Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yPo33UcthncE0UGUN58lMziinX4.roa
File: yPo33UcthncE0UGUN58lMziinX4.roa (raw, json)
Hash identifier: ICqnZJb8KWVUYCMm68uKhc9ccPXZhrcTP08sbqpqSEk=
Subject key identifier: C8:FA:37:DD:47:2D:86:77:04:D1:41:94:37:9F:25:33:38:A2:9D:7E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521DAEE80D801BAC086077B26FC89CE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yPo33UcthncE0UGUN58lMziinX4.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
93.88.200.0/21 maxlen: 24
94.177.122.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 09 Jan 2025 13:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:da:ee:80:d8:01:ba:c0:86:07:7b:26:fc:89:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8fa37dd472d867704d14194379f253338a29d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:96:86:f2:c7:7f:46:62:26:5d:ce:b9:53:
4f:6f:0d:34:af:9d:94:b3:84:00:a4:70:a2:ae:0f:
97:f0:36:e6:0d:d5:70:d2:c7:f0:a2:38:8b:90:07:
f9:02:94:1d:61:9c:d8:22:61:ef:ae:c1:a0:fa:51:
7d:30:28:b8:fc:d0:d7:c2:38:9d:6f:6f:1a:2c:bc:
d3:f9:9f:9d:96:56:0d:77:0c:f9:fe:3a:b6:35:ef:
d8:d4:3a:a1:70:ea:d3:3b:e9:bf:5a:cb:09:9d:47:
8e:23:4b:12:6e:ae:84:1a:22:76:a6:f7:bf:d6:8b:
54:42:d4:ec:2c:fe:6e:7f:ac:a3:75:9a:06:9b:f7:
52:ab:09:5b:c0:f1:49:ae:20:de:20:a4:bf:14:6a:
89:3e:51:4a:64:57:ca:9c:fe:2d:e9:ca:42:f5:3a:
bc:ad:4f:9e:62:0a:c1:c1:e1:ae:e4:f0:5d:a0:71:
c0:b0:dc:c2:68:e2:46:a2:f9:91:ae:c6:c8:11:20:
86:ff:c7:03:9a:01:8c:7d:23:8b:5b:96:13:ba:0a:
ed:54:71:a3:ef:f0:e8:d8:f0:c6:f8:95:d3:f2:4a:
26:63:0e:bb:e3:74:ce:1b:9d:01:b5:6d:92:ef:18:
77:29:d6:04:a3:3f:1a:4c:cf:3f:68:5c:62:95:ec:
52:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FA:37:DD:47:2D:86:77:04:D1:41:94:37:9F:25:33:38:A2:9D:7E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yPo33UcthncE0UGUN58lMziinX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
93.88.200.0/21
94.177.122.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
5d:71:87:22:9d:5c:e5:60:2e:21:1f:03:7c:09:cd:62:8c:d5:
a6:fc:56:85:23:5e:3f:3c:42:b8:f4:3f:e5:56:90:10:04:fd:
85:20:6a:0e:18:e2:d7:be:68:b1:b1:a0:16:01:e6:20:8c:18:
61:4a:63:b3:ab:2e:cd:78:59:8a:5a:ae:97:ac:56:4e:d5:77:
48:51:b0:da:4c:5f:0e:fe:44:7f:d9:20:62:51:e3:cc:77:6d:
5a:d7:60:4a:78:11:97:e5:62:96:c2:6a:9c:ce:df:a1:44:fc:
6c:fb:db:63:8d:07:63:8d:f2:41:10:b7:ea:12:18:59:94:7e:
bf:17:82:ac:ce:30:42:33:af:7d:15:06:43:66:72:e1:9d:02:
2a:02:6b:57:8c:4d:4d:c3:ae:4e:62:df:b0:4d:0b:8f:d5:20:
8f:8a:00:ca:11:73:9f:68:6e:35:09:0e:c4:8c:b8:81:49:0e:
d8:7a:35:81:30:63:b5:ae:e9:96:6e:f5:7e:36:b2:f8:ac:29:
56:f7:f4:ef:cd:a9:37:7f:74:73:aa:c4:e0:4e:5d:ef:83:73:
a1:d8:c4:e3:28:87:08:c1:76:2c:db:15:00:03:a0:03:4d:fc:
57:df:94:1e:5f:ef:dc:cc:72:64:13:2b:fc:25:05:a5:78:02:
de:9d:86:68
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZQlIdrugNgBusCGB3sm/InOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGZhMzdkZDQ3MmQ4Njc3MDRkMTQxOTQzNzlmMjUzMzM4YTI5ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsCWhvLHf0ZiJl3OuVNPbw00r52U
s4QApHCirg+X8DbmDdVw0sfwojiLkAf5ApQdYZzYImHvrsGg+lF9MCi4/NDXwjid
b28aLLzT+Z+dllYNdwz5/jq2Ne/Y1DqhcOrTO+m/WssJnUeOI0sSbq6EGiJ2pve/
1otUQtTsLP5uf6yjdZoGm/dSqwlbwPFJriDeIKS/FGqJPlFKZFfKnP4t6cpC9Tq8
rU+eYgrBweGu5PBdoHHAsNzCaOJGovmRrsbIESCG/8cDmgGMfSOLW5YTugrtVHGj
7/Do2PDG+JXT8komYw6743TOG50BtW2S7xh3KdYEoz8aTM8/aFxilexSnQIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFMj6N91HLYZ3BNFBlDefJTM4op1+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveVBvMzNVY3RobmNFMFVHVU41OGxNemlpblg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjA2BAIAATAwAwQC
LYiIAwQDXVjIAwQAXrF6AwQAueh1AwQBwSFeAwQAwaNWAwQAwjJcAwQAwjJeMIHP
BAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMADBQMqCQTA
MA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6X
wwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHA
AwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcE
KhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQBdcYcinVzlYC4hHwN8
Cc1ijNWm/FaFI14/PEK49D/lVpAQBP2FIGoOGOLXvmixsaAWAeYgjBhhSmOzqy7N
eFmKWq6XrFZO1XdIUbDaTF8O/kR/2SBiUePMd21a12BKeBGX5WKWwmqczt+hRPxs
+9tjjQdjjfJBELfqEhhZlH6/F4KszjBCM699FQZDZnLhnQIqAmtXjE1Nw65OYt+w
TQuP1SCPigDKEXOfaG41CQ7EjLiBSQ7YejWBMGO1rumWbvV+NrL4rClW9/Tvzak3
f3RzqsTgTl3vg3Oh2MTjKIcIwXYs2xUAA6ADTfxX35QeX+/czHJkEyv8JQWleALe
nYZo
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:51:36 2025 by rpki-client