Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Yw6in0Eci06y9KOV3WJOdulWL2k.roa
File: Yw6in0Eci06y9KOV3WJOdulWL2k.roa (raw, json)
Hash identifier: 2sI7ZzgA7Kmzsga8d1DlCDtAE65b9L90kfbC8X/eBnY=
Subject key identifier: 63:0E:A2:9F:41:1C:8B:4E:B2:F4:A3:95:DD:62:4E:76:E9:56:2F:69
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F8CE35DCD847EFF72AD6C0C2035D9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Yw6in0Eci06y9KOV3WJOdulWL2k.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 92.38.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 16:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8c:e3:5d:cd:84:7e:ff:72:ad:6c:0c:20:35:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=630ea29f411c8b4eb2f4a395dd624e76e9562f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:09:b2:de:c8:b7:8a:c8:29:3b:3a:4c:0e:8f:
21:ae:68:ff:fa:3e:f4:8d:23:b3:22:4b:40:d5:3b:
e9:a9:b2:b7:ae:fb:27:16:a7:5f:57:de:5c:19:e9:
e3:d9:e4:70:34:37:69:1a:36:4b:8b:a9:f7:e1:bb:
c3:4a:02:50:de:25:db:bd:28:ca:b6:27:5f:d8:80:
0e:9d:f2:dc:5d:80:85:c1:4f:39:81:61:9a:cb:b2:
8f:d2:32:c8:9a:44:c0:95:a5:67:4d:22:75:9e:9e:
55:c4:34:51:9b:52:29:fe:ec:85:e4:61:48:9b:cf:
b5:04:19:c5:69:d6:82:1b:ad:2e:9c:e8:80:af:a8:
a2:d1:14:e3:fb:94:9c:4c:1b:3d:6e:d8:e4:c8:ef:
b7:f0:95:aa:53:9c:cb:6a:ae:25:08:1e:06:fd:13:
c9:c5:85:4c:68:5f:e5:f3:e0:38:b7:d0:8e:d0:aa:
53:84:76:07:98:e4:36:15:6d:40:94:80:0b:59:c5:
1d:6d:46:b8:60:15:ef:1c:91:dc:73:1f:0c:c5:91:
97:02:99:de:cb:97:12:a0:cf:75:e4:51:42:4e:76:
0c:45:07:5f:84:c6:e8:77:17:4b:dd:98:68:c8:7a:
3a:71:10:81:de:fc:04:82:5c:49:53:cf:e8:cc:9a:
ce:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0E:A2:9F:41:1C:8B:4E:B2:F4:A3:95:DD:62:4E:76:E9:56:2F:69
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Yw6in0Eci06y9KOV3WJOdulWL2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.6.0/24
Signature Algorithm: sha256WithRSAEncryption
81:77:86:a3:7e:6c:8d:31:0f:53:9d:d7:d9:77:1a:41:a1:7b:
ed:d5:15:c1:a9:5c:bf:83:01:36:d1:de:43:70:2e:ef:06:ca:
f5:f1:4f:54:30:e9:8d:b9:1e:5b:65:99:bf:8d:b4:67:d2:34:
b5:6a:d1:5a:5e:43:70:8c:98:7e:9f:cf:fb:7a:14:2e:cb:eb:
86:cf:c0:8b:b9:82:90:d1:0d:c8:d0:eb:ba:55:1b:00:a2:85:
f3:a0:59:8d:d2:19:9c:a9:6d:71:09:54:34:71:8f:b1:39:47:
ec:f4:e4:fb:4d:0d:63:41:09:26:5a:f0:c4:29:09:02:a1:2c:
6f:82:ba:af:c0:3c:05:99:44:33:8e:d7:0a:d1:dd:70:b3:cf:
c5:7e:82:88:06:a2:a2:4d:c6:fc:10:a3:a7:ab:ec:5f:6a:9e:
68:bd:5b:4b:96:83:36:64:41:f4:eb:af:32:f1:09:f6:bb:5f:
1e:a8:58:8d:e4:bf:fb:f1:37:8b:80:01:eb:e9:57:2d:42:b0:
e5:f9:ac:2c:ca:ef:28:c2:d1:f7:47:b4:d5:cc:00:38:c4:61:
bb:fc:f8:f1:7d:53:d6:6e:a9:98:52:0e:29:0c:25:f0:f2:d9:
89:58:a7:25:96:79:5e:7c:6c:12:a1:c5:fa:94:d8:6f:f9:34:
1f:68:e7:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4zjXc2Efv9yrWwMIDXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBlYTI5ZjQxMWM4YjRlYjJmNGEzOTVkZDYyNGU3NmU5NTYyZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAmy3si3isgpOzpMDo8hrmj/+j70
jSOzIktA1TvpqbK3rvsnFqdfV95cGenj2eRwNDdpGjZLi6n34bvDSgJQ3iXbvSjK
tidf2IAOnfLcXYCFwU85gWGay7KP0jLImkTAlaVnTSJ1np5VxDRRm1Ip/uyF5GFI
m8+1BBnFadaCG60unOiAr6ii0RTj+5ScTBs9btjkyO+38JWqU5zLaq4lCB4G/RPJ
xYVMaF/l8+A4t9CO0KpThHYHmOQ2FW1AlIALWcUdbUa4YBXvHJHccx8MxZGXApne
y5cSoM915FFCTnYMRQdfhMbodxdL3ZhoyHo6cRCB3vwEglxJU8/ozJrOwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMOop9BHItOsvSjld1iTnbpVi9pMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWXc2aW4wRWNpMDZ5OUtPVjNXSk9kdWxXTDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCYGMA0G
CSqGSIb3DQEBCwUAA4IBAQCBd4ajfmyNMQ9TndfZdxpBoXvt1RXBqVy/gwE20d5D
cC7vBsr18U9UMOmNuR5bZZm/jbRn0jS1atFaXkNwjJh+n8/7ehQuy+uGz8CLuYKQ
0Q3I0Ou6VRsAooXzoFmN0hmcqW1xCVQ0cY+xOUfs9OT7TQ1jQQkmWvDEKQkCoSxv
grqvwDwFmUQzjtcK0d1ws8/FfoKIBqKiTcb8EKOnq+xfap5ovVtLloM2ZEH0668y
8Qn2u18eqFiN5L/78TeLgAHr6VctQrDl+awsyu8owtH3R7TVzAA4xGG7/PjxfVPW
bqmYUg4pDCXw8tmJWKcllnlefGwSocX6lNhv+TQfaOcW
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:31 2025 by rpki-client