Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YN0I9Frr4ElU1I4LgXpR0LAibEQ.roa
File: YN0I9Frr4ElU1I4LgXpR0LAibEQ.roa (raw, json)
Hash identifier: i7ZY9lWsFT39q3JWE5+6lsVZyMgBm+UN5lTRbXI0nds=
Subject key identifier: 60:DD:08:F4:5A:EB:E0:49:54:D4:8E:0B:81:7A:51:D0:B0:22:6C:44
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0195DCB38F67529D1F9AF84A0FBD689B1C22
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YN0I9Frr4ElU1I4LgXpR0LAibEQ.roa
Signing time: Fri 28 Mar 2025 12:21:49 +0000
ROA not before: Fri 28 Mar 2025 12:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 87.229.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 20:49:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:b3:8f:67:52:9d:1f:9a:f8:4a:0f:bd:68:9b:1c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Mar 28 12:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60dd08f45aebe04954d48e0b817a51d0b0226c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f7:72:01:e4:20:31:f7:ce:45:91:9e:32:1c:
f8:0e:bf:7a:3b:d3:d8:4f:ec:81:ee:dc:0f:c1:1c:
c9:b1:78:be:06:42:05:ba:6b:2d:00:da:7b:49:52:
1a:1d:bb:d1:2d:af:66:2c:a8:52:1a:10:1c:a5:0b:
ab:48:da:4c:1b:20:1d:bc:9e:1c:2f:ac:f6:8e:cc:
90:d2:e8:2a:5e:96:7f:48:b6:35:d1:0b:f1:09:e4:
8b:f1:1f:3c:6c:5f:7f:06:42:68:09:90:53:1c:64:
67:4b:e2:61:a8:fc:b2:7b:fb:df:c8:82:f3:a2:fe:
e3:41:97:2d:e0:d1:33:ba:27:4f:33:97:43:0f:6b:
8c:ac:90:4c:7f:5a:e3:86:9c:42:6b:a9:46:66:c7:
4b:10:b0:bf:eb:f2:43:01:66:99:e3:20:e6:ce:47:
10:d1:4a:2a:f3:20:ac:77:20:dd:66:07:ff:80:94:
52:11:bb:57:cb:72:ed:57:16:3e:0c:e2:b6:b3:64:
52:37:16:e0:bb:85:41:a3:eb:dd:3f:e5:f2:e7:c8:
08:a7:3e:3a:aa:75:f8:73:fc:9d:cf:35:12:81:69:
0d:16:c3:f7:28:57:b6:39:59:79:14:24:d9:f0:de:
97:da:3c:b4:69:8a:b0:2f:9f:01:f3:60:d7:25:33:
4a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DD:08:F4:5A:EB:E0:49:54:D4:8E:0B:81:7A:51:D0:B0:22:6C:44
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YN0I9Frr4ElU1I4LgXpR0LAibEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.11.0/24
Signature Algorithm: sha256WithRSAEncryption
73:bb:b9:fc:63:5b:d8:6e:50:19:77:cc:b2:48:bd:28:ff:cd:
02:ba:c9:a8:50:b6:04:ae:20:03:f0:92:57:48:7a:ab:52:a8:
a6:e4:53:db:81:91:a1:97:13:e0:bc:ce:64:d0:40:3c:de:83:
30:1a:a7:35:11:e5:67:70:3c:22:bd:19:5a:d5:a8:fe:c9:6f:
f8:ef:2d:7a:05:7e:33:ab:1b:8a:b8:33:d6:af:a9:78:ee:c7:
56:bb:16:ec:ad:99:35:cb:bb:3d:5d:2a:5b:73:18:c7:14:19:
01:0f:5a:6a:76:47:21:74:5a:b1:45:0a:88:d3:1a:69:38:60:
ba:b3:93:92:d8:20:1e:49:29:e4:cf:45:12:0e:3c:68:50:21:
95:00:b1:9d:89:9e:45:e2:23:5d:07:c0:31:66:ab:87:31:7f:
36:71:d7:70:c1:e3:2a:d5:8c:b4:21:c6:0d:db:93:43:4b:13:
1b:6a:91:6e:57:3a:9b:64:b0:43:9a:e7:61:db:43:cc:92:69:
4b:78:d7:60:d0:53:9d:9d:b3:f5:39:d4:cf:d9:31:ee:60:dd:
02:42:4f:6e:96:d9:c6:84:05:5a:7a:bc:86:72:bc:2b:9d:04:
78:ac:e0:63:56:b2:18:d7:6c:09:f3:08:f5:1f:87:d4:c7:3b:
d6:59:e1:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXcs49nUp0fmvhKD71omxwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMzI4MTIyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRkMDhmNDVhZWJlMDQ5NTRkNDhlMGI4MTdhNTFkMGIwMjI2YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvdyAeQgMffORZGeMhz4Dr96O9PY
T+yB7twPwRzJsXi+BkIFumstANp7SVIaHbvRLa9mLKhSGhAcpQurSNpMGyAdvJ4c
L6z2jsyQ0ugqXpZ/SLY10QvxCeSL8R88bF9/BkJoCZBTHGRnS+JhqPyye/vfyILz
ov7jQZct4NEzuidPM5dDD2uMrJBMf1rjhpxCa6lGZsdLELC/6/JDAWaZ4yDmzkcQ
0Uoq8yCsdyDdZgf/gJRSEbtXy3LtVxY+DOK2s2RSNxbgu4VBo+vdP+Xy58gIpz46
qnX4c/ydzzUSgWkNFsP3KFe2OVl5FCTZ8N6X2jy0aYqwL58B82DXJTNKRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDdCPRa6+BJVNSOC4F6UdCwImxEMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWU4wSTlGcnI0RWxVMUk0TGdYcFIwTEFpYkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+ULMA0G
CSqGSIb3DQEBCwUAA4IBAQBzu7n8Y1vYblAZd8yySL0o/80CusmoULYEriAD8JJX
SHqrUqim5FPbgZGhlxPgvM5k0EA83oMwGqc1EeVncDwivRla1aj+yW/47y16BX4z
qxuKuDPWr6l47sdWuxbsrZk1y7s9XSpbcxjHFBkBD1pqdkchdFqxRQqI0xppOGC6
s5OS2CAeSSnkz0USDjxoUCGVALGdiZ5F4iNdB8AxZquHMX82cddwweMq1Yy0IcYN
25NDSxMbapFuVzqbZLBDmudh20PMkmlLeNdg0FOdnbP1OdTP2THuYN0CQk9ultnG
hAVaeryGcrwrnQR4rOBjVrIY12wJ8wj1H4fUxzvWWeG6
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:47:05 2025 by rpki-client