Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/yE1-x7tQsxi3I7o-mAbGQ0JD3qo.roa
File: yE1-x7tQsxi3I7o-mAbGQ0JD3qo.roa (raw, json)
Hash identifier: OMiooRge/HL0A7HRI97B5CX1nOrSiR3IDyVXEHMq1aE=
Subject key identifier: C8:4D:7E:C7:BB:50:B3:18:B7:23:BA:3E:98:06:C6:43:42:43:DE:AA
Certificate issuer: /CN=576d59494a0a927f7a68f909ecef577cd503db1c
Certificate serial: 019426D9B775BD62A45CF9BEC4E14FE81593
Authority key identifier: 57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/yE1-x7tQsxi3I7o-mAbGQ0JD3qo.roa
Signing time: Thu 02 Jan 2025 11:49:50 +0000
ROA not before: Thu 02 Jan 2025 11:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50812
IP address blocks: 91.193.106.0/24 maxlen: 24
91.193.107.0/24 maxlen: 24
91.224.6.0/24 maxlen: 24
91.224.7.0/24 maxlen: 24
185.30.48.0/24 maxlen: 24
193.105.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 14:24:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b7:75:bd:62:a4:5c:f9:be:c4:e1:4f:e8:15:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576d59494a0a927f7a68f909ecef577cd503db1c
Validity
Not Before: Jan 2 11:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c84d7ec7bb50b318b723ba3e9806c6434243deaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:f6:7e:b8:86:d9:53:63:81:09:4c:a1:2c:
af:3e:5f:d1:a9:fc:ab:d7:2b:d8:81:9f:92:2d:9e:
22:7e:14:79:0a:a3:63:20:c3:c4:b2:33:0e:ea:38:
90:ec:9d:91:64:35:aa:fb:1f:eb:b5:98:d9:61:9a:
10:03:00:01:96:2a:df:60:52:d3:22:fc:07:bb:af:
dd:56:06:50:fd:07:23:19:66:d3:c3:01:bf:2f:3a:
6f:cf:f8:0f:54:e2:c3:39:e4:67:ef:61:bf:b1:ce:
00:94:98:98:6d:17:c5:52:38:59:d2:e5:95:85:1c:
c2:84:9b:d6:84:81:f1:d1:e8:75:16:3e:ec:b5:c1:
9a:6c:d4:7a:b4:e6:24:10:0b:56:fb:f4:90:c4:a4:
bc:fe:4e:d5:73:b7:cd:1b:0c:1e:75:b4:af:5b:29:
74:f5:91:3e:6f:f2:5b:bc:82:9a:a5:c2:70:67:54:
8d:fc:90:69:f7:b6:7f:26:14:4b:bf:ee:3d:6c:b7:
a5:df:7e:6e:b6:ce:4a:da:06:c9:11:d5:03:63:33:
8d:94:5e:2d:cd:85:00:8f:21:5b:95:a0:d2:fa:bb:
36:3f:47:5c:c6:f9:ed:49:ea:da:d8:98:01:b9:85:
f5:73:17:50:84:43:7b:2f:4a:b7:7d:3b:b3:2e:31:
c1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4D:7E:C7:BB:50:B3:18:B7:23:BA:3E:98:06:C6:43:42:43:DE:AA
X509v3 Authority Key Identifier:
keyid:57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/yE1-x7tQsxi3I7o-mAbGQ0JD3qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.106.0/23
91.224.6.0/23
185.30.48.0/24
193.105.252.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:22:53:8c:2b:b8:f1:6a:47:60:a5:ea:27:62:b2:c6:d0:86:
51:ca:34:49:b2:88:03:89:cf:35:da:ca:68:2f:c4:99:3a:e6:
b5:67:49:f0:4a:cc:a1:83:54:46:6f:ac:bd:74:c4:0e:d2:07:
3b:07:e5:d9:18:02:f9:9d:d4:1e:26:dc:60:dd:61:d8:e1:c0:
e1:7e:0f:34:4e:cb:22:48:fa:c8:f0:45:1c:30:dd:80:d7:b2:
bd:7a:a7:a8:8f:11:79:4e:4d:6c:43:a1:55:db:5f:01:c2:af:
05:a3:22:36:aa:9e:14:ce:25:f0:02:49:10:99:33:ba:55:bc:
05:b6:bf:32:26:66:75:45:6c:59:c5:33:4f:f0:69:10:3e:c4:
8f:d4:12:36:fc:ac:00:9b:3b:c9:92:ba:66:f0:08:fc:fd:47:
9d:62:24:33:ed:e4:57:7f:72:10:78:55:8e:16:73:09:21:69:
30:81:f8:8d:0d:c5:09:51:ef:42:89:11:fd:c3:6a:07:fa:c7:
af:2d:ab:75:2f:c3:53:3a:45:7f:70:8e:96:03:03:50:93:cc:
c2:5b:1d:ac:7d:d4:81:1a:ff:e4:84:8d:ea:d0:2a:3f:45:8b:
df:e4:d8:b8:82:25:bb:84:0e:2f:05:6c:15:ab:3b:7b:57:9d:
d3:d1:ba:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQm2bd1vWKkXPm+xOFP6BWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmQ1OTQ5NGEwYTkyN2Y3YTY4ZjkwOWVjZWY1NzdjZDUw
M2RiMWMwHhcNMjUwMTAyMTE0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRkN2VjN2JiNTBiMzE4YjcyM2JhM2U5ODA2YzY0MzQyNDNkZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2H2friG2VNjgQlMoSyvPl/Rqfyr
1yvYgZ+SLZ4ifhR5CqNjIMPEsjMO6jiQ7J2RZDWq+x/rtZjZYZoQAwABlirfYFLT
IvwHu6/dVgZQ/QcjGWbTwwG/Lzpvz/gPVOLDOeRn72G/sc4AlJiYbRfFUjhZ0uWV
hRzChJvWhIHx0eh1Fj7stcGabNR6tOYkEAtW+/SQxKS8/k7Vc7fNGwwedbSvWyl0
9ZE+b/JbvIKapcJwZ1SN/JBp97Z/JhRLv+49bLel335uts5K2gbJEdUDYzONlF4t
zYUAjyFblaDS+rs2P0dcxvntSera2JgBuYX1cxdQhEN7L0q3fTuzLjHBLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMhNfse7ULMYtyO6PpgGxkNCQ96qMB8GA1UdIwQY
MBaAFFdtWUlKCpJ/emj5CezvV3zVA9scMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQt
MWYxOWE4YmRhM2VkLzEveUUxLXg3dFFzeGkzSTdvLW1BYkdRMEpEM3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQtMWYxOWE4YmRhM2Vk
LzEvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8FqAwQB
W+AGAwQAuR4wAwQAwWn8MA0GCSqGSIb3DQEBCwUAA4IBAQBrIlOMK7jxakdgpeon
YrLG0IZRyjRJsogDic812spoL8SZOua1Z0nwSsyhg1RGb6y9dMQO0gc7B+XZGAL5
ndQeJtxg3WHY4cDhfg80TssiSPrI8EUcMN2A17K9eqeojxF5Tk1sQ6FV218Bwq8F
oyI2qp4UziXwAkkQmTO6VbwFtr8yJmZ1RWxZxTNP8GkQPsSP1BI2/KwAmzvJkrpm
8Aj8/UedYiQz7eRXf3IQeFWOFnMJIWkwgfiNDcUJUe9CiRH9w2oH+sevLat1L8NT
OkV/cI6WAwNQk8zCWx2sfdSBGv/khI3q0Co/RYvf5Ni4giW7hA4vBWwVqzt7V53T
0bp3
-----END CERTIFICATE-----
Generated at Sun Apr 13 18:27:18 2025 by rpki-client