Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/1422fa-e82b-4c0b-b23b-d8475f18464e/1/YqTBPGWE7my6xrFdjlnMwjx73W0.roa
File: YqTBPGWE7my6xrFdjlnMwjx73W0.roa (raw, json)
Hash identifier: ygDwnIulQTCmyOpgymHy96hM3BYjEAYfoRqgJxbjz+g=
Subject key identifier: 62:A4:C1:3C:65:84:EE:6C:BA:C6:B1:5D:8E:59:CC:C2:3C:7B:DD:6D
Certificate issuer: /CN=0e117a3e0d0d05d4b0ab823080e7bf6cfd4b3776
Certificate serial: 019206148813A408B8387BBC265A05366365
Authority key identifier: 0E:11:7A:3E:0D:0D:05:D4:B0:AB:82:30:80:E7:BF:6C:FD:4B:37:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DhF6Pg0NBdSwq4IwgOe_bP1LN3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/1422fa-e82b-4c0b-b23b-d8475f18464e/1/YqTBPGWE7my6xrFdjlnMwjx73W0.roa
Signing time: Wed 18 Sep 2024 17:01:01 +0000
ROA not before: Wed 18 Sep 2024 17:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44482
IP address blocks: 91.199.138.0/24 maxlen: 24
91.225.92.0/22 maxlen: 22
194.28.52.0/22 maxlen: 22
195.238.116.0/24 maxlen: 24
195.238.117.0/24 maxlen: 24
195.238.118.0/24 maxlen: 24
195.238.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:06:14:88:13:a4:08:b8:38:7b:bc:26:5a:05:36:63:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e117a3e0d0d05d4b0ab823080e7bf6cfd4b3776
Validity
Not Before: Sep 18 17:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62a4c13c6584ee6cbac6b15d8e59ccc23c7bdd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:37:14:3b:a7:19:9e:f5:1f:b2:1b:8d:2d:
df:21:c7:d0:14:bf:87:2f:1a:21:20:72:0e:8d:86:
06:8c:71:c0:f3:b0:ba:47:d2:1b:90:e6:3c:cd:12:
52:56:c4:fa:e8:e5:0c:02:b6:97:ec:14:6b:ac:b8:
7f:7b:8c:9e:c4:68:d0:94:4c:58:34:7d:13:c8:69:
3b:7d:82:85:87:eb:24:63:09:ce:06:f6:dc:aa:0d:
20:94:9c:81:10:e8:08:01:3e:87:c1:49:b3:1d:61:
f3:91:18:cc:97:a2:cf:62:80:f7:aa:39:05:75:2f:
0a:7b:cb:ba:6d:ef:1a:3d:a9:f3:b8:c1:d5:17:2b:
ef:71:8f:db:75:72:25:1d:05:5d:90:d1:e1:f7:15:
cf:35:26:c6:48:96:06:42:89:b7:db:40:5e:35:15:
dc:78:8d:0c:d5:81:e1:29:4f:b5:a5:0c:b5:1f:b9:
5c:b2:53:31:7a:49:0b:ec:21:eb:31:d3:d1:16:40:
83:7f:22:c7:0a:32:5d:92:5f:33:29:da:19:21:80:
ac:93:f3:a2:07:01:82:b8:c6:1f:40:0c:bc:e5:24:
3d:15:4a:87:92:69:32:75:0d:52:90:cd:94:08:cd:
7f:84:c5:b1:df:f5:6f:8c:8b:e9:72:c3:af:4b:42:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A4:C1:3C:65:84:EE:6C:BA:C6:B1:5D:8E:59:CC:C2:3C:7B:DD:6D
X509v3 Authority Key Identifier:
keyid:0E:11:7A:3E:0D:0D:05:D4:B0:AB:82:30:80:E7:BF:6C:FD:4B:37:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DhF6Pg0NBdSwq4IwgOe_bP1LN3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/1422fa-e82b-4c0b-b23b-d8475f18464e/1/YqTBPGWE7my6xrFdjlnMwjx73W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/1422fa-e82b-4c0b-b23b-d8475f18464e/1/DhF6Pg0NBdSwq4IwgOe_bP1LN3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.138.0/24
91.225.92.0/22
194.28.52.0/22
195.238.116.0/22
Signature Algorithm: sha256WithRSAEncryption
26:24:9e:ef:2a:d7:c0:66:2e:94:14:29:0a:f2:16:03:0e:5e:
03:f1:ca:95:66:f6:a8:bf:7b:84:f3:7e:7d:26:d7:10:90:00:
31:91:32:fb:55:1f:1c:d0:c3:12:93:9e:58:2c:5c:18:33:bd:
65:a7:16:47:57:b3:4d:12:7c:30:3d:c5:49:6e:00:16:2a:32:
b0:9c:af:8f:ee:d3:76:30:5c:85:23:1c:09:ab:53:e8:9e:b0:
df:63:a9:63:11:e2:d0:41:46:9a:4b:13:af:36:00:74:91:9e:
f8:3d:33:25:e2:12:94:0d:59:70:47:15:b5:ff:74:8f:94:a6:
59:7d:c2:b9:4c:20:ef:e1:17:d8:b6:7b:a7:db:39:62:7d:be:
d5:df:29:3e:dc:1b:fe:19:6a:ff:fa:0a:4c:b4:f6:08:9b:e2:
be:70:b9:f3:b2:2c:8b:02:5c:83:41:48:48:ed:3a:e7:a2:01:
7f:04:17:c1:5d:3b:c1:d5:7f:e0:7a:43:94:8e:f0:d2:a9:36:
2a:32:0d:9d:e2:22:80:58:03:e4:12:82:da:d2:cf:67:1e:5a:
95:2c:2d:2b:fb:e3:76:f9:87:c4:ec:64:7b:38:7c:87:3a:60:
d4:9a:c1:f2:6b:ac:04:b4:9d:91:7e:67:14:e8:b4:88:3b:ab:
e5:b4:3e:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIGFIgTpAi4OHu8JloFNmNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMTE3YTNlMGQwZDA1ZDRiMGFiODIzMDgwZTdiZjZjZmQ0
YjM3NzYwHhcNMjQwOTE4MTcwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmE0YzEzYzY1ODRlZTZjYmFjNmIxNWQ4ZTU5Y2NjMjNjN2JkZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmss3FDunGZ71H7IbjS3fIcfQFL+H
LxohIHIOjYYGjHHA87C6R9IbkOY8zRJSVsT66OUMAraX7BRrrLh/e4yexGjQlExY
NH0TyGk7fYKFh+skYwnOBvbcqg0glJyBEOgIAT6HwUmzHWHzkRjMl6LPYoD3qjkF
dS8Ke8u6be8aPanzuMHVFyvvcY/bdXIlHQVdkNHh9xXPNSbGSJYGQom320BeNRXc
eI0M1YHhKU+1pQy1H7lcslMxekkL7CHrMdPRFkCDfyLHCjJdkl8zKdoZIYCsk/Oi
BwGCuMYfQAy85SQ9FUqHkmkydQ1SkM2UCM1/hMWx3/VvjIvpcsOvS0IrbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGKkwTxlhO5susaxXY5ZzMI8e91tMB8GA1UdIwQY
MBaAFA4Rej4NDQXUsKuCMIDnv2z9Szd2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGhGNlBnME5CZFN3cTRJd2dPZV9iUDFMTjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xNDIyZmEtZTgyYi00YzBiLWIyM2It
ZDg0NzVmMTg0NjRlLzEvWXFUQlBHV0U3bXk2eHJGZGpsbk13ang3M1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xNDIyZmEtZTgyYi00YzBiLWIyM2ItZDg0NzVmMTg0NjRl
LzEvRGhGNlBnME5CZFN3cTRJd2dPZV9iUDFMTjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8eKAwQC
W+FcAwQCwhw0AwQCw+50MA0GCSqGSIb3DQEBCwUAA4IBAQAmJJ7vKtfAZi6UFCkK
8hYDDl4D8cqVZvaov3uE8359JtcQkAAxkTL7VR8c0MMSk55YLFwYM71lpxZHV7NN
EnwwPcVJbgAWKjKwnK+P7tN2MFyFIxwJq1PonrDfY6ljEeLQQUaaSxOvNgB0kZ74
PTMl4hKUDVlwRxW1/3SPlKZZfcK5TCDv4RfYtnun2zlifb7V3yk+3Bv+GWr/+gpM
tPYIm+K+cLnzsiyLAlyDQUhI7TrnogF/BBfBXTvB1X/gekOUjvDSqTYqMg2d4iKA
WAPkEoLa0s9nHlqVLC0r++N2+YfE7GR7OHyHOmDUmsHya6wEtJ2RfmcU6LSIO6vl
tD5y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:13 2025 by rpki-client