Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YTt8ULIT2OGt9bHGPS5qyFwdOA0.roa
File: YTt8ULIT2OGt9bHGPS5qyFwdOA0.roa (raw, json)
Hash identifier: HFLfNaWIDLjas53pEnvsDxlTDmLrdxJ5pMMapBjGmhs=
Subject key identifier: 61:3B:7C:50:B2:13:D8:E1:AD:F5:B1:C6:3D:2E:6A:C8:5C:1D:38:0D
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0197368A39C2A809A7BB5CCB9CFD7C6908A7
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YTt8ULIT2OGt9bHGPS5qyFwdOA0.roa
Signing time: Tue 03 Jun 2025 16:05:17 +0000
ROA not before: Tue 03 Jun 2025 16:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 91.242.73.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 16:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:8a:39:c2:a8:09:a7:bb:5c:cb:9c:fd:7c:69:08:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 3 16:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=613b7c50b213d8e1adf5b1c63d2e6ac85c1d380d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2a:d8:7a:64:5f:18:b8:eb:ec:e5:d7:1b:73:
60:de:64:25:49:97:90:68:a9:32:37:df:65:10:e6:
4d:65:61:88:0f:da:d6:2d:70:45:89:bf:9c:c0:25:
9d:ae:58:56:0f:6f:fd:99:98:74:10:99:43:72:49:
bf:1b:a1:3c:47:79:1b:95:08:2c:ef:10:e3:e8:ee:
c2:58:82:93:81:05:ad:f7:6b:3e:d0:a4:10:42:0a:
45:d9:06:12:98:52:72:97:6a:26:e8:f9:bb:59:e9:
1d:55:8b:0e:f9:0d:64:33:56:56:1c:ce:a2:5f:1c:
3d:9a:38:25:11:88:6f:e5:57:0f:e4:6f:0d:2e:a3:
69:de:64:49:f9:c8:ba:e2:f5:1d:ca:87:59:d9:d5:
2b:52:7a:ab:db:67:02:25:5f:63:9a:47:9a:eb:d9:
cc:a0:c9:c7:f1:61:91:cd:38:02:e7:96:c6:80:d1:
f5:a1:ad:ba:c7:4f:91:d2:5f:ce:22:d4:f1:38:02:
5a:ab:13:9c:0f:6d:eb:dc:34:4b:19:93:92:2e:c1:
15:31:32:02:31:ad:ef:5a:0c:bd:35:e2:e9:16:14:
6b:81:0d:a1:15:c8:a5:ca:e7:e7:0a:ae:ca:ed:e0:
58:ac:80:ec:63:38:ba:96:d5:b3:eb:5f:3b:a6:71:
20:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3B:7C:50:B2:13:D8:E1:AD:F5:B1:C6:3D:2E:6A:C8:5C:1D:38:0D
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YTt8ULIT2OGt9bHGPS5qyFwdOA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.73.0/24
195.138.103.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ed:43:4a:29:63:73:28:44:c3:00:95:e5:a6:75:1a:4e:3e:
5f:ea:61:69:8d:0e:b6:49:b4:51:8d:65:ae:4b:11:00:7d:04:
7c:b2:a0:a9:9e:78:01:42:ba:45:f8:fe:46:ae:e7:67:6b:d1:
d5:7a:08:00:f0:c3:81:92:10:df:d3:75:36:1f:ff:6c:5f:dd:
0d:84:f6:85:30:a8:16:b2:4b:c2:0f:56:ee:ac:c4:b8:2f:ad:
f9:70:27:28:1d:59:0d:1b:60:db:0b:1c:71:bf:34:fe:3d:c8:
c8:59:1c:c1:19:11:f4:2e:ad:16:44:f8:ce:83:bf:c3:84:78:
4b:f2:d6:fa:c7:c8:6b:27:02:3c:a8:5e:8c:c4:a9:1b:89:53:
60:1f:55:90:fe:26:a0:ed:ab:3f:d2:0f:78:f4:94:ac:11:d2:
2d:80:26:c6:a1:9c:7a:cd:5e:49:10:44:88:b0:a3:14:f7:0b:
10:3d:b2:7b:3a:33:95:5c:f7:82:75:6d:64:27:73:52:c1:a5:
c5:65:b6:2a:8f:f1:ac:00:58:9f:8e:99:3e:79:09:61:1a:fb:
f9:59:0f:3f:7b:cf:96:89:f1:04:81:c4:d8:45:8b:2f:1e:3b:
60:38:13:08:3d:60:88:20:cf:90:1c:d3:be:f3:57:63:e3:c3:
17:97:e1:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc2ijnCqAmnu1zLnP18aQinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNjAzMTYwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTNiN2M1MGIyMTNkOGUxYWRmNWIxYzYzZDJlNmFjODVjMWQzODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCrYemRfGLjr7OXXG3Ng3mQlSZeQ
aKkyN99lEOZNZWGID9rWLXBFib+cwCWdrlhWD2/9mZh0EJlDckm/G6E8R3kblQgs
7xDj6O7CWIKTgQWt92s+0KQQQgpF2QYSmFJyl2om6Pm7WekdVYsO+Q1kM1ZWHM6i
Xxw9mjglEYhv5VcP5G8NLqNp3mRJ+ci64vUdyodZ2dUrUnqr22cCJV9jmkea69nM
oMnH8WGRzTgC55bGgNH1oa26x0+R0l/OItTxOAJaqxOcD23r3DRLGZOSLsEVMTIC
Ma3vWgy9NeLpFhRrgQ2hFcilyufnCq7K7eBYrIDsYzi6ltWz6187pnEgnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGE7fFCyE9jhrfWxxj0uashcHTgNMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWVR0OFVMSVQyT0d0OWJIR1BTNXF5RndkT0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/JJAwQA
w4pnMA0GCSqGSIb3DQEBCwUAA4IBAQBc7UNKKWNzKETDAJXlpnUaTj5f6mFpjQ62
SbRRjWWuSxEAfQR8sqCpnngBQrpF+P5Grudna9HVeggA8MOBkhDf03U2H/9sX90N
hPaFMKgWskvCD1burMS4L635cCcoHVkNG2DbCxxxvzT+PcjIWRzBGRH0Lq0WRPjO
g7/DhHhL8tb6x8hrJwI8qF6MxKkbiVNgH1WQ/iag7as/0g949JSsEdItgCbGoZx6
zV5JEESIsKMU9wsQPbJ7OjOVXPeCdW1kJ3NSwaXFZbYqj/GsAFifjpk+eQlhGvv5
WQ8/e8+WifEEgcTYRYsvHjtgOBMIPWCIIM+QHNO+81dj48MXl+H0
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:45:08 2025 by rpki-client