Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/YLPpws5IByhDMaB0krRuTcoVBzY.roa
File: YLPpws5IByhDMaB0krRuTcoVBzY.roa (raw, json)
Hash identifier: qlKgbgWv9lPQ40LssIIUcVdfoMPG+MH+sGhuPE8azKI=
Subject key identifier: 60:B3:E9:C2:CE:48:07:28:43:31:A0:74:92:B4:6E:4D:CA:15:07:36
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019425CDE92100EA25BCF24167805528DC80
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/YLPpws5IByhDMaB0krRuTcoVBzY.roa
Signing time: Thu 02 Jan 2025 06:57:19 +0000
ROA not before: Thu 02 Jan 2025 06:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.34.101.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 14:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:cd:e9:21:00:ea:25:bc:f2:41:67:80:55:28:dc:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 06:57:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60b3e9c2ce4807284331a07492b46e4dca150736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2d:59:7b:51:ca:83:2b:1d:d3:8c:d9:8c:99:
93:10:74:ed:02:f1:01:10:12:fb:be:92:4a:8a:5f:
b4:f1:da:59:82:26:43:63:8e:99:1c:c4:c7:56:3d:
3f:77:55:9a:32:13:c6:de:0b:3d:85:23:ae:e6:62:
bd:dd:40:82:b0:ce:42:1e:16:e3:a7:f8:4f:2e:45:
41:d0:4b:c7:46:84:59:30:13:d5:ca:06:38:84:39:
2f:63:33:12:d2:e6:1d:30:8f:67:ec:fc:cd:6c:72:
dd:fb:d0:ea:08:05:b1:89:fa:ea:c7:a5:55:05:b5:
6b:07:d7:8c:6c:28:f2:7a:72:d1:42:59:63:1c:19:
c0:9f:f6:8a:d9:ea:a2:d6:8e:37:2b:41:70:7c:24:
24:68:03:0d:a3:92:19:27:01:65:0d:2f:73:93:be:
24:fa:40:82:55:c1:43:03:1e:bf:6e:d5:88:60:0d:
42:13:b4:df:d6:5d:24:b6:55:b7:6f:fd:ad:a3:7d:
31:11:7c:37:68:e7:d7:3f:c6:f7:0d:f7:4e:7d:19:
12:5c:18:ff:53:76:48:19:4f:a3:a1:5e:b0:24:29:
f2:0f:d1:03:36:4f:80:73:26:3e:18:5a:51:b1:34:
84:a7:2d:86:66:81:81:e5:32:05:02:cd:c8:84:2b:
a1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B3:E9:C2:CE:48:07:28:43:31:A0:74:92:B4:6E:4D:CA:15:07:36
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/YLPpws5IByhDMaB0krRuTcoVBzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.35.130.0/24
93.114.183.0/24
185.34.101.0/24
185.254.66.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
71:fd:d8:c2:94:bb:c0:a1:95:14:46:0a:54:e3:60:41:ba:56:
ea:6c:56:5c:c5:01:9a:68:e2:7e:36:dc:cc:21:4c:01:89:2e:
57:f8:de:73:03:60:c7:c6:68:91:da:84:40:c8:dc:c8:3f:a3:
70:8f:01:ea:b0:9d:f2:fa:1d:10:0f:bc:98:e4:60:cd:5e:c9:
6d:28:39:a5:8f:e7:ed:c0:af:50:04:1c:07:84:69:97:19:c6:
1e:81:66:45:ec:b1:93:dc:c5:c6:eb:3f:ed:e7:ef:0e:1c:ab:
83:e2:93:92:03:5e:31:ab:31:0c:57:3f:fd:9e:36:e7:cf:63:
8b:f5:b8:6d:08:95:50:28:94:da:5a:47:c0:56:46:77:05:70:
19:8d:5f:41:7e:ff:41:ba:74:0c:c0:4b:2c:b7:05:ff:ec:cf:
2a:bb:ff:a9:11:c7:44:55:29:0a:1d:71:c6:eb:4a:1f:86:8b:
c2:86:5b:04:29:e1:22:8d:fc:7f:11:12:3f:fb:84:98:f3:46:
14:6a:64:79:f8:63:06:7e:4b:e9:97:ad:a4:06:f2:83:0a:bc:
5a:46:d7:00:ea:a3:ef:f0:e4:d5:8f:b4:24:86:f6:16:4f:8c:
39:7d:d5:a7:bd:f4:0a:5c:90:db:76:2e:12:14:16:f9:97:d7:
15:c1:d9:c8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQlzekhAOolvPJBZ4BVKNyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMDY1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGIzZTljMmNlNDgwNzI4NDMzMWEwNzQ5MmI0NmU0ZGNhMTUwNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni1Ze1HKgysd04zZjJmTEHTtAvEB
EBL7vpJKil+08dpZgiZDY46ZHMTHVj0/d1WaMhPG3gs9hSOu5mK93UCCsM5CHhbj
p/hPLkVB0EvHRoRZMBPVygY4hDkvYzMS0uYdMI9n7PzNbHLd+9DqCAWxifrqx6VV
BbVrB9eMbCjyenLRQlljHBnAn/aK2eqi1o43K0FwfCQkaAMNo5IZJwFlDS9zk74k
+kCCVcFDAx6/btWIYA1CE7Tf1l0ktlW3b/2to30xEXw3aOfXP8b3DfdOfRkSXBj/
U3ZIGU+joV6wJCnyD9EDNk+AcyY+GFpRsTSEpy2GZoGB5TIFAs3IhCuhrQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGCz6cLOSAcoQzGgdJK0bk3KFQc2MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWUxQcHdzNUlCeWhETWFCMGtyUnVUY29WQnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYe2AwQA
WSJqAwQAWSOCAwQAXXK3AwQAuSJlAwQAuf5CAwQAw1hZMA0GCSqGSIb3DQEBCwUA
A4IBAQBx/djClLvAoZUURgpU42BBulbqbFZcxQGaaOJ+NtzMIUwBiS5X+N5zA2DH
xmiR2oRAyNzIP6NwjwHqsJ3y+h0QD7yY5GDNXsltKDmlj+ftwK9QBBwHhGmXGcYe
gWZF7LGT3MXG6z/t5+8OHKuD4pOSA14xqzEMVz/9njbnz2OL9bhtCJVQKJTaWkfA
VkZ3BXAZjV9Bfv9BunQMwEsstwX/7M8qu/+pEcdEVSkKHXHG60ofhovChlsEKeEi
jfx/ERI/+4SY80YUamR5+GMGfkvpl62kBvKDCrxaRtcA6qPv8OTVj7QkhvYWT4w5
fdWnvfQKXJDbdi4SFBb5l9cVwdnI
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:17 2025 by rpki-client