Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/yKMSrvMyXrd7G0y4ya-DfjBq8Vg.roa
File: yKMSrvMyXrd7G0y4ya-DfjBq8Vg.roa (raw, json)
Hash identifier: XnbJ2Zvh9YY5UhieFodtDPcivCxxYwtHQCfE+yzNHk8=
Subject key identifier: C8:A3:12:AE:F3:32:5E:B7:7B:1B:4C:B8:C9:AF:83:7E:30:6A:F1:58
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018CC5006408B7FBC5D0BBAA7CDB913BF131
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/yKMSrvMyXrd7G0y4ya-DfjBq8Vg.roa
Signing time: Mon 01 Jan 2024 12:29:46 +0000
ROA not before: Mon 01 Jan 2024 12:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 91.209.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:64:08:b7:fb:c5:d0:bb:aa:7c:db:91:3b:f1:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 12:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8a312aef3325eb77b1b4cb8c9af837e306af158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:70:c3:40:95:c0:4f:a1:4a:f5:b2:87:8a:dd:
36:84:17:68:71:3e:fa:b0:12:4e:46:e1:6b:ee:6b:
a2:bf:71:cb:d1:66:98:cb:12:b1:1e:b5:a2:da:72:
ad:67:1a:30:a5:11:76:71:24:c3:58:c7:99:6a:a4:
ac:aa:00:c6:87:0e:ab:91:b1:60:23:ca:a0:79:3f:
07:52:fc:95:ef:58:ed:e1:ae:2d:31:34:93:6a:5a:
86:7e:8b:6b:d5:29:90:39:c5:72:d4:3d:fd:f7:7d:
b4:6f:f9:09:af:ea:95:67:aa:9a:96:32:97:51:09:
bc:1b:4a:99:08:3d:fe:36:0e:5f:2b:1f:95:66:b5:
db:57:1b:cf:26:9d:ea:87:01:1b:89:4f:65:6d:66:
a6:d6:5d:f3:9e:bc:c8:fe:10:d7:3b:ed:b5:2d:b5:
4d:9f:37:4b:cc:f2:a1:62:fe:e5:9e:01:15:9f:fc:
23:fd:1c:7f:df:68:30:a9:46:bb:94:c1:94:2b:ae:
32:e1:e8:16:ec:db:c5:08:75:7a:ee:03:14:e1:94:
6e:57:fc:53:7a:63:74:04:ee:18:77:7c:e9:93:f2:
03:e8:dc:22:23:cc:c7:d1:7a:b2:9f:17:d2:e9:a2:
43:87:42:00:1f:e7:9e:4e:e1:17:bf:c7:2d:4c:bf:
28:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A3:12:AE:F3:32:5E:B7:7B:1B:4C:B8:C9:AF:83:7E:30:6A:F1:58
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/yKMSrvMyXrd7G0y4ya-DfjBq8Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.107.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:48:62:64:ab:9f:45:c0:5e:3f:ce:85:8f:ff:ca:29:33:90:
1c:ca:63:73:2f:bd:0e:b0:bf:ad:07:73:1a:dd:42:3c:14:0a:
fe:07:02:d6:92:1f:f6:1e:ec:32:93:2a:92:44:93:e8:02:5c:
b9:1b:58:9b:24:4d:3e:fa:28:ac:17:93:9c:84:88:22:da:66:
c9:f2:b9:51:47:45:9e:af:08:02:ce:f1:d4:33:c2:0d:47:f4:
2e:b5:d5:c8:6a:d4:94:a3:97:ef:4d:d0:3b:bb:39:f1:69:73:
e5:1b:11:3d:e2:a4:9a:92:e4:10:96:79:47:db:42:90:94:26:
ef:c0:e8:1f:81:c5:d2:d0:a3:26:8f:fc:78:03:e7:14:d3:ef:
2d:06:10:57:ab:fd:09:b5:cc:2c:cb:f6:b6:1e:73:5f:29:d0:
16:2f:32:de:8f:1e:87:d5:88:32:8a:59:c0:bc:05:0e:36:ea:
4e:2b:08:06:a7:c9:e6:e2:80:f4:40:96:42:a5:94:01:2a:37:
b4:bd:61:01:39:00:db:fb:b1:d4:c1:c7:fb:3b:a9:73:eb:a8:
5b:c4:c9:14:d2:b7:cf:0d:fe:f2:1d:6f:94:6c:ce:45:62:c5:
43:cf:e7:f9:10:19:df:9a:6c:73:24:7a:c3:63:5f:55:02:5d:
8a:63:69:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAGQIt/vF0LuqfNuRO/ExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGEzMTJhZWYzMzI1ZWI3N2IxYjRjYjhjOWFmODM3ZTMwNmFmMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHDDQJXAT6FK9bKHit02hBdocT76
sBJORuFr7muiv3HL0WaYyxKxHrWi2nKtZxowpRF2cSTDWMeZaqSsqgDGhw6rkbFg
I8qgeT8HUvyV71jt4a4tMTSTalqGfotr1SmQOcVy1D399320b/kJr+qVZ6qaljKX
UQm8G0qZCD3+Ng5fKx+VZrXbVxvPJp3qhwEbiU9lbWam1l3znrzI/hDXO+21LbVN
nzdLzPKhYv7lngEVn/wj/Rx/32gwqUa7lMGUK64y4egW7NvFCHV67gMU4ZRuV/xT
emN0BO4Yd3zpk/ID6NwiI8zH0XqynxfS6aJDh0IAH+eeTuEXv8ctTL8otQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMijEq7zMl63extMuMmvg34wavFYMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEveUtNU3J2TXlYcmQ3RzB5NHlhLURmakJxOFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FrMA0G
CSqGSIb3DQEBCwUAA4IBAQB/SGJkq59FwF4/zoWP/8opM5AcymNzL70OsL+tB3Ma
3UI8FAr+BwLWkh/2HuwykyqSRJPoAly5G1ibJE0++iisF5OchIgi2mbJ8rlRR0We
rwgCzvHUM8INR/QutdXIatSUo5fvTdA7uznxaXPlGxE94qSakuQQlnlH20KQlCbv
wOgfgcXS0KMmj/x4A+cU0+8tBhBXq/0Jtcwsy/a2HnNfKdAWLzLejx6H1YgyilnA
vAUONupOKwgGp8nm4oD0QJZCpZQBKje0vWEBOQDb+7HUwcf7O6lz66hbxMkU0rfP
Df7yHW+UbM5FYsVDz+f5EBnfmmxzJHrDY19VAl2KY2nx
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:49:49 2025 by rpki-client