Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yeldwfAPkoM8KAfKCjeLrFFsHBA.roa
File: yeldwfAPkoM8KAfKCjeLrFFsHBA.roa (raw, json)
Hash identifier: M1k2ks2A0zsM67eMK3iYw7QHQ1WxpCzR+mIOdriOJlY=
Subject key identifier: C9:E9:5D:C1:F0:0F:92:83:3C:28:07:CA:0A:37:8B:AC:51:6C:1C:10
Certificate issuer: /CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Certificate serial: 019422200C99234F6562021D4AC73BF0DB2B
Authority key identifier: CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yeldwfAPkoM8KAfKCjeLrFFsHBA.roa
Signing time: Wed 01 Jan 2025 13:48:33 +0000
ROA not before: Wed 01 Jan 2025 13:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211055
IP address blocks: 185.233.130.0/24 maxlen: 24
2a11:3400::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Feb 2025 15:23:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0c:99:23:4f:65:62:02:1d:4a:c7:3b:f0:db:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Validity
Not Before: Jan 1 13:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9e95dc1f00f92833c2807ca0a378bac516c1c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:f8:e1:64:23:31:8b:b6:bb:62:9e:3e:63:
7d:0d:13:7c:f5:3d:a3:17:3e:71:e1:f6:5d:18:1a:
76:c6:c6:c6:dd:53:84:76:ac:87:1c:1c:03:68:c7:
95:4c:07:6d:e8:9b:04:71:1a:cd:75:30:d3:a4:22:
2e:f8:a7:11:d1:56:76:95:ed:8e:c2:9b:68:cf:87:
11:b7:09:5c:19:35:34:5b:6a:6d:f0:e4:21:13:4d:
6f:90:11:4a:06:68:0f:be:56:a9:9e:4b:06:de:69:
e2:5a:f4:ae:ea:5b:99:6e:44:fb:b1:9c:46:6c:6c:
71:4e:c4:67:f9:50:dc:54:dd:41:6f:bd:b2:8b:e8:
21:bd:f9:70:9f:31:5e:07:c5:25:47:c4:37:0f:7a:
9f:4c:2f:78:68:43:2b:b4:9b:91:12:17:9a:98:91:
a1:ce:d8:21:c9:8f:72:df:7b:5c:8e:55:63:32:8a:
ba:75:59:63:e2:09:3f:26:05:32:92:56:41:a2:59:
f8:9a:71:3d:7c:f3:c7:6a:72:6c:38:e9:5e:a2:30:
20:56:d2:32:7b:8d:72:b7:3b:b2:ff:57:e4:b6:2d:
55:d5:b0:46:e8:40:1a:e6:0e:a2:5d:7c:f4:b3:57:
af:0b:a2:64:8b:3b:37:89:49:ba:5f:b0:ed:56:d0:
ac:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E9:5D:C1:F0:0F:92:83:3C:28:07:CA:0A:37:8B:AC:51:6C:1C:10
X509v3 Authority Key Identifier:
keyid:CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yeldwfAPkoM8KAfKCjeLrFFsHBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yjKc7Y77QfO0ogeNlLuwo6q0-wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.130.0/24
IPv6:
2a11:3400::/29
Signature Algorithm: sha256WithRSAEncryption
8b:84:c7:29:5a:32:22:ce:c8:bb:93:29:79:d7:f5:e7:67:bd:
54:d5:56:2f:c8:c7:b4:f6:89:90:aa:f6:48:ea:0e:ab:3a:0e:
fa:3d:71:58:de:39:c7:3a:de:dc:9f:4c:45:86:0e:99:4c:53:
71:79:e6:82:ec:a2:1a:90:54:22:c5:b4:15:ba:32:32:26:13:
e7:9b:d6:3d:f6:a0:2d:57:c9:f4:79:a2:fc:34:8f:33:97:24:
fa:57:00:02:7f:80:0c:95:65:85:e7:0d:c2:ca:3a:5f:5a:43:
66:06:64:f7:ef:64:d2:41:14:00:7a:2f:1f:52:e5:08:56:f3:
25:67:4f:51:d0:4d:6a:9b:ab:99:c6:7a:dd:23:58:95:bb:13:
be:93:d0:ac:f1:aa:be:15:88:0d:8c:ce:21:95:74:2c:a0:09:
52:7a:1b:2c:7e:b5:a3:ce:8a:45:83:ed:39:d6:4f:44:66:32:
9b:e8:7c:83:45:70:99:67:5f:4c:8c:f9:5c:b4:14:98:da:c5:
c7:8f:1c:9b:c7:1b:ea:e8:83:0e:fa:7a:8b:f7:43:dd:20:1e:
dd:7a:fe:c3:38:5f:27:9b:0c:c5:98:92:bf:8a:c0:4f:4e:2a:
ee:0e:e5:63:3c:e3:33:3e:7d:ba:4a:2b:a4:3a:1d:b0:53:6e:
38:0f:02:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIAyZI09lYgIdSsc78NsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzI5Y2VkOGVmYjQxZjNiNGEyMDc4ZDk0YmJiMGEzYWFi
NGZiMDIwHhcNMjUwMTAxMTM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU5NWRjMWYwMGY5MjgzM2MyODA3Y2EwYTM3OGJhYzUxNmMxYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnD44WQjMYu2u2KePmN9DRN89T2j
Fz5x4fZdGBp2xsbG3VOEdqyHHBwDaMeVTAdt6JsEcRrNdTDTpCIu+KcR0VZ2le2O
wptoz4cRtwlcGTU0W2pt8OQhE01vkBFKBmgPvlapnksG3mniWvSu6luZbkT7sZxG
bGxxTsRn+VDcVN1Bb72yi+ghvflwnzFeB8UlR8Q3D3qfTC94aEMrtJuREheamJGh
ztghyY9y33tcjlVjMoq6dVlj4gk/JgUyklZBoln4mnE9fPPHanJsOOleojAgVtIy
e41ytzuy/1fkti1V1bBG6EAa5g6iXXz0s1evC6Jkizs3iUm6X7DtVtCsOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMnpXcHwD5KDPCgHygo3i6xRbBwQMB8GA1UdIwQY
MBaAFMoynO2O+0HztKIHjZS7sKOqtPsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEt
OWRiYzM1NjcyMzI5LzEveWVsZHdmQVBrb004S0FmS0NqZUxyRkZzSEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEtOWRiYzM1NjcyMzI5
LzEveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuemCMA0E
AgACMAcDBQMqETQAMA0GCSqGSIb3DQEBCwUAA4IBAQCLhMcpWjIizsi7kyl51/Xn
Z71U1VYvyMe09omQqvZI6g6rOg76PXFY3jnHOt7cn0xFhg6ZTFNxeeaC7KIakFQi
xbQVujIyJhPnm9Y99qAtV8n0eaL8NI8zlyT6VwACf4AMlWWF5w3CyjpfWkNmBmT3
72TSQRQAei8fUuUIVvMlZ09R0E1qm6uZxnrdI1iVuxO+k9Cs8aq+FYgNjM4hlXQs
oAlSehssfrWjzopFg+051k9EZjKb6HyDRXCZZ19MjPlctBSY2sXHjxybxxvq6IMO
+nqL90PdIB7dev7DOF8nmwzFmJK/isBPTiruDuVjPOMzPn26SiukOh2wU244DwIS
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:38:17 2025 by rpki-client