Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/ylXwJ5Gf2Ge34mEVBi-43jNQ1p0.roa
File: ylXwJ5Gf2Ge34mEVBi-43jNQ1p0.roa (raw, json)
Hash identifier: mNw1gAvglqLnnj59bByjpiijwsWGdJ/Y2JtrRrOj9YE=
Subject key identifier: CA:55:F0:27:91:9F:D8:67:B7:E2:61:15:06:2F:B8:DE:33:50:D6:9D
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 01953CA294DD599F297EABD89621D42F4328
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/ylXwJ5Gf2Ge34mEVBi-43jNQ1p0.roa
Signing time: Tue 25 Feb 2025 10:24:02 +0000
ROA not before: Tue 25 Feb 2025 10:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51191
IP address blocks: 130.185.104.0/21 maxlen: 21
185.24.68.0/22 maxlen: 22
185.108.216.0/22 maxlen: 22
195.138.240.0/21 maxlen: 21
195.138.241.0/24 maxlen: 24
195.138.244.0/24 maxlen: 24
2a01:4a0:2000::/48 maxlen: 48
2a01:4a0:2001::/48 maxlen: 48
2a01:4a0:2002::/48 maxlen: 48
2a06:4b01:3301::/48 maxlen: 48
2a06:4b01:3303::/48 maxlen: 48
2a06:4b01:3304::/48 maxlen: 48
2a06:4b01:3306::/48 maxlen: 48
2a06:4b01:3307::/48 maxlen: 48
2a06:4b01:3308::/48 maxlen: 48
2a06:4b01:3309::/48 maxlen: 48
2a06:4b01:330a::/48 maxlen: 48
2a06:4b01:330b::/48 maxlen: 48
2a06:4b01:330d::/48 maxlen: 48
2a06:4b01:330e::/48 maxlen: 48
2a06:4b01:3310::/48 maxlen: 48
2a06:4b01:3311::/48 maxlen: 48
2a06:4b01:3312::/48 maxlen: 48
2a06:4b01:3314::/48 maxlen: 48
2a06:4b01:3315::/48 maxlen: 48
2a06:4b01:3317::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Feb 2025 07:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:a2:94:dd:59:9f:29:7e:ab:d8:96:21:d4:2f:43:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Feb 25 10:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca55f027919fd867b7e26115062fb8de3350d69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:67:f5:13:84:cd:68:31:72:f1:6f:ba:4d:25:
61:67:5b:0c:7c:68:bc:23:40:c0:1a:68:82:eb:c4:
c6:0c:16:57:92:83:04:79:85:b4:e8:5b:25:77:5d:
f2:d1:ce:2a:5b:18:25:e2:09:df:b0:b9:9e:d4:a5:
7f:31:7b:2c:dc:df:6c:4c:a1:37:2e:0c:4f:54:74:
11:c7:16:aa:10:00:6b:25:13:bb:d9:30:40:70:69:
c5:65:1e:c5:9e:36:f7:c3:3a:d9:10:7c:32:0c:6a:
bb:19:c5:62:e3:cb:b3:eb:92:be:d5:ae:3e:84:42:
42:76:8c:d0:9c:60:00:4a:66:2d:00:5c:67:c6:2c:
6f:50:64:00:f4:95:39:1c:46:0f:37:17:07:0a:1c:
2a:04:26:43:98:77:0d:70:c3:59:37:b0:3d:a6:18:
cb:d1:18:12:46:5d:4a:e2:60:ba:7e:93:f9:be:42:
fc:c2:85:e1:f5:f3:60:9a:4f:c7:62:06:94:26:3e:
a3:9f:03:59:96:6c:7e:d5:a9:59:ee:a6:c9:3f:40:
12:7a:66:1d:91:d3:6e:26:8c:07:31:b2:fe:74:5a:
b6:f9:7f:53:cf:e2:02:ef:66:0c:b8:83:5c:47:e8:
8d:95:1c:01:b6:a3:75:00:29:36:58:2d:25:ef:b8:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:55:F0:27:91:9F:D8:67:B7:E2:61:15:06:2F:B8:DE:33:50:D6:9D
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/ylXwJ5Gf2Ge34mEVBi-43jNQ1p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.104.0/21
185.24.68.0/22
185.108.216.0/22
195.138.240.0/21
IPv6:
2a01:4a0:2000::-2a01:4a0:2002:ffff:ffff:ffff:ffff:ffff
2a06:4b01:3301::/48
2a06:4b01:3303::-2a06:4b01:3304:ffff:ffff:ffff:ffff:ffff
2a06:4b01:3306::-2a06:4b01:330b:ffff:ffff:ffff:ffff:ffff
2a06:4b01:330d::-2a06:4b01:330e:ffff:ffff:ffff:ffff:ffff
2a06:4b01:3310::-2a06:4b01:3312:ffff:ffff:ffff:ffff:ffff
2a06:4b01:3314::/47
2a06:4b01:3317::/48
Signature Algorithm: sha256WithRSAEncryption
6a:4f:22:97:a5:2f:ed:c9:91:9f:8d:35:2b:da:d0:38:53:8c:
0f:e3:e7:6e:69:2f:d1:f6:19:57:81:a6:3f:ce:ab:64:1a:f9:
ec:8e:df:b6:67:0e:12:74:7b:1d:e3:7e:a0:51:da:95:95:00:
4f:f2:2e:b4:df:76:8a:d3:d3:32:2e:f9:65:d1:a9:59:08:8f:
97:f9:6d:a4:11:f3:8f:46:7d:cb:a7:9c:79:24:d1:04:45:78:
ed:6a:7a:68:26:06:a1:a7:64:93:2c:18:98:84:70:1e:75:c1:
17:a2:b5:32:cb:93:f3:b1:5b:ca:e0:49:20:16:0f:90:c3:1b:
56:75:74:e4:b1:b3:bd:4b:ba:c7:25:c4:ff:ce:41:1e:45:08:
26:98:3e:6d:39:67:f3:9d:53:e2:45:a4:ff:24:e1:6b:0c:03:
9d:07:2b:5c:df:b2:5e:f4:dc:59:9f:c1:56:3d:d2:91:b0:93:
dc:90:47:31:4c:2f:8c:df:e3:33:e7:d8:7e:77:f2:31:08:09:
1a:da:41:7d:8d:cc:74:a7:c1:02:7e:68:65:83:d9:be:69:03:
40:7b:5f:c8:75:a8:0e:07:71:cf:ea:6c:dd:14:e5:49:04:bc:
f0:41:7f:68:6b:74:4e:44:90:74:d6:ca:b4:0f:8b:06:60:6d:
e0:f0:73:c6
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZU8opTdWZ8pfqvYliHUL0MoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjUwMjI1MTAyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTU1ZjAyNzkxOWZkODY3YjdlMjYxMTUwNjJmYjhkZTMzNTBkNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWf1E4TNaDFy8W+6TSVhZ1sMfGi8
I0DAGmiC68TGDBZXkoMEeYW06Fsld13y0c4qWxgl4gnfsLme1KV/MXss3N9sTKE3
LgxPVHQRxxaqEABrJRO72TBAcGnFZR7Fnjb3wzrZEHwyDGq7GcVi48uz65K+1a4+
hEJCdozQnGAASmYtAFxnxixvUGQA9JU5HEYPNxcHChwqBCZDmHcNcMNZN7A9phjL
0RgSRl1K4mC6fpP5vkL8woXh9fNgmk/HYgaUJj6jnwNZlmx+1alZ7qbJP0ASemYd
kdNuJowHMbL+dFq2+X9Tz+IC72YMuINcR+iNlRwBtqN1ACk2WC0l77hDvwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFMpV8CeRn9hnt+JhFQYvuN4zUNadMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEveWxYd0o1R2YyR2UzNG1FVkJpLTQzak5RMXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzAeBAIAATAYAwQDgrlo
AwQCuRhEAwQCuWzYAwQDw4rwMIGEBAIAAjB+MBEDBgUqAQSgIAMHACoBBKAgAgMH
ACoGSwEzATASAwcAKgZLATMDAwcAKgZLATMEMBIDBwEqBksBMwYDBwIqBksBMwgw
EgMHACoGSwEzDQMHACoGSwEzDjASAwcEKgZLATMQAwcAKgZLATMSAwcBKgZLATMU
AwcAKgZLATMXMA0GCSqGSIb3DQEBCwUAA4IBAQBqTyKXpS/tyZGfjTUr2tA4U4wP
4+duaS/R9hlXgaY/zqtkGvnsjt+2Zw4SdHsd436gUdqVlQBP8i6033aK09MyLvll
0alZCI+X+W2kEfOPRn3Lp5x5JNEERXjtanpoJgahp2STLBiYhHAedcEXorUyy5Pz
sVvK4EkgFg+QwxtWdXTksbO9S7rHJcT/zkEeRQgmmD5tOWfznVPiRaT/JOFrDAOd
Bytc37Je9NxZn8FWPdKRsJPckEcxTC+M3+Mz59h+d/IxCAka2kF9jcx0p8ECfmhl
g9m+aQNAe1/IdagOB3HP6mzdFOVJBLzwQX9oa3RORJB01sq0D4sGYG3g8HPG
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:39:30 2025 by rpki-client