Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/YkryvV9PKswG9q1PsT3FJ8m4GEI.roa
File: YkryvV9PKswG9q1PsT3FJ8m4GEI.roa (raw, json)
Hash identifier: 2jRQdfDhiB8W2eoCjZ/ZgzAsoPMI7mgUH6jOCrPVtkk=
Subject key identifier: 62:4A:F2:BD:5F:4F:2A:CC:06:F6:AD:4F:B1:3D:C5:27:C9:B8:18:42
Certificate issuer: /CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Certificate serial: 0190DDEF31D02A2C43BFEF429C3953BF10B5
Authority key identifier: 47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/YkryvV9PKswG9q1PsT3FJ8m4GEI.roa
Signing time: Tue 23 Jul 2024 04:52:38 +0000
ROA not before: Tue 23 Jul 2024 04:52:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60014
IP address blocks: 78.31.232.0/22 maxlen: 22
185.119.240.0/22 maxlen: 22
193.106.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Oct 2024 18:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:dd:ef:31:d0:2a:2c:43:bf:ef:42:9c:39:53:bf:10:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Validity
Not Before: Jul 23 04:52:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=624af2bd5f4f2acc06f6ad4fb13dc527c9b81842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f0:57:15:28:33:9c:35:bd:23:e7:f3:44:48:
8f:be:70:9e:0c:dd:98:01:7f:59:5d:97:b6:97:1a:
c1:aa:10:4b:6c:e7:f1:b5:42:35:6d:40:41:65:69:
61:0a:74:0d:f2:e0:f0:2d:46:cb:27:d6:37:1d:e7:
e7:7e:9e:09:b5:9c:72:dc:ec:2f:7f:99:fb:8d:c7:
2b:5b:0a:0f:1d:1f:0a:54:44:0c:a8:3f:a6:00:36:
49:12:d7:e0:44:d9:6a:b8:a4:8e:db:ca:8d:15:41:
b8:66:2d:58:48:d8:f3:75:42:07:90:d8:9f:87:25:
1a:e5:c8:e5:73:14:8c:dd:44:e6:44:37:cd:c2:f3:
10:3b:ae:ae:c9:d7:26:84:7c:4e:01:76:6c:4a:3f:
a0:41:5e:ab:8c:4c:4d:5d:d5:11:11:89:c1:cb:53:
39:6c:6b:33:24:db:b7:45:51:a5:04:af:5b:da:7a:
71:40:7c:dc:7c:89:d1:33:a6:9a:51:b9:2e:15:b8:
c8:28:97:5f:7f:03:65:db:43:2b:85:cc:a0:05:e6:
86:80:e7:ed:e3:7f:57:9c:9d:ec:27:bd:78:5d:26:
51:c6:a5:ad:ed:86:7f:29:7c:e2:ed:09:c2:67:47:
5b:94:b3:09:be:ea:28:61:c0:19:79:cb:38:e2:10:
13:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:F2:BD:5F:4F:2A:CC:06:F6:AD:4F:B1:3D:C5:27:C9:B8:18:42
X509v3 Authority Key Identifier:
keyid:47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/YkryvV9PKswG9q1PsT3FJ8m4GEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.232.0/22
185.119.240.0/22
193.106.190.0/24
Signature Algorithm: sha256WithRSAEncryption
70:20:12:89:eb:ff:7b:4c:92:bb:3b:52:f3:40:7f:74:20:93:
86:a1:92:d6:78:ce:01:a6:fb:96:be:67:14:fd:7e:28:33:18:
58:6b:55:30:27:ad:ca:82:07:c4:98:fd:0e:a7:f2:ec:67:6a:
e3:61:7b:20:dc:35:58:dc:bb:74:12:38:fe:0a:b0:da:17:fb:
dd:00:ee:6e:a3:91:a9:aa:22:98:9f:5d:93:ac:e8:7e:e0:d7:
cc:4a:2e:1a:94:28:11:54:d6:35:2a:99:24:52:a5:6c:cb:08:
6f:7a:af:05:59:0a:e2:9d:59:9e:27:94:a7:8f:3a:8a:94:18:
02:fe:77:41:af:5e:c4:e0:af:1d:b5:6c:d4:af:2b:4f:86:2a:
53:fc:0f:42:17:e2:f1:d8:e8:ce:9c:13:0e:c6:f6:d5:2e:8a:
dc:cd:80:0d:ce:ed:ee:0b:ca:b8:e6:13:cb:6c:43:37:00:b7:
42:91:29:5e:0f:7b:1a:67:67:e9:9f:ab:c6:70:fd:db:d6:f3:
07:29:12:22:6f:52:6d:a2:31:03:de:a8:4d:43:35:6a:4e:b9:
f0:28:5f:8d:0c:9c:46:7a:1f:91:0f:4a:bc:20:0a:10:51:f7:
8a:97:a5:ad:91:9d:f3:ce:7b:2a:86:41:c3:de:dc:9c:84:6e:
47:92:cb:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDd7zHQKixDv+9CnDlTvxC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OTc2MmU4OGQ4ZjY3ZmFkNGFhMDU5YTFiOGI0NmZhNGNj
N2E4OTMwHhcNMjQwNzIzMDQ1MjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZjJiZDVmNGYyYWNjMDZmNmFkNGZiMTNkYzUyN2M5YjgxODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/BXFSgznDW9I+fzREiPvnCeDN2Y
AX9ZXZe2lxrBqhBLbOfxtUI1bUBBZWlhCnQN8uDwLUbLJ9Y3Hefnfp4JtZxy3Owv
f5n7jccrWwoPHR8KVEQMqD+mADZJEtfgRNlquKSO28qNFUG4Zi1YSNjzdUIHkNif
hyUa5cjlcxSM3UTmRDfNwvMQO66uydcmhHxOAXZsSj+gQV6rjExNXdUREYnBy1M5
bGszJNu3RVGlBK9b2npxQHzcfInRM6aaUbkuFbjIKJdffwNl20MrhcygBeaGgOft
439XnJ3sJ714XSZRxqWt7YZ/KXzi7QnCZ0dblLMJvuooYcAZecs44hATNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGJK8r1fTyrMBvatT7E9xSfJuBhCMB8GA1UdIwQY
MBaAFEeXYuiNj2f61KoFmhuLRvpMx6iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAt
MTEwNDg0MWQzNzRlLzEvWWtyeXZWOVBLc3dHOXExUHNUM0ZKOG00R0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAtMTEwNDg0MWQzNzRl
LzEvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTh/oAwQC
uXfwAwQAwWq+MA0GCSqGSIb3DQEBCwUAA4IBAQBwIBKJ6/97TJK7O1LzQH90IJOG
oZLWeM4BpvuWvmcU/X4oMxhYa1UwJ63KggfEmP0Op/LsZ2rjYXsg3DVY3Lt0Ejj+
CrDaF/vdAO5uo5GpqiKYn12TrOh+4NfMSi4alCgRVNY1KpkkUqVsywhveq8FWQri
nVmeJ5SnjzqKlBgC/ndBr17E4K8dtWzUrytPhipT/A9CF+Lx2OjOnBMOxvbVLorc
zYANzu3uC8q45hPLbEM3ALdCkSleD3saZ2fpn6vGcP3b1vMHKRIib1JtojED3qhN
QzVqTrnwKF+NDJxGeh+RD0q8IAoQUfeKl6WtkZ3zznsqhkHD3tychG5Hksti
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:39:43 2025 by rpki-client