Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/Y4vqRZm3xmN2znZpgIPdK4UC_iE.roa
File: Y4vqRZm3xmN2znZpgIPdK4UC_iE.roa (raw, json)
Hash identifier: Y8GFDJt6PF9hEw+0m+VHT2kOwiBCcG/5CtWB5tBEt/g=
Subject key identifier: 63:8B:EA:45:99:B7:C6:63:76:CE:76:69:80:83:DD:2B:85:02:FE:21
Certificate issuer: /CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Certificate serial: 019424456D699376F7581B987D5506055784
Authority key identifier: CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/Y4vqRZm3xmN2znZpgIPdK4UC_iE.roa
Signing time: Wed 01 Jan 2025 23:48:37 +0000
ROA not before: Wed 01 Jan 2025 23:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 137.224.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6d:69:93:76:f7:58:1b:98:7d:55:06:05:57:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Validity
Not Before: Jan 1 23:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=638bea4599b7c66376ce76698083dd2b8502fe21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4a:3b:9c:25:29:6a:95:06:de:3f:58:c6:7e:
a2:04:bc:98:fd:5d:73:91:ac:c7:83:64:96:98:0b:
bf:24:10:78:65:01:bc:c9:a7:e9:1d:e8:4e:db:69:
00:9d:17:d5:c2:ce:be:1c:73:0b:a0:60:09:4e:04:
1b:01:95:65:84:aa:4d:08:4b:27:bb:58:a4:52:5c:
a4:8e:a4:19:23:d5:34:31:f5:02:db:08:e9:7b:53:
2d:cd:39:a1:9f:5a:7c:6c:bf:1e:9b:b6:46:2c:df:
f6:7c:b8:9c:5d:85:41:53:2e:78:ad:2d:a7:23:19:
5a:84:8d:38:52:d9:6c:30:9c:68:8e:7a:c4:7d:bf:
fc:f8:ed:bd:60:92:6d:b2:09:70:9c:4f:0b:a3:22:
0e:85:bc:75:fd:0c:bf:a1:03:95:b6:62:cd:79:b1:
69:0f:7d:c6:9c:f1:a6:d3:da:d4:63:64:da:90:34:
49:35:07:a3:3a:ff:50:8c:62:43:c3:f5:3e:18:25:
78:3e:99:d0:09:09:46:53:37:36:4f:f7:f5:0d:e4:
f3:d4:ae:4e:12:9d:32:16:6f:12:82:e3:30:e9:89:
11:af:1c:c6:31:a9:66:00:e0:8b:63:85:58:67:3b:
b9:0d:88:31:1e:cb:7a:c9:73:d4:73:be:76:8f:c5:
51:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8B:EA:45:99:B7:C6:63:76:CE:76:69:80:83:DD:2B:85:02:FE:21
X509v3 Authority Key Identifier:
keyid:CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/Y4vqRZm3xmN2znZpgIPdK4UC_iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:76:f7:f2:a1:af:ef:cb:71:65:b4:81:1c:a1:f7:69:cc:c6:
e0:1e:0e:22:c1:d9:db:c7:0c:b1:1e:b5:91:3a:71:d1:6f:a6:
df:67:b1:b6:93:1c:8a:4a:71:9b:e9:16:35:b1:3e:29:d9:f8:
4d:a3:b0:71:d8:59:bd:f9:1f:9f:46:4d:06:e8:2a:cc:d2:ea:
29:eb:2f:c1:15:21:e7:a2:f5:c0:89:70:d2:fe:c8:4f:9d:2c:
f8:a0:54:8b:22:80:49:05:80:27:c9:bc:bb:e3:2c:4a:91:1a:
33:be:a8:72:99:d7:6e:b3:83:82:66:44:e6:cc:a3:c1:fb:2a:
6d:29:3a:53:8c:26:45:19:46:77:de:54:2c:bd:9d:af:0b:f0:
c1:f7:3f:83:4a:b1:00:f7:bf:8d:ac:87:4e:32:e1:bc:9e:d4:
a9:db:c0:67:ed:26:62:61:4c:0c:cd:b0:b5:6a:e3:1a:ed:e9:
7f:40:d9:74:59:c2:dd:53:7c:ca:c7:e4:01:fb:07:99:12:ed:
85:4c:2a:34:b1:99:af:39:d7:04:84:42:8a:75:3b:41:f3:f4:
cf:89:22:e3:b5:75:56:1b:4d:2c:a3:69:2c:88:8c:7b:4d:a3:
60:31:4a:8a:d4:f6:49:9f:12:ea:02:ba:29:49:1d:60:01:a8:
8e:00:8c:11
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQkRW1pk3b3WBuYfVUGBVeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTZhYTBlMjE1NThjOTJhNDg2NTQyNDRlMDU5NjFhMWZj
ZmEwZjIwHhcNMjUwMTAxMjM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzhiZWE0NTk5YjdjNjYzNzZjZTc2Njk4MDgzZGQyYjg1MDJmZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyko7nCUpapUG3j9Yxn6iBLyY/V1z
kazHg2SWmAu/JBB4ZQG8yafpHehO22kAnRfVws6+HHMLoGAJTgQbAZVlhKpNCEsn
u1ikUlykjqQZI9U0MfUC2wjpe1MtzTmhn1p8bL8em7ZGLN/2fLicXYVBUy54rS2n
IxlahI04UtlsMJxojnrEfb/8+O29YJJtsglwnE8LoyIOhbx1/Qy/oQOVtmLNebFp
D33GnPGm09rUY2TakDRJNQejOv9QjGJDw/U+GCV4PpnQCQlGUzc2T/f1DeTz1K5O
Ep0yFm8SguMw6YkRrxzGMalmAOCLY4VYZzu5DYgxHst6yXPUc752j8VRMQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGOL6kWZt8Zjds52aYCD3SuFAv4hMB8GA1UdIwQY
MBaAFM5Wqg4hVYySpIZUJE4Flhofz6DyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjIt
NTRmYTMwODY0YzIxLzEvWTR2cVJabTN4bU4yem5acGdJUGRLNFVDX2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjItNTRmYTMwODY0YzIx
LzEvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAieAwDQYJ
KoZIhvcNAQELBQADggEBAIZ29/Khr+/LcWW0gRyh92nMxuAeDiLB2dvHDLEetZE6
cdFvpt9nsbaTHIpKcZvpFjWxPinZ+E2jsHHYWb35H59GTQboKszS6inrL8EVIeei
9cCJcNL+yE+dLPigVIsigEkFgCfJvLvjLEqRGjO+qHKZ126zg4JmRObMo8H7Km0p
OlOMJkUZRnfeVCy9na8L8MH3P4NKsQD3v42sh04y4bye1KnbwGftJmJhTAzNsLVq
4xrt6X9A2XRZwt1TfMrH5AH7B5kS7YVMKjSxma851wSEQop1O0Hz9M+JIuO1dVYb
TSyjaSyIjHtNo2AxSorU9kmfEuoCuilJHWABqI4AjBE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:59:23 2025 by rpki-client