Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/3YN_ke_XQ-uO2CVNVE14Ppz8VTo.roa
File: 3YN_ke_XQ-uO2CVNVE14Ppz8VTo.roa (raw, json)
Hash identifier: 5LLPVUYzgNJoQSKS1hOCAiAMPfuChW91qYMyfwfD250=
Subject key identifier: DD:83:7F:91:EF:D7:43:EB:8E:D8:25:4D:54:4D:78:3E:9C:FC:55:3A
Certificate issuer: /CN=c7a4d2f68913eace6c9f5092bdc7dd20f574f438
Certificate serial: 018CC56EE953F25C09C013A65841BC8C3B9F
Authority key identifier: C7:A4:D2:F6:89:13:EA:CE:6C:9F:50:92:BD:C7:DD:20:F5:74:F4:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6TS9okT6s5sn1CSvcfdIPV09Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/3YN_ke_XQ-uO2CVNVE14Ppz8VTo.roa
Signing time: Mon 01 Jan 2024 14:30:29 +0000
ROA not before: Mon 01 Jan 2024 14:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202632
IP address blocks: 185.12.168.0/22 maxlen: 22
31.47.0.0/19 maxlen: 19
31.47.4.0/23 maxlen: 23
31.47.0.0/24 maxlen: 24
31.47.9.0/24 maxlen: 24
31.47.8.0/24 maxlen: 24
31.47.10.0/24 maxlen: 24
31.47.16.0/20 maxlen: 20
31.47.14.0/23 maxlen: 23
185.173.28.0/22 maxlen: 22
213.91.64.0/21 maxlen: 21
213.91.64.0/22 maxlen: 22
213.91.68.0/22 maxlen: 22
185.210.182.0/24 maxlen: 24
185.210.180.0/22 maxlen: 22
185.210.181.0/24 maxlen: 24
217.71.48.0/24 maxlen: 24
217.71.56.0/21 maxlen: 21
213.91.112.0/20 maxlen: 20
213.91.112.0/21 maxlen: 21
213.91.124.0/24 maxlen: 24
213.91.125.0/24 maxlen: 24
213.91.127.0/24 maxlen: 24
213.91.126.0/24 maxlen: 24
2a03:9240::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e9:53:f2:5c:09:c0:13:a6:58:41:bc:8c:3b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a4d2f68913eace6c9f5092bdc7dd20f574f438
Validity
Not Before: Jan 1 14:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd837f91efd743eb8ed8254d544d783e9cfc553a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b3:a2:8d:5f:73:ff:fd:3a:0f:47:47:a2:c5:
c3:f7:b4:1d:38:20:39:1a:cf:4c:39:19:1e:a4:01:
c4:5e:64:0f:17:03:93:dd:5f:7c:78:df:80:7c:66:
b0:26:c2:3d:2c:17:47:8c:80:34:61:c7:d5:44:cf:
6b:ae:5c:58:58:80:44:89:e5:e0:54:69:c3:1c:88:
e5:6c:50:ad:b5:26:28:12:ee:e2:7f:a8:9b:da:20:
6e:36:72:79:fa:99:23:de:4d:18:fb:a7:b8:53:cd:
cb:18:dc:52:00:a2:7d:38:58:51:28:cc:2b:3a:41:
2c:7f:19:2a:17:88:75:fe:ae:1b:61:c9:c8:f3:5f:
5b:77:ef:52:10:b7:7a:96:32:93:ce:88:5f:d4:63:
a3:c2:61:8d:3c:59:52:6d:71:8b:99:db:bd:de:ea:
dc:cd:fe:0a:2a:0c:c2:c0:f8:6e:f4:67:c0:92:bb:
b2:dc:fd:a0:28:3b:2a:8b:1d:8a:0c:9c:7c:c8:23:
db:c9:46:b7:0a:28:fe:a8:fc:e4:13:79:8d:c5:19:
7e:f8:a9:15:58:dc:84:0a:04:6c:f5:b2:d0:0d:ec:
8c:01:b6:b2:b6:04:9e:56:a1:37:4c:7c:95:85:8a:
b4:55:35:ff:61:a0:3e:28:d6:c3:93:24:ef:60:bc:
05:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:83:7F:91:EF:D7:43:EB:8E:D8:25:4D:54:4D:78:3E:9C:FC:55:3A
X509v3 Authority Key Identifier:
keyid:C7:A4:D2:F6:89:13:EA:CE:6C:9F:50:92:BD:C7:DD:20:F5:74:F4:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6TS9okT6s5sn1CSvcfdIPV09Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/3YN_ke_XQ-uO2CVNVE14Ppz8VTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/x6TS9okT6s5sn1CSvcfdIPV09Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.0.0/19
185.12.168.0/22
185.173.28.0/22
185.210.180.0/22
213.91.64.0/21
213.91.112.0/20
217.71.48.0/24
217.71.56.0/21
IPv6:
2a03:9240::/32
Signature Algorithm: sha256WithRSAEncryption
0d:72:ff:5f:0b:5f:4a:4f:e5:b2:14:ca:6d:2d:76:e0:4d:65:
2d:ce:02:80:bc:ef:64:43:5d:f2:d4:ad:95:7a:2a:b7:46:c6:
2f:de:f2:e0:d1:13:5b:e2:12:6a:74:87:cd:e6:bd:87:c9:cb:
d4:2e:5e:ac:dc:20:5e:c9:f2:57:3b:cf:7a:58:cc:7d:54:52:
c1:a8:0a:9d:6a:21:4e:6a:50:90:69:80:37:fa:82:4c:b3:7c:
21:ed:f5:76:01:e7:61:cb:7e:f8:4b:5a:ab:fe:1c:fb:3d:0c:
25:99:ca:af:28:f6:e4:94:31:1f:e9:a5:b3:60:d7:25:4c:22:
8f:d9:93:9a:49:76:37:e4:ba:b8:d2:ef:c3:6d:37:2f:d7:3e:
c9:d4:cf:f1:45:2d:25:82:6c:b5:71:a3:cd:70:8c:9f:f7:3c:
c6:7f:97:21:70:cb:9d:b3:35:cc:33:0d:27:fe:16:ec:b2:50:
8e:65:a8:a8:71:ac:7b:1b:88:e3:1a:71:74:0f:77:6f:76:c3:
ce:20:3c:9a:d4:12:61:c0:58:9f:c7:66:8c:e5:e2:3d:49:e1:
e2:c8:26:c9:23:d8:48:2c:2d:84:01:f4:c4:9e:f3:30:63:b2:
03:83:47:f8:fe:ae:b2:cb:61:15:0d:e2:8e:0a:27:73:89:ac:
98:ae:20:4a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFbulT8lwJwBOmWEG8jDufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YTRkMmY2ODkxM2VhY2U2YzlmNTA5MmJkYzdkZDIwZjU3
NGY0MzgwHhcNMjQwMTAxMTQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgzN2Y5MWVmZDc0M2ViOGVkODI1NGQ1NDRkNzgzZTljZmM1NTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbOijV9z//06D0dHosXD97QdOCA5
Gs9MORkepAHEXmQPFwOT3V98eN+AfGawJsI9LBdHjIA0YcfVRM9rrlxYWIBEieXg
VGnDHIjlbFCttSYoEu7if6ib2iBuNnJ5+pkj3k0Y+6e4U83LGNxSAKJ9OFhRKMwr
OkEsfxkqF4h1/q4bYcnI819bd+9SELd6ljKTzohf1GOjwmGNPFlSbXGLmdu93urc
zf4KKgzCwPhu9GfAkruy3P2gKDsqix2KDJx8yCPbyUa3Cij+qPzkE3mNxRl++KkV
WNyECgRs9bLQDeyMAbaytgSeVqE3THyVhYq0VTX/YaA+KNbDkyTvYLwFHQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFN2Df5Hv10PrjtglTVRNeD6c/FU6MB8GA1UdIwQY
MBaAFMek0vaJE+rObJ9Qkr3H3SD1dPQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZUUzlva1Q2czVzbjFDU3ZjZmRJUFYwOURnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9mMDNjYTEtNzI2Yi00ZGU5LWI0MTkt
ZjlhMWJiYzM2ODQ1LzEvM1lOX2tlX1hRLXVPMkNWTlZFMTRQcHo4VlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9mMDNjYTEtNzI2Yi00ZGU5LWI0MTktZjlhMWJiYzM2ODQ1
LzEveDZUUzlva1Q2czVzbjFDU3ZjZmRJUFYwOURnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFHy8AAwQC
uQyoAwQCua0cAwQCudK0AwQD1VtAAwQE1VtwAwQA2UcwAwQD2Uc4MA0EAgACMAcD
BQAqA5JAMA0GCSqGSIb3DQEBCwUAA4IBAQANcv9fC19KT+WyFMptLXbgTWUtzgKA
vO9kQ13y1K2Veiq3RsYv3vLg0RNb4hJqdIfN5r2HycvULl6s3CBeyfJXO896WMx9
VFLBqAqdaiFOalCQaYA3+oJMs3wh7fV2Aedhy374S1qr/hz7PQwlmcqvKPbklDEf
6aWzYNclTCKP2ZOaSXY35Lq40u/DbTcv1z7J1M/xRS0lgmy1caPNcIyf9zzGf5ch
cMudszXMMw0n/hbsslCOZaiocax7G4jjGnF0D3dvdsPOIDya1BJhwFifx2aM5eI9
SeHiyCbJI9hILC2EAfTEnvMwY7IDg0f4/q6yy2EVDeKOCidziayYriBK
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:57:13 2025 by rpki-client