Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ystrv8wxdb09TLFxiCgpug64H_o.roa
File: ystrv8wxdb09TLFxiCgpug64H_o.roa (raw, json)
Hash identifier: s2i3wslzYzsflG9ZI0kjO2rvezMZu7f7brpM5EMP7Dk=
Subject key identifier: CA:CB:6B:BF:CC:31:75:BD:3D:4C:B1:71:88:28:29:BA:0E:B8:1F:FA
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019914D407BD4CB00E34810F8BE59F290699
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ystrv8wxdb09TLFxiCgpug64H_o.roa
Signing time: Thu 04 Sep 2025 13:04:23 +0000
ROA not before: Thu 04 Sep 2025 13:04:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1004
IP address blocks: 89.44.241.0/24 maxlen: 24
109.122.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Sep 2025 13:28:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:d4:07:bd:4c:b0:0e:34:81:0f:8b:e5:9f:29:06:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Sep 4 13:04:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cacb6bbfcc3175bd3d4cb171882829ba0eb81ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:85:e2:c8:8c:16:ac:45:26:eb:f6:c7:a0:cd:
0e:78:de:5e:ec:78:9f:61:af:59:45:1f:6e:46:a2:
dc:87:ff:df:6f:f9:d4:f1:52:61:2a:d1:82:c9:f7:
44:01:95:3e:53:4a:bd:06:9f:78:df:f5:4a:bd:04:
42:83:93:35:13:57:7f:cf:18:58:24:2e:43:9e:96:
8f:bc:46:8f:0b:6a:9e:14:db:b3:fd:08:58:1e:32:
6e:99:b6:14:8b:2c:8f:6b:9f:a1:c5:3a:1e:c8:47:
b1:73:d5:5c:36:bc:c5:be:5f:7d:ff:c0:ee:0f:a6:
81:ed:f8:c0:86:79:8e:e0:32:30:22:63:86:56:6d:
63:5d:8a:e8:03:b2:17:64:7c:09:4b:b0:91:a1:fd:
03:99:5b:84:c7:13:54:c2:cf:63:0c:b4:4a:c2:a8:
b7:3e:58:eb:24:f9:a2:1b:7a:35:98:eb:9a:f4:d8:
51:ac:e8:01:57:7d:8a:aa:1e:a8:c3:8e:eb:29:c7:
fd:f9:18:5c:3e:eb:47:56:45:b7:1f:a6:37:40:6b:
5d:f6:bc:4c:05:05:cb:70:d6:6d:3b:9f:b2:63:6a:
b3:73:73:1c:31:35:e9:be:f3:89:5b:a0:ff:ce:0a:
d0:90:a7:04:5a:b4:03:db:7c:73:cd:0c:9f:de:87:
5a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CB:6B:BF:CC:31:75:BD:3D:4C:B1:71:88:28:29:BA:0E:B8:1F:FA
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ystrv8wxdb09TLFxiCgpug64H_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.241.0/24
109.122.241.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4a:92:bb:3f:fc:44:a4:d9:ac:f1:ab:55:ab:62:dc:b8:e3:
ae:88:6d:ae:4f:49:7f:f1:3d:ad:a4:b1:69:b0:6e:2f:22:72:
c9:de:10:8c:3a:77:ad:1f:13:1f:cc:2e:b4:43:8a:50:ce:05:
c8:a6:df:04:86:bb:a3:c0:31:9c:93:3a:93:7b:de:84:93:a1:
3c:95:19:93:df:90:4d:6b:8d:5c:78:cb:2a:0a:21:dc:56:b6:
b5:76:50:38:6e:8b:ce:0d:31:ef:da:b9:ca:1a:af:4a:3c:60:
ba:59:14:09:2e:80:bc:2f:a6:be:b7:29:6b:a2:1e:77:a8:be:
50:be:7f:e0:14:7f:11:25:d1:e2:b4:fb:a1:21:f0:6f:5d:2e:
a5:1d:e1:cf:a2:e7:6a:89:e7:23:37:23:37:95:96:33:7e:70:
9f:9c:21:23:6e:3f:ab:cf:c6:a5:d8:3b:ee:3b:2b:cf:73:8e:
50:dc:0c:b1:d0:91:7d:2a:1a:69:50:de:37:69:50:24:ad:24:
d3:8f:9f:cb:c5:9b:88:17:f6:9d:b4:3a:1c:8a:25:d8:2e:0c:
57:f7:7f:ac:5e:e8:a7:78:17:c6:23:66:6a:41:f0:10:f0:7f:
43:ad:14:4a:c4:c2:4d:16:e5:06:f6:79:bd:51:27:c0:c5:a2:
57:c1:91:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkU1Ae9TLAONIEPi+WfKQaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwOTA0MTMwNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNiNmJiZmNjMzE3NWJkM2Q0Y2IxNzE4ODI4MjliYTBlYjgxZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4XiyIwWrEUm6/bHoM0OeN5e7Hif
Ya9ZRR9uRqLch//fb/nU8VJhKtGCyfdEAZU+U0q9Bp943/VKvQRCg5M1E1d/zxhY
JC5DnpaPvEaPC2qeFNuz/QhYHjJumbYUiyyPa5+hxToeyEexc9VcNrzFvl99/8Du
D6aB7fjAhnmO4DIwImOGVm1jXYroA7IXZHwJS7CRof0DmVuExxNUws9jDLRKwqi3
PljrJPmiG3o1mOua9NhRrOgBV32Kqh6ow47rKcf9+RhcPutHVkW3H6Y3QGtd9rxM
BQXLcNZtO5+yY2qzc3McMTXpvvOJW6D/zgrQkKcEWrQD23xzzQyf3oda2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMrLa7/MMXW9PUyxcYgoKboOuB/6MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEveXN0cnY4d3hkYjA5VExGeGlDZ3B1ZzY0SF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSzxAwQA
bXrxMA0GCSqGSIb3DQEBCwUAA4IBAQBeSpK7P/xEpNms8atVq2LcuOOuiG2uT0l/
8T2tpLFpsG4vInLJ3hCMOnetHxMfzC60Q4pQzgXIpt8EhrujwDGckzqTe96Ek6E8
lRmT35BNa41ceMsqCiHcVra1dlA4bovODTHv2rnKGq9KPGC6WRQJLoC8L6a+tylr
oh53qL5Qvn/gFH8RJdHitPuhIfBvXS6lHeHPoudqiecjNyM3lZYzfnCfnCEjbj+r
z8al2DvuOyvPc45Q3Ayx0JF9KhppUN43aVAkrSTTj5/LxZuIF/adtDociiXYLgxX
93+sXuineBfGI2ZqQfAQ8H9DrRRKxMJNFuUG9nm9USfAxaJXwZGW
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:18:13 2025 by rpki-client