Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Y07YiIYN6HSGsWqll9crSSewDxY.roa
File: Y07YiIYN6HSGsWqll9crSSewDxY.roa (raw, json)
Hash identifier: 9xZbU8cJ0DdeA88tDcuWlGGJNEevryiSBNTv8TKxvnY=
Subject key identifier: 63:4E:D8:88:86:0D:E8:74:86:B1:6A:A5:97:D7:2B:49:27:B0:0F:16
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019735BE12B2C8EAAAEE5449189FA19A0514
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Y07YiIYN6HSGsWqll9crSSewDxY.roa
Signing time: Tue 03 Jun 2025 12:22:18 +0000
ROA not before: Tue 03 Jun 2025 12:22:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.26.0/24 maxlen: 24
89.21.84.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 14:07:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:be:12:b2:c8:ea:aa:ee:54:49:18:9f:a1:9a:05:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 3 12:22:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=634ed888860de87486b16aa597d72b4927b00f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f1:47:fd:0c:c7:37:d3:a6:4a:47:29:a2:07:
11:8f:59:02:7f:59:ba:57:1b:85:3d:be:48:fb:12:
2e:1f:9e:e2:b5:94:8f:c2:98:0c:ac:85:da:2c:34:
8c:ae:08:a1:40:0d:10:f4:b6:f9:5b:74:cd:5e:37:
b2:06:c0:e6:d3:07:fc:fc:cd:2e:cb:e1:04:a2:cb:
58:87:f2:0d:35:64:82:a0:d4:74:71:d9:3e:df:8f:
06:89:83:cd:81:c6:aa:2b:ca:52:22:25:00:4f:09:
cf:7d:3f:4c:71:0b:79:d6:87:e6:40:ba:84:95:e7:
ca:0c:68:59:1e:4f:ef:63:d6:d9:4f:2d:9c:0c:55:
c5:fc:53:b2:85:28:de:bf:26:63:c6:c4:15:e0:da:
bd:93:c1:15:0b:f8:b1:9b:ac:61:ca:44:b9:e9:e1:
41:a8:56:ff:42:d6:e7:17:a1:91:5e:db:8f:a0:64:
01:ad:13:c1:21:ee:e6:4c:9b:37:29:8a:b2:2a:4f:
64:ee:fa:a8:cd:14:5c:af:ae:ab:d8:09:af:d3:a5:
dd:b2:9e:8b:82:7c:b7:f8:68:eb:b0:6d:cc:eb:a3:
e6:e4:7a:27:37:49:02:a6:a0:50:61:06:1a:97:0a:
b0:d3:ba:ce:95:67:ca:d4:c7:cf:c5:f4:7c:2e:03:
e8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4E:D8:88:86:0D:E8:74:86:B1:6A:A5:97:D7:2B:49:27:B0:0F:16
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Y07YiIYN6HSGsWqll9crSSewDxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.26.0/24
89.21.84.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a3:d8:ee:7a:d4:20:b1:ff:e3:77:d2:06:a3:60:31:66:d1:
07:b3:37:77:0f:02:19:9e:b7:3b:5c:90:d4:48:3a:55:90:b8:
29:8c:b5:d7:6c:2f:93:90:c9:ed:cb:52:85:61:3a:8d:d3:cf:
24:d2:94:9d:3a:20:c9:84:80:c0:b9:e1:94:b5:76:bd:3b:a5:
4c:b8:d3:f7:72:b4:38:0f:98:fb:77:6b:70:23:d7:e9:26:84:
50:ff:c2:4d:8a:3f:e9:fb:0a:d4:10:7b:88:df:2a:9c:61:3f:
57:43:a7:bc:c2:a8:a1:9a:dd:ce:dd:00:f5:02:54:cf:7f:bd:
1f:d3:2f:b2:74:4d:70:7b:31:f7:12:a7:9c:3c:5d:a5:0a:4a:
48:40:17:da:d0:94:27:60:c2:da:f9:87:b8:8e:67:be:87:31:
cb:8c:fa:15:48:00:72:a9:86:46:2d:07:81:ad:b8:2b:de:68:
c6:a9:3d:47:0c:0f:11:15:d3:02:94:21:a7:09:8d:ae:0a:ac:
7a:2c:52:d5:bc:08:9c:58:3b:95:8f:c2:8b:42:fd:bb:3a:17:
7b:07:dd:b2:fe:3a:ba:5b:8d:a6:36:e8:23:5b:75:f3:77:d8:
9e:52:ab:84:0c:e3:87:76:07:74:70:e3:36:b7:d8:ce:21:6d:
fb:b6:64:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZc1vhKyyOqq7lRJGJ+hmgUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNjAzMTIyMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRlZDg4ODg2MGRlODc0ODZiMTZhYTU5N2Q3MmI0OTI3YjAwZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvFH/QzHN9OmSkcpogcRj1kCf1m6
VxuFPb5I+xIuH57itZSPwpgMrIXaLDSMrgihQA0Q9Lb5W3TNXjeyBsDm0wf8/M0u
y+EEostYh/INNWSCoNR0cdk+348GiYPNgcaqK8pSIiUATwnPfT9McQt51ofmQLqE
lefKDGhZHk/vY9bZTy2cDFXF/FOyhSjevyZjxsQV4Nq9k8EVC/ixm6xhykS56eFB
qFb/QtbnF6GRXtuPoGQBrRPBIe7mTJs3KYqyKk9k7vqozRRcr66r2Amv06Xdsp6L
gny3+GjrsG3M66Pm5HonN0kCpqBQYQYalwqw07rOlWfK1MfPxfR8LgPoHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNO2IiGDeh0hrFqpZfXK0knsA8WMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWTA3WWlJWU42SFNHc1dxbGw5Y3JTU2V3RHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZUaAwQA
WRVUAwQAwV00MA0GCSqGSIb3DQEBCwUAA4IBAQCbo9juetQgsf/jd9IGo2AxZtEH
szd3DwIZnrc7XJDUSDpVkLgpjLXXbC+TkMnty1KFYTqN088k0pSdOiDJhIDAueGU
tXa9O6VMuNP3crQ4D5j7d2twI9fpJoRQ/8JNij/p+wrUEHuI3yqcYT9XQ6e8wqih
mt3O3QD1AlTPf70f0y+ydE1wezH3EqecPF2lCkpIQBfa0JQnYMLa+Ye4jme+hzHL
jPoVSAByqYZGLQeBrbgr3mjGqT1HDA8RFdMClCGnCY2uCqx6LFLVvAicWDuVj8KL
Qv27Ohd7B92y/jq6W42mNugjW3Xzd9ieUquEDOOHdgd0cOM2t9jOIW37tmRq
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:30:34 2025 by rpki-client