Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/YfqSbMi8O9TGCARg_S-oWBYkLfk.roa
File: YfqSbMi8O9TGCARg_S-oWBYkLfk.roa (raw, json)
Hash identifier: WUC6Vl65A6fe+uRpysHLazkK+jm0qI/vGA+qEG3rFgs=
Subject key identifier: 61:FA:92:6C:C8:BC:3B:D4:C6:08:04:60:FD:2F:A8:58:16:24:2D:F9
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 0191279F1CD45D22F17BE3DFB298FD5A3578
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/YfqSbMi8O9TGCARg_S-oWBYkLfk.roa
Signing time: Tue 06 Aug 2024 12:17:04 +0000
ROA not before: Tue 06 Aug 2024 12:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48851
IP address blocks: 92.61.228.0/24 maxlen: 24
92.61.238.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
94.188.222.0/24 maxlen: 24
94.188.223.0/24 maxlen: 24
94.188.230.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.233.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.235.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
94.188.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 12:29:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:9f:1c:d4:5d:22:f1:7b:e3:df:b2:98:fd:5a:35:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Aug 6 12:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61fa926cc8bc3bd4c6080460fd2fa85816242df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:d0:25:fb:8b:fc:ea:e7:7b:f8:9b:38:6c:
c3:26:e7:1a:5a:e3:6c:c8:35:ab:22:56:5b:ef:f4:
72:45:45:3c:e9:c2:7f:fd:f6:7c:57:ae:a9:3d:56:
39:7e:6d:ed:b8:ba:28:e3:31:5f:ad:3f:31:b5:0f:
29:cd:fa:95:7a:66:2d:e6:62:90:65:a1:18:74:51:
4f:73:90:c1:5b:f8:7f:88:68:30:68:61:e5:25:5a:
20:c5:d1:2f:fb:12:71:d4:f2:d7:61:3c:a4:c0:d2:
01:7d:de:7c:04:14:20:50:0a:42:27:28:74:c2:02:
53:ce:ca:47:fa:14:28:a1:b5:4c:71:93:b9:b7:08:
fb:2d:54:06:5d:ce:dd:4d:4f:0a:4c:6f:32:36:72:
b1:71:0b:4d:9d:cd:f5:43:42:db:25:0c:9b:55:be:
e2:2a:5a:4a:c7:9c:96:f9:f3:93:f5:40:6b:de:bd:
11:55:66:c9:9a:cc:fd:bd:5d:1d:38:e0:31:a2:db:
19:ce:b7:e5:84:d5:03:e2:d9:c0:5b:f3:40:d3:d2:
69:96:de:ce:63:b9:33:4d:06:99:5f:01:1e:df:45:
87:3c:45:fc:14:0f:6d:0c:a2:e0:4a:f0:20:30:d1:
bc:68:aa:a4:be:73:b3:a0:d7:83:b6:de:91:7f:91:
3a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FA:92:6C:C8:BC:3B:D4:C6:08:04:60:FD:2F:A8:58:16:24:2D:F9
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/YfqSbMi8O9TGCARg_S-oWBYkLfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.228.0/24
92.61.238.0/24
94.188.210.0/24
94.188.222.0/23
94.188.230.0/24
94.188.232.0-94.188.237.255
Signature Algorithm: sha256WithRSAEncryption
4a:3f:dc:04:ba:21:39:a6:f3:20:2e:e8:8a:c5:67:23:5f:d5:
dd:d8:db:6a:f4:c8:1c:6d:28:69:fe:f8:b8:85:4b:10:4c:46:
76:1e:b2:be:c3:fa:32:96:c0:59:cc:da:95:6a:41:77:09:6c:
44:44:59:ff:30:8e:de:54:88:53:09:ee:10:64:4f:42:71:af:
56:19:0f:c9:74:35:e4:8d:0e:d6:72:27:30:00:d1:96:20:1b:
ad:8a:4b:48:21:13:36:e2:78:07:f9:50:f3:ba:cc:bc:01:36:
bf:58:e7:5f:ee:24:a6:6b:74:eb:e9:d1:f2:d1:53:6a:c6:c7:
29:79:da:32:91:ae:8b:5b:4e:f0:06:02:79:ba:cf:3b:a2:ee:
94:da:90:76:28:21:e9:43:b8:e5:c7:14:b8:04:72:f9:95:cf:
0b:72:1f:93:e0:57:f2:21:aa:dc:c1:82:7e:4f:80:00:70:25:
9b:f0:af:3a:d1:7b:d5:48:c9:37:61:12:6b:a0:85:93:0a:74:
56:ce:a9:84:1e:4b:5d:9e:6c:97:be:47:08:38:56:37:ac:73:
61:bc:36:30:58:14:46:7c:99:33:d4:f4:2e:55:3e:7f:c6:93:
d9:df:a9:32:75:37:06:65:1e:95:69:5b:53:4c:09:09:e2:cc:
7f:75:e9:63
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZEnnxzUXSLxe+Pfspj9WjV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwODA2MTIxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZhOTI2Y2M4YmMzYmQ0YzYwODA0NjBmZDJmYTg1ODE2MjQyZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzbQJfuL/Orne/ibOGzDJucaWuNs
yDWrIlZb7/RyRUU86cJ//fZ8V66pPVY5fm3tuLoo4zFfrT8xtQ8pzfqVemYt5mKQ
ZaEYdFFPc5DBW/h/iGgwaGHlJVogxdEv+xJx1PLXYTykwNIBfd58BBQgUApCJyh0
wgJTzspH+hQoobVMcZO5twj7LVQGXc7dTU8KTG8yNnKxcQtNnc31Q0LbJQybVb7i
KlpKx5yW+fOT9UBr3r0RVWbJmsz9vV0dOOAxotsZzrflhNUD4tnAW/NA09Jplt7O
Y7kzTQaZXwEe30WHPEX8FA9tDKLgSvAgMNG8aKqkvnOzoNeDtt6Rf5E6dwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGH6kmzIvDvUxggEYP0vqFgWJC35MB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvWWZxU2JNaThPOVRHQ0FSZ19TLW9XQllrTGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAXD3kAwQA
XD3uAwQAXrzSAwQBXrzeAwQAXrzmMAwDBANevOgDBAFevOwwDQYJKoZIhvcNAQEL
BQADggEBAEo/3AS6ITmm8yAu6IrFZyNf1d3Y22r0yBxtKGn++LiFSxBMRnYesr7D
+jKWwFnM2pVqQXcJbEREWf8wjt5UiFMJ7hBkT0Jxr1YZD8l0NeSNDtZyJzAA0ZYg
G62KS0ghEzbieAf5UPO6zLwBNr9Y51/uJKZrdOvp0fLRU2rGxyl52jKRrotbTvAG
Anm6zzui7pTakHYoIelDuOXHFLgEcvmVzwtyH5PgV/IhqtzBgn5PgABwJZvwrzrR
e9VIyTdhEmughZMKdFbOqYQeS12ebJe+Rwg4Vjesc2G8NjBYFEZ8mTPU9C5VPn/G
k9nfqTJ1NwZlHpVpW1NMCQnizH916WM=
-----END CERTIFICATE-----
Generated at Thu Jun 12 19:20:21 2025 by rpki-client