Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/yF-70U8iAomT_x1p6sVofX5mNC4.roa
File: yF-70U8iAomT_x1p6sVofX5mNC4.roa (raw, json)
Hash identifier: 8nA15LnuruaBsvbB/1PASgV2tON8/JOi2gl7Erz4tTY=
Subject key identifier: C8:5F:BB:D1:4F:22:02:89:93:FF:1D:69:EA:C5:68:7D:7E:66:34:2E
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 01942444F6637A8784AD477D11A4F3008268
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/yF-70U8iAomT_x1p6sVofX5mNC4.roa
Signing time: Wed 01 Jan 2025 23:48:06 +0000
ROA not before: Wed 01 Jan 2025 23:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212910
IP address blocks: 193.226.198.0/24 maxlen: 24
193.226.210.0/23 maxlen: 23
193.226.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 11:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f6:63:7a:87:84:ad:47:7d:11:a4:f3:00:82:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 23:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c85fbbd14f22028993ff1d69eac5687d7e66342e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:19:2a:dc:a0:6f:9e:1a:c2:6b:a1:97:50:
d5:98:99:7b:17:bb:dd:a1:fb:e8:c2:cb:7c:b8:8a:
51:a4:ab:a1:c2:46:85:1a:2d:00:4e:df:e4:bd:a3:
da:cc:8a:cb:da:99:13:23:d2:ee:e9:c4:78:a6:6e:
61:3e:f7:c2:ff:f8:35:f7:2e:52:38:13:22:dd:b8:
24:31:37:33:10:90:5f:18:ad:41:02:e6:3e:ff:2c:
69:54:6b:14:54:95:34:d7:b9:f0:07:86:3a:33:6a:
fa:8a:83:80:75:7c:8d:db:da:e9:c1:d9:45:9d:14:
de:03:da:3b:79:f4:7f:96:4a:12:a5:6c:1f:df:4b:
94:47:0b:23:b9:a4:dc:fd:7d:9f:e6:09:b6:c8:1e:
59:96:f4:17:e7:27:aa:16:73:b5:61:ca:ab:0d:c7:
92:d5:79:63:18:d0:0c:89:de:ef:68:e4:68:c9:dd:
3b:93:1d:90:23:66:2f:b5:e4:29:b1:d1:ce:ef:2d:
7b:70:cb:8c:b7:2c:92:1c:97:62:74:d7:3b:f4:92:
41:2e:17:3e:67:91:eb:78:b9:78:53:4f:f5:58:98:
63:c3:d4:97:89:cc:de:b2:81:51:89:45:9c:be:8f:
53:d8:1b:bd:44:0c:a3:fb:ab:60:b6:04:77:7b:34:
0b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5F:BB:D1:4F:22:02:89:93:FF:1D:69:EA:C5:68:7D:7E:66:34:2E
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/yF-70U8iAomT_x1p6sVofX5mNC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.226.198.0/24
193.226.210.0/23
193.226.216.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:7d:d2:71:76:9c:04:89:4b:d4:79:81:75:47:7f:35:e8:f5:
50:97:5a:cb:3b:ce:86:69:eb:45:1c:52:a6:fc:13:6e:3a:f7:
ff:8b:59:14:ef:7b:ce:0b:d9:88:3d:06:48:2e:e1:9e:31:97:
de:50:70:75:ca:fc:78:86:56:df:22:be:84:38:c7:c8:48:63:
7b:94:65:bb:47:4e:85:4f:e4:6f:5c:ee:7a:8c:70:51:f1:3d:
af:ab:cc:41:04:c4:02:74:0c:e7:88:67:c1:96:b7:53:8f:af:
9f:07:09:ae:47:6c:17:db:6f:96:75:33:f9:19:d9:db:e0:ab:
73:d0:1a:24:01:14:92:65:86:a1:f9:e6:2f:10:56:29:a9:a2:
c9:97:c1:e1:6b:67:27:8e:af:7e:78:62:97:23:52:c9:50:d7:
46:6d:4d:49:10:76:cf:e5:7c:4b:6f:f1:1b:ff:b2:53:fb:0b:
15:16:45:6a:bf:6e:52:aa:f4:8a:bb:db:36:46:7d:67:bf:37:
d5:20:31:9b:01:c3:44:13:2d:40:0f:7c:c1:14:1a:51:48:8e:
10:9c:8f:a8:55:fa:2e:94:b9:b7:b0:c2:5e:b3:a7:60:c3:d8:
f7:c5:76:06:4a:9c:1a:88:e9:a0:07:76:77:66:82:d9:18:cb:
61:67:bc:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRPZjeoeErUd9EaTzAIJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjUwMTAxMjM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODVmYmJkMTRmMjIwMjg5OTNmZjFkNjllYWM1Njg3ZDdlNjYzNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumwZKtygb54awmuhl1DVmJl7F7vd
ofvowst8uIpRpKuhwkaFGi0ATt/kvaPazIrL2pkTI9Lu6cR4pm5hPvfC//g19y5S
OBMi3bgkMTczEJBfGK1BAuY+/yxpVGsUVJU017nwB4Y6M2r6ioOAdXyN29rpwdlF
nRTeA9o7efR/lkoSpWwf30uURwsjuaTc/X2f5gm2yB5ZlvQX5yeqFnO1YcqrDceS
1XljGNAMid7vaORoyd07kx2QI2YvteQpsdHO7y17cMuMtyySHJdidNc79JJBLhc+
Z5HreLl4U0/1WJhjw9SXiczesoFRiUWcvo9T2Bu9RAyj+6tgtgR3ezQLcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMhfu9FPIgKJk/8daerFaH1+ZjQuMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEveUYtNzBVOGlBb21UX3gxcDZzVm9mWDVtTkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAweLGAwQB
weLSAwQAweLYMA0GCSqGSIb3DQEBCwUAA4IBAQCrfdJxdpwEiUvUeYF1R3816PVQ
l1rLO86GaetFHFKm/BNuOvf/i1kU73vOC9mIPQZILuGeMZfeUHB1yvx4hlbfIr6E
OMfISGN7lGW7R06FT+RvXO56jHBR8T2vq8xBBMQCdAzniGfBlrdTj6+fBwmuR2wX
22+WdTP5Gdnb4Ktz0BokARSSZYah+eYvEFYpqaLJl8Hha2cnjq9+eGKXI1LJUNdG
bU1JEHbP5XxLb/Eb/7JT+wsVFkVqv25SqvSKu9s2Rn1nvzfVIDGbAcNEEy1AD3zB
FBpRSI4QnI+oVfoulLm3sMJes6dgw9j3xXYGSpwaiOmgB3Z3ZoLZGMthZ7zX
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:25:37 2025 by rpki-client