Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/YcILjJ2UUGgCuCC12yOfJNMv73A.roa
File: YcILjJ2UUGgCuCC12yOfJNMv73A.roa (raw, json)
Hash identifier: LkG7c2XHk04tNUbocK/Q+08kZv1dTJbsIklF0rBAfA0=
Subject key identifier: 61:C2:0B:8C:9D:94:50:68:02:B8:20:B5:DB:23:9F:24:D3:2F:EF:70
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01941FFA42F4773216F6CCB8830B8291E6BD
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/YcILjJ2UUGgCuCC12yOfJNMv73A.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201341
IP address blocks: 37.153.134.0/24 maxlen: 24
37.156.6.0/24 maxlen: 24
46.102.251.0/24 maxlen: 24
85.204.245.0/24 maxlen: 24
85.204.251.0/24 maxlen: 24
86.105.7.0/24 maxlen: 24
86.105.13.0/24 maxlen: 24
86.107.102.0/24 maxlen: 24
89.33.117.0/24 maxlen: 24
89.33.118.0/24 maxlen: 24
89.34.172.0/24 maxlen: 24
89.35.126.0/24 maxlen: 24
89.36.142.0/24 maxlen: 24
89.36.225.0/24 maxlen: 24
89.37.234.0/24 maxlen: 24
89.39.122.0/24 maxlen: 24
94.177.22.0/24 maxlen: 24
176.223.67.0/24 maxlen: 24
185.77.164.0/22 maxlen: 22
185.77.164.0/24 maxlen: 24
185.77.165.0/24 maxlen: 24
185.77.166.0/24 maxlen: 24
185.77.167.0/24 maxlen: 24
188.208.102.0/24 maxlen: 24
188.211.26.0/24 maxlen: 24
188.213.218.0/24 maxlen: 24
188.215.34.0/24 maxlen: 24
188.240.69.0/24 maxlen: 24
188.240.211.0/24 maxlen: 24
2a05:6300::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 31 Jan 2025 12:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:42:f4:77:32:16:f6:cc:b8:83:0b:82:91:e6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61c20b8c9d94506802b820b5db239f24d32fef70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:ee:ad:1d:ec:09:4d:26:e8:73:1e:83:3e:
56:c4:03:af:5f:8b:f5:ce:bf:01:38:e6:b8:aa:34:
c9:56:7e:42:41:1e:59:46:45:28:b7:c8:29:cc:d9:
9e:ad:a7:55:c9:a2:c0:79:5b:52:71:64:a3:bd:7a:
44:50:b5:17:e4:02:c5:45:a4:93:fe:80:84:c7:8b:
95:ad:d5:f3:c8:19:37:da:08:6f:d5:14:6f:14:43:
ae:b9:9c:50:bf:2a:27:90:5c:77:2b:a0:4d:a5:67:
ab:da:33:54:a4:49:ea:43:92:f8:3d:f9:37:42:05:
30:46:e1:76:a6:d2:a4:a6:77:f1:28:bb:f3:6a:09:
26:36:f6:9f:2b:4d:84:58:6d:e1:11:1a:e4:a4:4d:
89:4b:ff:64:5d:98:7b:99:9b:dc:6e:6b:c7:7e:77:
dc:d0:0c:98:72:8c:43:e1:5b:a7:80:02:52:c3:a0:
12:a0:30:34:41:56:b4:a8:0f:24:e1:9f:30:ea:a2:
9c:61:66:f0:0c:70:94:95:03:19:23:be:1b:d9:ee:
c8:f5:01:30:3a:2a:a9:a8:30:62:d3:6f:7d:2a:eb:
65:28:72:4b:ad:1d:09:34:5f:f8:c8:4a:b7:9a:93:
6c:c1:90:5c:d4:c9:c2:ba:d3:68:0a:ef:14:31:73:
f8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C2:0B:8C:9D:94:50:68:02:B8:20:B5:DB:23:9F:24:D3:2F:EF:70
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/YcILjJ2UUGgCuCC12yOfJNMv73A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.134.0/24
37.156.6.0/24
46.102.251.0/24
85.204.245.0/24
85.204.251.0/24
86.105.7.0/24
86.105.13.0/24
86.107.102.0/24
89.33.117.0-89.33.118.255
89.34.172.0/24
89.35.126.0/24
89.36.142.0/24
89.36.225.0/24
89.37.234.0/24
89.39.122.0/24
94.177.22.0/24
176.223.67.0/24
185.77.164.0/22
188.208.102.0/24
188.211.26.0/24
188.213.218.0/24
188.215.34.0/24
188.240.69.0/24
188.240.211.0/24
IPv6:
2a05:6300::/29
Signature Algorithm: sha256WithRSAEncryption
b4:3d:d0:59:e1:76:75:14:c6:ed:8a:21:84:4e:cb:89:a1:6b:
66:16:65:d6:2f:1c:ed:92:6e:58:7d:0d:6b:fd:4e:50:fe:84:
75:f7:fa:01:17:ad:af:86:ae:11:a8:1d:73:c4:3d:4c:97:3c:
d6:59:bd:d4:fe:fe:31:76:d3:ff:ac:62:3d:f1:61:a4:f0:94:
70:24:2d:a5:70:a7:16:44:ae:0a:01:9c:af:1c:4b:8c:cd:7a:
15:6b:b2:1a:3e:b2:a6:4e:fc:58:d3:67:0f:a4:aa:de:2a:8f:
8b:5f:f8:f0:91:2c:8f:c8:40:45:43:3d:45:27:30:2f:b7:8c:
0b:1c:e5:4c:ab:4d:ea:19:f6:f3:32:a9:9c:76:25:b8:d2:18:
d6:29:92:16:bb:21:8d:8f:84:c7:8a:63:ec:f3:1a:c7:21:96:
04:fa:6a:77:e4:cf:db:fd:79:5a:ff:08:7e:43:b8:5e:de:59:
bd:ec:0f:48:a2:46:38:51:6c:a1:8f:91:f6:41:79:df:ea:87:
4a:f2:f8:32:8a:eb:11:71:d9:dc:d4:7c:2f:a1:4d:38:90:01:
c1:31:28:7b:d4:a7:f2:cf:7d:da:19:26:2b:cf:67:95:b7:e6:
af:b8:c0:9f:3e:75:79:a0:34:38:66:1e:ab:8b:11:b7:8a:db:
8f:ff:6b:2b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQf+kL0dzIW9sy4gwuCkea9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWMyMGI4YzlkOTQ1MDY4MDJiODIwYjVkYjIzOWYyNGQzMmZlZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc7urR3sCU0m6HMegz5WxAOvX4v1
zr8BOOa4qjTJVn5CQR5ZRkUot8gpzNmeradVyaLAeVtScWSjvXpEULUX5ALFRaST
/oCEx4uVrdXzyBk32ghv1RRvFEOuuZxQvyonkFx3K6BNpWer2jNUpEnqQ5L4Pfk3
QgUwRuF2ptKkpnfxKLvzagkmNvafK02EWG3hERrkpE2JS/9kXZh7mZvcbmvHfnfc
0AyYcoxD4VungAJSw6ASoDA0QVa0qA8k4Z8w6qKcYWbwDHCUlQMZI74b2e7I9QEw
OiqpqDBi0299KutlKHJLrR0JNF/4yEq3mpNswZBc1MnCutNoCu8UMXP4fwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGHCC4ydlFBoArggtdsjnyTTL+9wMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvWWNJTGpKMlVVR2dDdUNDMTJ5T2ZKTk12NzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAAl
mYYDBAAlnAYDBAAuZvsDBABVzPUDBABVzPsDBABWaQcDBABWaQ0DBABWa2YwDAME
AFkhdQMEAFkhdgMEAFkirAMEAFkjfgMEAFkkjgMEAFkk4QMEAFkl6gMEAFknegME
AF6xFgMEALDfQwMEArlNpAMEALzQZgMEALzTGgMEALzV2gMEALzXIgMEALzwRQME
ALzw0zANBAIAAjAHAwUDKgVjADANBgkqhkiG9w0BAQsFAAOCAQEAtD3QWeF2dRTG
7YohhE7LiaFrZhZl1i8c7ZJuWH0Na/1OUP6Edff6ARetr4auEagdc8Q9TJc81lm9
1P7+MXbT/6xiPfFhpPCUcCQtpXCnFkSuCgGcrxxLjM16FWuyGj6ypk78WNNnD6Sq
3iqPi1/48JEsj8hARUM9RScwL7eMCxzlTKtN6hn28zKpnHYluNIY1imSFrshjY+E
x4pj7PMaxyGWBPpqd+TP2/15Wv8IfkO4Xt5ZvewPSKJGOFFsoY+R9kF53+qHSvL4
MorrEXHZ3NR8L6FNOJABwTEoe9Sn8s992hkmK89nlbfmr7jAnz51eaA0OGYeq4sR
t4rbj/9rKw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:29:39 2025 by rpki-client