Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/5yTXW6qXGKyP6VgZyaWCA-xyBKE.roa
File: 5yTXW6qXGKyP6VgZyaWCA-xyBKE.roa (raw, json)
Hash identifier: cyFmkqN3MNf6xYhz6k/ZDothzlRkAwmzpn6miSSQ3bg=
Subject key identifier: E7:24:D7:5B:AA:97:18:AC:8F:E9:58:19:C9:A5:82:03:EC:72:04:A1
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01956C21F6FFCDB8FA9AC297281FCE14EAEB
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/5yTXW6qXGKyP6VgZyaWCA-xyBKE.roa
Signing time: Thu 06 Mar 2025 15:45:19 +0000
ROA not before: Thu 06 Mar 2025 15:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 213.18.224.0/20 maxlen: 24
217.179.56.0/22 maxlen: 22
217.179.72.0/22 maxlen: 22
217.179.124.0/22 maxlen: 22
217.179.220.0/22 maxlen: 22
217.181.72.0/22 maxlen: 24
217.181.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 12:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:21:f6:ff:cd:b8:fa:9a:c2:97:28:1f:ce:14:ea:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Mar 6 15:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e724d75baa9718ac8fe95819c9a58203ec7204a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0b:0f:ba:b0:d9:3a:d2:9b:66:22:2f:01:43:
bb:33:3b:a7:d7:67:0a:69:6f:44:93:9b:47:02:2f:
ca:1d:68:e5:e9:95:7e:3b:af:de:59:f8:c8:76:0a:
e1:c9:45:fd:47:0a:a9:c8:9a:4c:61:af:9e:9d:73:
53:a2:6e:5e:21:5e:51:86:58:c0:16:66:76:c3:78:
58:a1:0b:9a:e0:3d:b0:8e:04:67:9a:30:87:58:50:
dc:6a:9f:58:49:04:42:88:54:4c:89:2c:61:d4:32:
56:f2:33:82:62:f4:38:6a:a6:10:c0:7e:dd:38:cf:
54:c0:2f:88:12:3e:4a:e6:7c:d0:4f:ef:ae:55:f8:
1d:3b:99:71:e4:c7:e4:67:de:49:ce:06:1a:b2:10:
91:b5:99:8f:f0:a2:ae:54:ce:4d:8b:cb:24:aa:2d:
31:1e:8f:ab:8c:fc:cf:df:e3:1c:a1:fb:26:c0:e1:
32:73:7a:07:c6:c4:d6:62:31:49:69:f8:f9:28:16:
94:0b:d1:dd:a4:b9:99:5a:7b:77:51:6c:e8:36:3e:
e9:d3:26:4d:7d:a1:71:91:80:4e:fd:05:5e:8d:b9:
da:23:b4:50:6e:3c:30:e9:7c:62:df:38:a1:e2:4f:
92:31:4c:bb:88:ae:5d:84:9d:e7:d7:30:40:dc:52:
0a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:24:D7:5B:AA:97:18:AC:8F:E9:58:19:C9:A5:82:03:EC:72:04:A1
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/5yTXW6qXGKyP6VgZyaWCA-xyBKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.224.0/20
217.179.56.0/22
217.179.72.0/22
217.179.124.0/22
217.179.220.0/22
217.181.72.0/22
217.181.80.0/22
Signature Algorithm: sha256WithRSAEncryption
49:a0:67:1f:84:54:9c:37:8b:5d:0e:52:f8:a8:08:06:b5:ed:
1b:a9:43:79:6b:76:54:29:e3:67:5a:c9:4f:68:df:2e:44:c6:
28:0b:f5:b9:e8:df:8a:0b:76:99:19:aa:c5:fb:8d:4e:f2:e7:
81:17:ed:88:9e:fb:c4:28:52:44:6d:85:09:da:9b:4f:2a:a2:
2d:5b:44:03:82:8e:bc:d6:16:72:ac:9a:d0:5b:86:27:ae:c4:
dd:26:04:f6:1c:45:12:ad:7e:e1:0f:8a:6a:e3:00:ad:8a:0e:
8f:6a:c2:61:fb:7a:35:8f:c5:bf:fc:17:da:d5:4a:44:44:f2:
1a:eb:2f:97:9d:c4:6e:f6:98:e3:06:5c:c3:67:d7:5d:b4:a8:
ab:86:18:6c:65:4c:7f:75:7f:22:b5:13:40:d2:6b:33:c3:6d:
35:7f:e1:f0:37:cd:67:d9:fc:54:29:c8:9f:44:77:c8:38:5d:
6c:9c:e5:b0:62:5b:0b:8c:3e:9d:85:83:b2:9c:c8:9c:6a:e5:
ea:ef:af:9c:f8:ac:74:79:a9:c5:ab:e8:bc:81:b3:ae:f8:d6:
de:31:ec:2d:1e:3f:40:c6:c5:a0:cc:92:e0:c6:0c:6a:85:80:
b6:9a:12:39:79:b5:e6:62:fc:70:af:ec:d8:a9:b8:b5:f9:c7:
1d:a1:07:d5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZVsIfb/zbj6msKXKB/OFOrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMzA2MTU0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI0ZDc1YmFhOTcxOGFjOGZlOTU4MTljOWE1ODIwM2VjNzIwNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgsPurDZOtKbZiIvAUO7Mzun12cK
aW9Ek5tHAi/KHWjl6ZV+O6/eWfjIdgrhyUX9RwqpyJpMYa+enXNTom5eIV5RhljA
FmZ2w3hYoQua4D2wjgRnmjCHWFDcap9YSQRCiFRMiSxh1DJW8jOCYvQ4aqYQwH7d
OM9UwC+IEj5K5nzQT++uVfgdO5lx5MfkZ95JzgYashCRtZmP8KKuVM5Ni8skqi0x
Ho+rjPzP3+McofsmwOEyc3oHxsTWYjFJafj5KBaUC9HdpLmZWnt3UWzoNj7p0yZN
faFxkYBO/QVejbnaI7RQbjww6Xxi3zih4k+SMUy7iK5dhJ3n1zBA3FIKywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOck11uqlxisj+lYGcmlggPscgShMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvNXlUWFc2cVhHS3lQNlZnWnlhV0NBLXh5QktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQE1RLgAwQC
2bM4AwQC2bNIAwQC2bN8AwQC2bPcAwQC2bVIAwQC2bVQMA0GCSqGSIb3DQEBCwUA
A4IBAQBJoGcfhFScN4tdDlL4qAgGte0bqUN5a3ZUKeNnWslPaN8uRMYoC/W56N+K
C3aZGarF+41O8ueBF+2InvvEKFJEbYUJ2ptPKqItW0QDgo681hZyrJrQW4YnrsTd
JgT2HEUSrX7hD4pq4wCtig6PasJh+3o1j8W//Bfa1UpERPIa6y+XncRu9pjjBlzD
Z9ddtKirhhhsZUx/dX8itRNA0mszw201f+HwN81n2fxUKcifRHfIOF1snOWwYlsL
jD6dhYOynMicauXq76+c+Kx0eanFq+i8gbOu+NbeMewtHj9AxsWgzJLgxgxqhYC2
mhI5ebXmYvxwr+zYqbi1+ccdoQfV
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:07:24 2025 by rpki-client