Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PyYRd3fvjwf2XwMzhVw-yfBSITk.roa
File: PyYRd3fvjwf2XwMzhVw-yfBSITk.roa (raw, json)
Hash identifier: UX2MZbdWYkreQb29muw85i4mv4Ra+tHmSoCun2B6Gco=
Subject key identifier: 3F:26:11:77:77:EF:8F:07:F6:5F:03:33:85:5C:3E:C9:F0:52:21:39
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01942823D0BCBDC47E84DA3FEF623839A261
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PyYRd3fvjwf2XwMzhVw-yfBSITk.roa
Signing time: Thu 02 Jan 2025 17:50:23 +0000
ROA not before: Thu 02 Jan 2025 17:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39847
IP address blocks: 89.185.160.0/19 maxlen: 19
178.18.176.0/20 maxlen: 20
185.150.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 13 Feb 2025 16:46:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:d0:bc:bd:c4:7e:84:da:3f:ef:62:38:39:a2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 17:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f26117777ef8f07f65f0333855c3ec9f0522139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:c1:78:b0:69:a9:20:58:99:7c:7c:5c:3c:
1a:45:c0:17:81:75:1b:b1:3d:c3:7b:ad:d7:fc:15:
ad:d2:f6:5d:2c:b3:0c:39:93:65:13:56:94:9e:5a:
63:83:8f:5b:52:da:69:a9:03:b5:a8:8e:58:53:31:
bd:b0:85:f5:8b:ce:e9:97:7c:fd:33:d6:31:40:d0:
b3:fd:c9:f9:f9:27:6e:c3:b3:6d:ad:c7:bd:35:b6:
d3:4b:a3:fd:8d:8b:2e:d8:d1:b3:38:94:6e:31:af:
8b:2a:8e:83:b6:1f:29:a0:e2:dd:92:4e:39:09:07:
8c:28:00:48:6e:78:97:0d:e4:5b:59:0c:df:e1:86:
97:f0:95:ca:ff:fc:eb:8d:ce:1a:09:31:66:cc:fb:
91:71:1c:b5:b8:d5:e4:a3:96:51:a8:8e:4c:f3:11:
0e:31:cf:e8:53:35:84:6b:b6:bf:df:0e:3d:88:d4:
aa:9a:66:0e:8c:99:72:61:25:ed:80:7d:8a:57:3a:
d7:40:b0:55:dd:a4:11:e7:5b:69:31:76:f3:3d:cf:
bc:2b:67:2f:dc:08:ff:12:40:ba:af:84:d0:74:20:
95:7b:90:17:1c:90:02:60:43:a1:cf:be:ed:5c:1a:
1f:f7:e9:72:b5:f3:59:c5:35:4d:3a:6e:30:82:1c:
cf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:26:11:77:77:EF:8F:07:F6:5F:03:33:85:5C:3E:C9:F0:52:21:39
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PyYRd3fvjwf2XwMzhVw-yfBSITk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.160.0/19
178.18.176.0/20
185.150.120.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:c3:f7:20:a3:55:f6:07:05:4c:33:fc:9a:4a:c5:3f:c1:ee:
f3:6c:6d:d1:d2:10:0e:83:3e:1a:02:9f:f0:5d:00:5f:04:88:
31:d5:59:a6:66:2c:b4:c5:ae:48:03:98:2c:c2:66:01:a3:95:
0d:99:4f:1f:23:b7:c9:6d:9d:ac:10:39:10:75:6f:5f:31:53:
f3:fd:84:d4:73:b3:59:cd:b5:c6:61:20:e5:3f:82:9d:a7:83:
5c:2a:45:6a:55:e9:71:ed:ea:93:39:fa:c8:4f:39:82:ff:57:
28:a8:f1:8e:bb:80:9a:a4:6a:43:bd:54:5d:5b:24:9d:a5:86:
20:32:63:3c:aa:87:d4:cd:a6:98:07:cf:d0:8a:2b:98:0b:56:
0f:79:13:1d:07:aa:cf:f4:e4:69:50:0b:3f:a7:17:6f:a4:7c:
98:16:ae:5d:31:4d:3b:c0:06:e6:9d:b3:a8:f1:77:bf:a9:06:
0a:17:14:97:28:97:ea:b6:6f:f4:cb:6e:56:87:6a:40:7c:78:
64:6a:d9:5a:65:c0:8c:d8:32:38:3d:0a:f7:be:7f:af:e4:5d:
e1:90:59:b3:bb:35:c5:e5:c1:e7:1a:1a:3c:bf:8d:b4:1a:71:
3d:c8:aa:b8:7e:c7:98:ec:24:0c:a4:c4:ca:7c:fe:ba:7c:2b:
d2:5b:b5:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoI9C8vcR+hNo/72I4OaJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMTAyMTc1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjI2MTE3Nzc3ZWY4ZjA3ZjY1ZjAzMzM4NTVjM2VjOWYwNTIyMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQrBeLBpqSBYmXx8XDwaRcAXgXUb
sT3De63X/BWt0vZdLLMMOZNlE1aUnlpjg49bUtppqQO1qI5YUzG9sIX1i87pl3z9
M9YxQNCz/cn5+Sduw7Ntrce9NbbTS6P9jYsu2NGzOJRuMa+LKo6Dth8poOLdkk45
CQeMKABIbniXDeRbWQzf4YaX8JXK//zrjc4aCTFmzPuRcRy1uNXko5ZRqI5M8xEO
Mc/oUzWEa7a/3w49iNSqmmYOjJlyYSXtgH2KVzrXQLBV3aQR51tpMXbzPc+8K2cv
3Aj/EkC6r4TQdCCVe5AXHJACYEOhz77tXBof9+lytfNZxTVNOm4wghzPHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD8mEXd3748H9l8DM4VcPsnwUiE5MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUHlZUmQzZnZqd2YyWHdNemhWdy15ZkJTSVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFWbmgAwQE
shKwAwQCuZZ4MA0GCSqGSIb3DQEBCwUAA4IBAQCrw/cgo1X2BwVMM/yaSsU/we7z
bG3R0hAOgz4aAp/wXQBfBIgx1VmmZiy0xa5IA5gswmYBo5UNmU8fI7fJbZ2sEDkQ
dW9fMVPz/YTUc7NZzbXGYSDlP4Kdp4NcKkVqVelx7eqTOfrITzmC/1coqPGOu4Ca
pGpDvVRdWySdpYYgMmM8qofUzaaYB8/QiiuYC1YPeRMdB6rP9ORpUAs/pxdvpHyY
Fq5dMU07wAbmnbOo8Xe/qQYKFxSXKJfqtm/0y25Wh2pAfHhkatlaZcCM2DI4PQr3
vn+v5F3hkFmzuzXF5cHnGho8v420GnE9yKq4fseY7CQMpMTKfP66fCvSW7W9
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:55:37 2025 by rpki-client