMK1SIH14
V+Ya+jlJcszXidc8k31dQCYdgn38U+s2MYEH1jtPFs6fmoQNQa4tUkBaCPkf7zhU
PCG99UVv9ChgwW6gXxamR70l9b5kSieP6iv3unqK1iEXT8Mapmkyn3werRUsE55E
in0DknDKvSNBWMFvWWphaXKexNqdFTiP7g7OqI36AcmSTWa6ZjB5wwd0JKSsOiJS
c5bpzUAm/BbgU6zRHOelH3fpVVUe9t+kVveSk8WJpKE8x5hYv7PfTkPpgpw6NniO
C6EKFOnfpcl7uggDY0EfnuJHlrlpztwtnQbwkGBIHaLoa55UhwST
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:16 2025 by rpki-client