Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/yniXVE1Upl54KQ5ZNGgs-VMcoNY.roa
File: yniXVE1Upl54KQ5ZNGgs-VMcoNY.roa (raw, json)
Hash identifier: OGGYZilb1620Zpf7bQoJqaftSz1X6gf/TZgCnk8ZZFY=
Subject key identifier: CA:78:97:54:4D:54:A6:5E:78:29:0E:59:34:68:2C:F9:53:1C:A0:D6
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 018CC49233CF2B08CEC35919BD7B01FA75CE
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/yniXVE1Upl54KQ5ZNGgs-VMcoNY.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13306
IP address blocks: 89.106.102.0/23 maxlen: 23
89.106.104.0/23 maxlen: 23
89.106.101.0/24 maxlen: 24
109.107.70.0/23 maxlen: 23
89.106.108.0/23 maxlen: 23
89.106.107.0/24 maxlen: 24
77.76.150.0/23 maxlen: 23
89.106.127.0/24 maxlen: 24
77.76.176.0/22 maxlen: 22
188.124.92.0/22 maxlen: 22
178.75.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:33:cf:2b:08:ce:c3:59:19:bd:7b:01:fa:75:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca7897544d54a65e78290e5934682cf9531ca0d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:cf:ac:ef:1e:1a:91:18:42:9c:e7:b9:87:
fa:eb:49:55:d7:b7:fc:3a:45:b5:5a:b4:b0:db:6f:
15:0c:fb:08:fa:31:31:cd:2a:71:fa:fe:67:50:fd:
3f:fe:f3:5f:3f:11:e6:e6:60:53:68:fd:56:3b:39:
15:8c:f4:e5:0a:55:23:fd:3a:0a:23:9d:40:62:7f:
c2:52:c4:5f:43:b2:da:8c:98:6b:ab:fa:43:0a:9a:
74:18:99:fc:34:a3:bf:b9:cb:d6:53:eb:c5:86:9b:
bf:17:31:60:fd:be:b2:d6:e1:e2:f7:3e:df:ed:60:
86:a5:3f:65:12:c7:25:cf:a7:82:6a:f6:d0:6d:c5:
f2:bf:31:38:8b:3f:6c:aa:37:e7:b3:61:90:3b:b1:
bd:e0:10:af:b8:b5:06:97:48:3e:fb:3f:82:b4:6e:
07:23:a9:09:5d:7c:eb:76:e3:10:ea:67:32:fc:d3:
fa:ad:b6:74:53:7c:a2:07:f3:4e:d5:db:43:35:b7:
c3:2d:0b:5d:72:71:6b:95:30:d4:21:30:8f:68:db:
85:36:aa:db:df:a6:b3:3c:b5:d9:8d:7b:6c:64:a3:
e8:2f:40:d8:0f:cb:5b:5c:04:d6:6d:08:7b:07:cd:
62:63:e8:19:40:0e:0a:85:cd:da:9b:18:6a:53:95:
5d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:78:97:54:4D:54:A6:5E:78:29:0E:59:34:68:2C:F9:53:1C:A0:D6
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/yniXVE1Upl54KQ5ZNGgs-VMcoNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.150.0/23
77.76.176.0/22
89.106.101.0-89.106.105.255
89.106.107.0-89.106.109.255
89.106.127.0/24
109.107.70.0/23
178.75.252.0/22
188.124.92.0/22
Signature Algorithm: sha256WithRSAEncryption
40:75:07:c0:9b:45:16:2f:31:31:b6:ee:66:58:1b:fe:90:f4:
58:59:05:6c:0b:c7:d3:47:27:a5:68:91:8b:2d:37:9a:f1:46:
44:ab:0c:28:d7:1e:f8:f3:08:e1:0b:97:d6:e8:9e:63:ea:8c:
a5:fe:90:1d:39:0e:cf:50:af:5c:f4:e3:8d:27:27:4e:5b:dc:
d0:07:02:40:45:12:0e:8d:fb:5d:06:52:0f:01:5f:24:12:cc:
22:89:30:a9:48:78:a6:51:b8:49:c5:e4:d7:a2:b4:32:d3:bc:
f9:c9:55:9a:5d:5f:79:ad:ac:5c:68:90:a8:5d:28:e4:0a:9a:
3b:5b:07:48:fc:93:17:27:4e:3f:71:4b:6e:19:07:68:62:b6:
8d:48:47:d3:d6:db:cf:98:d8:0b:1e:85:6f:98:83:02:07:0d:
e4:a6:1c:1d:48:e6:ad:11:9e:e1:cf:52:70:1a:63:34:30:c2:
f0:32:e0:f3:32:51:23:87:69:28:81:14:05:61:02:76:0b:3a:
1b:d6:09:59:5e:5f:5a:b8:1a:5f:66:75:b1:36:76:8e:83:d3:
66:62:c9:cb:ef:d5:a0:18:b3:d3:c3:cd:bb:c8:56:93:a0:42:
20:43:24:02:87:4f:3e:3f:ae:f0:22:28:71:95:55:18:e6:ba:
d7:66:ed:e4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzEkjPPKwjOw1kZvXsB+nXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc4OTc1NDRkNTRhNjVlNzgyOTBlNTkzNDY4MmNmOTUzMWNhMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4jPrO8eGpEYQpznuYf660lV17f8
OkW1WrSw228VDPsI+jExzSpx+v5nUP0//vNfPxHm5mBTaP1WOzkVjPTlClUj/ToK
I51AYn/CUsRfQ7LajJhrq/pDCpp0GJn8NKO/ucvWU+vFhpu/FzFg/b6y1uHi9z7f
7WCGpT9lEsclz6eCavbQbcXyvzE4iz9sqjfns2GQO7G94BCvuLUGl0g++z+CtG4H
I6kJXXzrduMQ6mcy/NP6rbZ0U3yiB/NO1dtDNbfDLQtdcnFrlTDUITCPaNuFNqrb
36azPLXZjXtsZKPoL0DYD8tbXATWbQh7B81iY+gZQA4Khc3amxhqU5VdewIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMp4l1RNVKZeeCkOWTRoLPlTHKDWMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEveW5pWFZFMVVwbDU0S1E1Wk5HZ3MtVk1jb05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBTUyWAwQC
TUywMAwDBABZamUDBAFZamgwDAMEAFlqawMEAVlqbAMEAFlqfwMEAW1rRgMEArJL
/AMEArx8XDANBgkqhkiG9w0BAQsFAAOCAQEAQHUHwJtFFi8xMbbuZlgb/pD0WFkF
bAvH00cnpWiRiy03mvFGRKsMKNce+PMI4QuX1uieY+qMpf6QHTkOz1CvXPTjjScn
Tlvc0AcCQEUSDo37XQZSDwFfJBLMIokwqUh4plG4ScXk16K0MtO8+clVml1fea2s
XGiQqF0o5AqaO1sHSPyTFydOP3FLbhkHaGK2jUhH09bbz5jYCx6Fb5iDAgcN5KYc
HUjmrRGe4c9ScBpjNDDC8DLg8zJRI4dpKIEUBWECdgs6G9YJWV5fWrgaX2Z1sTZ2
joPTZmLJy+/VoBiz08PNu8hWk6BCIEMkAodPPj+u8CIocZVVGOa612bt5A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:05 2025 by rpki-client