Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/yF4FG_fgk-pORU47r0Q89C6ZF8w.roa
File: yF4FG_fgk-pORU47r0Q89C6ZF8w.roa (raw, json)
Hash identifier: 5EbV5DER828x4O3YgC/wPMkGoAgZzbNKY8THMe86bNU=
Subject key identifier: C8:5E:05:1B:F7:E0:93:EA:4E:45:4E:3B:AF:44:3C:F4:2E:99:17:CC
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0194B15F16E109B9E119729A036001B84254
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/yF4FG_fgk-pORU47r0Q89C6ZF8w.roa
Signing time: Wed 29 Jan 2025 09:23:06 +0000
ROA not before: Wed 29 Jan 2025 09:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47626
IP address blocks: 5.180.240.0/22 maxlen: 22
78.24.100.0/22 maxlen: 22
91.208.35.0/24 maxlen: 24
91.222.120.0/22 maxlen: 24
128.0.92.0/24 maxlen: 24
128.0.94.0/24 maxlen: 24
176.96.189.0/24 maxlen: 24
188.93.64.0/22 maxlen: 22
193.7.216.0/22 maxlen: 22
213.241.199.0/24 maxlen: 24
2a05:9c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 20 Mar 2025 09:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:5f:16:e1:09:b9:e1:19:72:9a:03:60:01:b8:42:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 29 09:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c85e051bf7e093ea4e454e3baf443cf42e9917cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d8:6f:8f:b4:ef:f3:4d:6f:f4:76:a8:b5:e3:
2d:7f:32:84:0c:33:bb:53:8f:cb:68:5b:3e:13:a0:
69:e4:aa:3a:42:92:9c:bc:74:85:03:63:ed:0c:91:
75:c4:76:c5:01:9f:45:ea:a8:68:23:a5:87:a3:ad:
e2:4e:3f:45:6e:5c:f1:72:97:d9:36:d4:ed:ad:6b:
29:0d:7d:95:53:bf:e3:22:bf:44:c7:82:54:dd:93:
1f:b9:ac:04:a7:79:08:e2:ee:fb:45:08:0a:f4:c9:
70:32:87:ed:18:7c:0a:3f:dd:ba:f7:f7:e4:ad:1d:
98:3a:cd:54:14:c0:df:6a:1a:8a:59:f0:da:8e:c8:
42:97:04:2b:5e:e2:53:c7:cc:7f:43:35:0f:b7:47:
58:b8:b5:79:d3:fb:39:62:3e:70:ac:2a:52:cb:24:
7b:35:92:83:4f:91:e3:63:cb:35:92:d6:00:bd:d7:
d7:f8:25:4a:28:23:b7:15:08:dd:56:4b:41:ea:af:
28:0b:84:d4:ba:3f:d2:3d:a6:62:34:d5:5e:56:f0:
41:1e:1f:65:5b:5d:4a:a0:09:c2:d8:4d:f6:2d:e5:
bd:7d:2f:33:20:e2:40:f6:fd:cf:ee:26:e8:fe:2e:
0a:5f:28:0a:77:33:75:f6:43:71:1d:c2:8c:2a:9e:
8c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5E:05:1B:F7:E0:93:EA:4E:45:4E:3B:AF:44:3C:F4:2E:99:17:CC
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/yF4FG_fgk-pORU47r0Q89C6ZF8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.240.0/22
78.24.100.0/22
91.208.35.0/24
91.222.120.0/22
128.0.92.0/24
128.0.94.0/24
176.96.189.0/24
188.93.64.0/22
193.7.216.0/22
213.241.199.0/24
IPv6:
2a05:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
64:de:be:46:3d:d4:14:19:7f:93:85:e2:6c:3e:89:cd:73:e7:
71:98:17:72:46:3e:85:c3:c2:0f:f8:14:6f:8b:c9:6f:97:ed:
31:e0:02:5b:f3:f8:27:fb:c8:6f:c1:cd:30:68:0b:a9:af:c5:
8e:20:0b:5d:47:23:22:50:fa:13:42:db:64:20:ff:98:fc:42:
34:9d:46:36:06:1f:f5:d3:66:82:11:e9:37:35:77:f3:d0:62:
da:1d:72:37:fa:df:fc:af:75:c9:c0:d8:96:07:65:ea:fa:06:
aa:c1:0f:cd:b0:b9:12:95:2d:66:de:18:ae:25:55:bb:7a:90:
73:ad:dd:b2:69:bc:8d:ea:89:75:0f:cf:e0:cc:e5:3c:5c:ca:
cf:3d:da:3e:fc:76:6d:c3:0a:a3:2d:93:68:26:73:15:6b:5f:
5e:0c:6f:a1:53:b5:35:33:95:06:ea:49:9d:c2:f9:d0:42:a0:
3b:13:70:3e:76:62:94:df:2b:cb:2f:fb:5c:0b:47:eb:6e:fe:
3d:c0:f2:a5:2c:ff:e3:f7:96:dc:5c:ef:d4:b5:f9:f1:9f:ae:
0f:48:b0:56:04:b0:5c:1a:ba:6f:ba:03:5d:5d:e3:ec:19:a7:
1a:00:8b:bb:60:f7:c1:ad:bf:22:1c:bd:3d:5e:3b:75:54:2b:
0d:93:5e:0d
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZSxXxbhCbnhGXKaA2ABuEJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUwMTI5MDkyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODVlMDUxYmY3ZTA5M2VhNGU0NTRlM2JhZjQ0M2NmNDJlOTkxN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9hvj7Tv801v9HaoteMtfzKEDDO7
U4/LaFs+E6Bp5Ko6QpKcvHSFA2PtDJF1xHbFAZ9F6qhoI6WHo63iTj9FblzxcpfZ
NtTtrWspDX2VU7/jIr9Ex4JU3ZMfuawEp3kI4u77RQgK9MlwMoftGHwKP9269/fk
rR2YOs1UFMDfahqKWfDajshClwQrXuJTx8x/QzUPt0dYuLV50/s5Yj5wrCpSyyR7
NZKDT5HjY8s1ktYAvdfX+CVKKCO3FQjdVktB6q8oC4TUuj/SPaZiNNVeVvBBHh9l
W11KoAnC2E32LeW9fS8zIOJA9v3P7ibo/i4KXygKdzN19kNxHcKMKp6MlwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFMheBRv34JPqTkVOO69EPPQumRfMMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEveUY0RkdfZmdrLXBPUlU0N3IwUTg5QzZaRjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCBbTwAwQC
ThhkAwQAW9AjAwQCW954AwQAgABcAwQAgABeAwQAsGC9AwQCvF1AAwQCwQfYAwQA
1fHHMA0EAgACMAcDBQMqBZwAMA0GCSqGSIb3DQEBCwUAA4IBAQBk3r5GPdQUGX+T
heJsPonNc+dxmBdyRj6Fw8IP+BRvi8lvl+0x4AJb8/gn+8hvwc0waAupr8WOIAtd
RyMiUPoTQttkIP+Y/EI0nUY2Bh/102aCEek3NXfz0GLaHXI3+t/8r3XJwNiWB2Xq
+gaqwQ/NsLkSlS1m3hiuJVW7epBzrd2yabyN6ol1D8/gzOU8XMrPPdo+/HZtwwqj
LZNoJnMVa19eDG+hU7U1M5UG6kmdwvnQQqA7E3A+dmKU3yvLL/tcC0frbv49wPKl
LP/j95bcXO/Utfnxn64PSLBWBLBcGrpvugNdXePsGacaAIu7YPfBrb8iHL09Xjt1
VCsNk14N
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:45:44 2025 by rpki-client