Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/ybQudqzU5DyjhH3NABRSECFC-nw.roa
File: ybQudqzU5DyjhH3NABRSECFC-nw.roa (raw, json)
Hash identifier: f2fgaZKRGjBsSCRQWNh0Bnud8yQjX26ex3xsaOoAEOg=
Subject key identifier: C9:B4:2E:76:AC:D4:E4:3C:A3:84:7D:CD:00:14:52:10:21:42:FA:7C
Certificate issuer: /CN=64757185472f16d53eeb68a140e3513fa31c31d8
Certificate serial: 0195288A3AFD4B181EB79D1FFA468B681F2B
Authority key identifier: 64:75:71:85:47:2F:16:D5:3E:EB:68:A1:40:E3:51:3F:A3:1C:31:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHVxhUcvFtU-62ihQONRP6McMdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/ybQudqzU5DyjhH3NABRSECFC-nw.roa
Signing time: Fri 21 Feb 2025 12:45:02 +0000
ROA not before: Fri 21 Feb 2025 12:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208923
IP address blocks: 185.70.224.0/24 maxlen: 24
185.70.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 08:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:8a:3a:fd:4b:18:1e:b7:9d:1f:fa:46:8b:68:1f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64757185472f16d53eeb68a140e3513fa31c31d8
Validity
Not Before: Feb 21 12:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9b42e76acd4e43ca3847dcd001452102142fa7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:21:69:f4:a5:78:0e:33:26:f5:9d:44:29:cf:
28:d9:75:4b:4e:53:52:4b:ab:dc:01:89:87:d5:b4:
4e:b5:95:f0:e9:91:07:0e:c2:bb:38:ac:5c:2a:48:
30:ae:fb:43:82:86:32:70:7e:4f:93:df:7c:b2:cc:
75:91:29:28:fd:f1:82:60:af:6b:f7:54:76:8c:7b:
09:e1:e1:01:05:c8:0f:cc:61:e3:b8:87:f9:cf:ef:
0a:89:ea:23:be:3c:1f:f1:39:e6:35:20:08:f5:86:
6b:f1:71:33:eb:d3:96:42:f0:39:a5:4c:e7:ad:7b:
4f:e3:f1:59:a4:c0:b6:b2:64:bc:61:34:29:bb:6f:
3c:8f:5d:3b:0d:8a:89:5d:75:76:5e:16:1e:73:1e:
fd:47:17:f7:37:4e:2d:6b:e1:d9:f8:cd:88:eb:cb:
74:45:4b:5c:d8:e8:7e:df:d2:84:42:2a:03:a5:db:
87:5a:33:35:5c:8a:94:69:f0:f8:8f:1e:51:69:e5:
a6:52:1b:4d:81:3c:4a:5e:a9:91:57:b4:64:72:8e:
bb:f5:28:24:31:f9:14:cd:12:2c:5c:ac:51:fb:8a:
f4:5f:00:26:9d:2d:75:8d:5f:ab:8e:ef:e3:db:68:
b3:c7:3a:f5:51:6c:b7:90:23:e0:42:11:da:67:5f:
61:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B4:2E:76:AC:D4:E4:3C:A3:84:7D:CD:00:14:52:10:21:42:FA:7C
X509v3 Authority Key Identifier:
keyid:64:75:71:85:47:2F:16:D5:3E:EB:68:A1:40:E3:51:3F:A3:1C:31:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHVxhUcvFtU-62ihQONRP6McMdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/ybQudqzU5DyjhH3NABRSECFC-nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/ZHVxhUcvFtU-62ihQONRP6McMdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.224.0/24
185.70.227.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ab:fa:db:26:99:77:08:4e:ec:43:6c:c6:7d:be:5b:75:a1:
1e:42:4a:a8:4d:13:3f:91:96:02:56:84:9a:25:fb:1a:4a:84:
b7:75:ba:99:15:ca:29:76:58:19:b2:a4:f3:c8:da:bb:31:02:
ad:dc:f7:04:eb:fc:d4:8c:29:9a:58:ce:2f:cc:37:fe:d7:34:
f0:c0:58:66:34:b2:47:19:85:f0:73:5d:96:a3:b1:fe:b7:a9:
38:e7:7a:a2:79:38:97:52:1c:5b:f7:32:00:29:57:ef:0a:4e:
be:fc:94:35:5a:e9:60:55:31:eb:62:71:51:7d:55:f7:f2:52:
3b:50:bc:69:d6:6a:b5:7c:62:d5:d5:5e:93:8e:a5:30:55:ab:
81:2c:a7:2f:55:5e:7e:3d:0d:8f:29:f5:d4:86:bc:d6:39:c2:
8a:be:09:73:4f:eb:19:2b:cf:85:c6:7a:d9:78:e8:ef:a0:09:
11:2f:8b:64:55:3f:7d:a5:06:7b:b4:68:45:2e:75:32:27:a4:
bd:f3:b3:c2:7b:df:bf:35:50:4b:65:4a:f4:be:89:c8:9b:d9:
4b:cb:4d:da:d1:e7:12:81:ed:a0:07:67:50:96:9e:43:00:9d:
9f:9a:b2:dc:63:59:d3:18:af:5a:4d:b4:8e:94:e4:a0:ea:ad:
ca:8c:cb:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUoijr9Sxget50f+kaLaB8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NzU3MTg1NDcyZjE2ZDUzZWViNjhhMTQwZTM1MTNmYTMx
YzMxZDgwHhcNMjUwMjIxMTI0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWI0MmU3NmFjZDRlNDNjYTM4NDdkY2QwMDE0NTIxMDIxNDJmYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyFp9KV4DjMm9Z1EKc8o2XVLTlNS
S6vcAYmH1bROtZXw6ZEHDsK7OKxcKkgwrvtDgoYycH5Pk998ssx1kSko/fGCYK9r
91R2jHsJ4eEBBcgPzGHjuIf5z+8Kieojvjwf8TnmNSAI9YZr8XEz69OWQvA5pUzn
rXtP4/FZpMC2smS8YTQpu288j107DYqJXXV2XhYecx79Rxf3N04ta+HZ+M2I68t0
RUtc2Oh+39KEQioDpduHWjM1XIqUafD4jx5RaeWmUhtNgTxKXqmRV7Rkco679Sgk
MfkUzRIsXKxR+4r0XwAmnS11jV+rju/j22izxzr1UWy3kCPgQhHaZ19hbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMm0Lnas1OQ8o4R9zQAUUhAhQvp8MB8GA1UdIwQY
MBaAFGR1cYVHLxbVPutooUDjUT+jHDHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkhWeGhVY3ZGdFUtNjJpaFFPTlJQNk1jTWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xMjE0NDctZDJjOC00Y2E4LTk2Yzct
ODFkMTAwNzNkZWU0LzEveWJRdWRxelU1RHlqaEgzTkFCUlNFQ0ZDLW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xMjE0NDctZDJjOC00Y2E4LTk2YzctODFkMTAwNzNkZWU0
LzEvWkhWeGhVY3ZGdFUtNjJpaFFPTlJQNk1jTWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUbgAwQA
uUbjMA0GCSqGSIb3DQEBCwUAA4IBAQBQq/rbJpl3CE7sQ2zGfb5bdaEeQkqoTRM/
kZYCVoSaJfsaSoS3dbqZFcopdlgZsqTzyNq7MQKt3PcE6/zUjCmaWM4vzDf+1zTw
wFhmNLJHGYXwc12Wo7H+t6k453qieTiXUhxb9zIAKVfvCk6+/JQ1WulgVTHrYnFR
fVX38lI7ULxp1mq1fGLV1V6TjqUwVauBLKcvVV5+PQ2PKfXUhrzWOcKKvglzT+sZ
K8+FxnrZeOjvoAkRL4tkVT99pQZ7tGhFLnUyJ6S987PCe9+/NVBLZUr0vonIm9lL
y03a0ecSge2gB2dQlp5DAJ2fmrLcY1nTGK9aTbSOlOSg6q3KjMun
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:21 2025 by rpki-client