Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/YiLz7iIKCg0t_yPyG0TkBztUT84.roa
File: YiLz7iIKCg0t_yPyG0TkBztUT84.roa (raw, json)
Hash identifier: /yQDUuaQmTeKVJ5fyhUOSYRlQB3mrMqsnDwFp5ZS0+I=
Subject key identifier: 62:22:F3:EE:22:0A:0A:0D:2D:FF:23:F2:1B:44:E4:07:3B:54:4F:CE
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 019426D9FD83D07141852B16D9E79287248B
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/YiLz7iIKCg0t_yPyG0TkBztUT84.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57034
IP address blocks: 89.36.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 08:03:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fd:83:d0:71:41:85:2b:16:d9:e7:92:87:24:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6222f3ee220a0a0d2dff23f21b44e4073b544fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f8:bc:79:f6:68:c8:0e:31:94:69:55:f4:47:
5e:db:a7:99:8a:6f:15:2c:16:22:35:cc:1a:d4:f8:
93:a0:a8:ae:5d:fe:21:4a:f1:b3:7a:38:90:13:d7:
42:69:ed:9b:35:a2:ab:89:35:b4:88:7b:dd:5e:4f:
e6:c8:63:50:bd:61:6f:64:e8:24:85:16:bc:9f:da:
51:91:69:6a:f3:64:1f:f5:55:5d:65:fb:ae:51:c7:
5f:3e:7d:1a:3f:5e:e5:3d:37:a9:83:c7:1e:b9:37:
cb:ba:9f:31:72:af:c6:38:fc:7f:76:de:73:27:af:
bf:81:43:31:00:65:2a:bf:f8:2a:04:2c:f4:9e:44:
33:fe:1b:94:ac:e0:88:39:8b:67:27:23:38:6a:c1:
1c:ff:9e:9f:79:c2:1c:12:03:82:2e:3e:e0:0e:7d:
18:ce:94:b2:20:7b:d4:6d:80:65:f2:36:eb:4a:01:
b4:9b:21:45:de:f8:5d:90:1c:e3:d3:3d:0c:46:04:
31:0d:64:5b:03:44:1a:e0:da:ca:7d:1d:f4:2b:68:
da:2f:bf:18:4f:d5:0b:87:df:b4:7d:3c:2d:64:45:
cf:3b:a7:44:65:28:8a:45:5a:c2:4a:25:43:13:46:
b0:e1:1a:d2:97:64:fa:db:9c:32:2a:95:61:e0:25:
74:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:22:F3:EE:22:0A:0A:0D:2D:FF:23:F2:1B:44:E4:07:3B:54:4F:CE
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/YiLz7iIKCg0t_yPyG0TkBztUT84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.131.0/24
Signature Algorithm: sha256WithRSAEncryption
76:5e:e6:30:28:20:d1:e9:df:8d:29:e4:84:10:ff:2d:fb:55:
71:e2:62:d0:b7:34:41:86:1d:e1:54:ea:54:77:19:de:c6:4b:
87:2f:be:56:31:79:14:6b:60:68:0a:c8:32:46:a1:fd:61:b3:
69:b7:18:48:91:59:f2:4c:1e:4e:b7:89:cb:bb:9b:23:b0:e9:
e3:72:48:3f:90:50:06:b7:fe:5a:eb:d6:0e:43:c8:66:7d:b4:
b1:a1:78:cc:ad:f5:0c:b2:1e:75:19:b5:44:b5:a5:f5:f2:db:
3f:4a:e3:13:ac:45:df:c0:83:30:36:8d:a2:fe:7f:f1:45:22:
02:f0:03:89:5e:6c:80:a9:f0:b9:b2:1e:52:f0:89:3d:fd:9a:
92:45:5f:3f:9a:22:0a:3d:54:f9:c8:f4:79:60:7a:d7:65:9f:
98:ba:5e:4d:75:7d:ed:bc:0d:f6:b0:f7:27:ce:3c:03:55:9a:
90:91:aa:c3:cf:79:ab:20:39:bd:f7:0d:fe:94:5e:a9:8a:20:
14:48:24:34:df:60:b2:93:74:fd:21:60:fa:79:5b:59:e6:6a:
dd:ec:dc:44:6d:bd:fe:d6:a7:72:cf:30:96:e2:aa:f9:05:57:
08:f1:fe:af:27:fd:d9:4a:2b:18:7e:88:ca:60:24:0a:03:d5:
06:92:c5:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2f2D0HFBhSsW2eeShySLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjIyZjNlZTIyMGEwYTBkMmRmZjIzZjIxYjQ0ZTQwNzNiNTQ0ZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fi8efZoyA4xlGlV9Ede26eZim8V
LBYiNcwa1PiToKiuXf4hSvGzejiQE9dCae2bNaKriTW0iHvdXk/myGNQvWFvZOgk
hRa8n9pRkWlq82Qf9VVdZfuuUcdfPn0aP17lPTepg8ceuTfLup8xcq/GOPx/dt5z
J6+/gUMxAGUqv/gqBCz0nkQz/huUrOCIOYtnJyM4asEc/56fecIcEgOCLj7gDn0Y
zpSyIHvUbYBl8jbrSgG0myFF3vhdkBzj0z0MRgQxDWRbA0Qa4NrKfR30K2jaL78Y
T9ULh9+0fTwtZEXPO6dEZSiKRVrCSiVDE0aw4RrSl2T625wyKpVh4CV0GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIi8+4iCgoNLf8j8htE5Ac7VE/OMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvWWlMejdpSUtDZzB0X3lQeUcwVGtCenRVVDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSSDMA0G
CSqGSIb3DQEBCwUAA4IBAQB2XuYwKCDR6d+NKeSEEP8t+1Vx4mLQtzRBhh3hVOpU
dxnexkuHL75WMXkUa2BoCsgyRqH9YbNptxhIkVnyTB5Ot4nLu5sjsOnjckg/kFAG
t/5a69YOQ8hmfbSxoXjMrfUMsh51GbVEtaX18ts/SuMTrEXfwIMwNo2i/n/xRSIC
8AOJXmyAqfC5sh5S8Ik9/ZqSRV8/miIKPVT5yPR5YHrXZZ+Yul5NdX3tvA32sPcn
zjwDVZqQkarDz3mrIDm99w3+lF6piiAUSCQ032Cyk3T9IWD6eVtZ5mrd7NxEbb3+
1qdyzzCW4qr5BVcI8f6vJ/3ZSisYfojKYCQKA9UGksVh
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:48 2025 by rpki-client