Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/1-YREF94QmMW_M6JolbcBG-HWe-s.roa
File: 1-YREF94QmMW_M6JolbcBG-HWe-s.roa (raw, json)
Hash identifier: 938CmReoihnHJeIsQxcgesd9caTwo8ryh+IsxEtuYDo=
Subject key identifier: F9:84:44:17:DE:10:98:C5:BF:33:A2:68:95:B7:01:1B:E1:D6:7B:EB
Certificate issuer: /CN=24b086f4824266384e078cf777375f21bd370b70
Certificate serial: 018D3FB744B8A4B7566D015740FCC47C1674
Authority key identifier: 24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/1-YREF94QmMW_M6JolbcBG-HWe-s.roa
Signing time: Thu 25 Jan 2024 08:23:11 +0000
ROA not before: Thu 25 Jan 2024 08:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62382
IP address blocks: 80.72.216.0/21 maxlen: 21
80.72.216.0/24 maxlen: 24
80.72.217.0/24 maxlen: 24
80.72.218.0/24 maxlen: 24
80.72.219.0/24 maxlen: 24
80.72.220.0/24 maxlen: 24
80.72.221.0/24 maxlen: 24
80.72.222.0/24 maxlen: 24
185.37.188.0/22 maxlen: 22
185.37.188.0/24 maxlen: 24
185.37.189.0/24 maxlen: 24
185.37.191.0/24 maxlen: 24
193.143.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 07:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:b7:44:b8:a4:b7:56:6d:01:57:40:fc:c4:7c:16:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b086f4824266384e078cf777375f21bd370b70
Validity
Not Before: Jan 25 08:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9844417de1098c5bf33a26895b7011be1d67beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:7e:42:da:6d:65:0e:db:ff:43:f1:52:d5:
96:84:7e:ed:2b:88:88:f8:45:49:2a:2b:67:0a:e4:
f3:e4:35:45:ef:44:6c:42:91:86:83:00:87:89:28:
b4:98:a6:1c:71:fe:17:b8:a0:94:79:f9:dd:eb:64:
e1:77:98:3e:91:d8:75:44:3b:3d:db:8a:9b:5f:7f:
a0:fa:d5:c9:00:85:8a:20:05:74:9b:8b:22:a1:15:
4e:e5:08:c3:37:07:14:26:71:f2:f1:68:33:20:17:
e0:db:e2:41:bd:d7:87:3b:a5:1a:5d:20:cf:7d:1e:
8e:02:0e:c0:49:ca:cc:55:cc:1a:0f:d7:3a:26:36:
38:34:6a:45:ab:5a:70:89:b7:db:09:d4:40:7a:fb:
1d:8d:e0:39:22:f0:ee:21:d0:8e:3f:7a:8b:08:0a:
0f:dc:0e:dd:5f:55:ed:0f:63:81:a0:13:4a:d4:fb:
bd:6f:19:dd:b8:d4:4a:85:ac:f4:bf:a2:28:85:a9:
12:5f:4c:be:a1:c0:cf:f8:9a:96:44:d3:ef:4b:9d:
6e:4d:af:50:cb:ed:bb:93:08:b7:03:cd:d9:d4:9f:
a6:66:44:71:75:51:f9:3a:ed:cc:8a:7a:69:ae:18:
28:1b:f7:b4:6b:1f:58:0d:73:6b:e4:67:80:27:24:
ba:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:84:44:17:DE:10:98:C5:BF:33:A2:68:95:B7:01:1B:E1:D6:7B:EB
X509v3 Authority Key Identifier:
keyid:24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/1-YREF94QmMW_M6JolbcBG-HWe-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.216.0/21
185.37.188.0/22
193.143.96.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:4c:2a:03:48:ae:fd:4a:53:1b:df:f5:e4:4a:f1:40:6b:eb:
8a:41:64:46:0d:7f:21:4b:97:2e:4a:82:c0:73:82:cb:86:c1:
25:c9:63:14:2f:34:e5:ca:de:ed:0e:a2:f5:4a:45:ed:71:ec:
bc:e3:41:cb:2a:3e:f5:08:ec:d8:e8:ff:6c:2e:2e:ca:1c:aa:
5e:fc:34:42:c5:f6:dd:37:90:a9:d4:9b:72:be:e6:90:48:74:
78:11:c6:8f:b5:7e:7f:e7:38:6b:a0:85:0d:1a:cd:a1:88:35:
97:86:50:14:de:06:01:18:c8:f1:23:f7:67:46:14:b4:60:89:
b5:31:c0:53:7a:c8:68:97:db:45:1f:00:cf:6a:e0:4d:57:39:
f1:1b:8d:c4:87:f8:4c:83:76:1a:59:a0:80:10:32:cb:7b:52:
93:4d:a7:8c:95:9c:21:c1:27:c8:a6:bc:f2:1d:8d:d9:16:d2:
72:c1:b4:b8:2e:25:50:4e:30:46:c7:42:80:24:be:10:35:a5:
52:c6:1d:58:f2:3f:a7:5b:6e:33:e6:38:30:5b:ae:81:f2:19:
1c:13:ce:7c:43:95:6f:75:fc:3a:d0:46:22:ec:55:a7:51:fb:
b1:e5:72:33:9c:1b:6c:db:30:13:10:1b:e0:25:08:a2:3f:ee:
c9:58:4d:88
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY0/t0S4pLdWbQFXQPzEfBZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjA4NmY0ODI0MjY2Mzg0ZTA3OGNmNzc3Mzc1ZjIxYmQz
NzBiNzAwHhcNMjQwMTI1MDgyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg0NDQxN2RlMTA5OGM1YmYzM2EyNjg5NWI3MDExYmUxZDY3YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJh+QtptZQ7b/0PxUtWWhH7tK4iI
+EVJKitnCuTz5DVF70RsQpGGgwCHiSi0mKYccf4XuKCUefnd62Thd5g+kdh1RDs9
24qbX3+g+tXJAIWKIAV0m4sioRVO5QjDNwcUJnHy8WgzIBfg2+JBvdeHO6UaXSDP
fR6OAg7AScrMVcwaD9c6JjY4NGpFq1pwibfbCdRAevsdjeA5IvDuIdCOP3qLCAoP
3A7dX1XtD2OBoBNK1Pu9bxnduNRKhaz0v6IohakSX0y+ocDP+JqWRNPvS51uTa9Q
y+27kwi3A83Z1J+mZkRxdVH5Ou3MinpprhgoG/e0ax9YDXNr5GeAJyS6UwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPmERBfeEJjFvzOiaJW3ARvh1nvrMB8GA1UdIwQY
MBaAFCSwhvSCQmY4TgeM93c3XyG9NwtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUt
ZGVjYjE4OGEwMDBkLzEvMS1ZUkVGOTRRbU1XX002Sm9sYmNCRy1IV2Utcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvZWUxMzhmLTVlNjMtNGNjNC04ZTc1LWRlY2IxODhhMDAw
ZC8xL0pMQ0c5SUpDWmpoT0I0ejNkemRmSWIwM0MzQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1BI2AME
ArklvAMEAMGPYDANBgkqhkiG9w0BAQsFAAOCAQEAf0wqA0iu/UpTG9/15ErxQGvr
ikFkRg1/IUuXLkqCwHOCy4bBJcljFC805cre7Q6i9UpF7XHsvONByyo+9Qjs2Oj/
bC4uyhyqXvw0QsX23TeQqdSbcr7mkEh0eBHGj7V+f+c4a6CFDRrNoYg1l4ZQFN4G
ARjI8SP3Z0YUtGCJtTHAU3rIaJfbRR8Az2rgTVc58RuNxIf4TIN2GlmggBAyy3tS
k02njJWcIcEnyKa88h2N2RbScsG0uC4lUE4wRsdCgCS+EDWlUsYdWPI/p1tuM+Y4
MFuugfIZHBPOfEOVb3X8OtBGIuxVp1H7seVyM5wbbNswExAb4CUIoj/uyVhNiA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:25 2025 by rpki-client