Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y2WADDLAHf66F1kPEzC3SDLM0GU.roa
File: Y2WADDLAHf66F1kPEzC3SDLM0GU.roa (raw, json)
Hash identifier: 9KxlB4ptYaZR7308dVLNm6Koq56OnauvgmHldYD8uT0=
Subject key identifier: 63:65:80:0C:32:C0:1D:FE:BA:17:59:0F:13:30:B7:48:32:CC:D0:65
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC34960D5F1C64124E22D017B13917E64
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y2WADDLAHf66F1kPEzC3SDLM0GU.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211061
IP address blocks: 185.49.127.0/24 maxlen: 24
185.49.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 12:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:60:d5:f1:c6:41:24:e2:2d:01:7b:13:91:7e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6365800c32c01dfeba17590f1330b74832ccd065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:28:56:a7:d4:66:c4:e1:15:d6:06:93:fc:5d:
f8:5e:40:c4:68:c4:3c:47:a8:e5:51:f1:51:86:66:
26:77:e8:2d:d6:70:7c:cb:72:cb:4d:9a:5a:a6:09:
cd:c7:b4:05:ae:54:0c:e6:20:3b:de:f9:ec:62:d6:
1a:6d:3d:37:86:e6:fb:3d:56:42:67:09:28:bd:5b:
81:b3:21:a5:ba:89:6a:08:cc:1f:79:ce:c3:2e:35:
eb:94:41:04:53:f7:8c:70:11:02:7e:e9:35:59:1a:
47:59:a7:dc:f2:80:bc:91:ab:f5:7d:5c:29:2e:39:
2d:2a:17:96:db:68:41:a9:22:4f:9d:dc:87:cf:49:
52:26:3e:c0:c9:1e:73:95:b6:5d:42:53:2a:c1:cc:
ef:58:25:42:38:fb:c3:df:91:1e:b8:f6:d1:1b:b5:
87:73:a1:c5:86:a1:73:cf:e8:e9:0a:91:27:8f:a2:
06:bd:30:c9:15:59:96:a9:26:de:a2:f0:ef:55:fd:
5c:11:30:86:e6:3a:aa:a8:3b:77:40:8e:eb:dc:40:
c7:25:7b:06:2d:da:86:ef:aa:4f:c0:5e:71:bc:b3:
eb:4e:f8:18:e8:10:5f:32:95:19:cb:5f:1f:6b:9a:
7f:2b:8c:4b:b0:97:bc:e6:bc:80:a3:76:a7:73:a9:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:65:80:0C:32:C0:1D:FE:BA:17:59:0F:13:30:B7:48:32:CC:D0:65
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y2WADDLAHf66F1kPEzC3SDLM0GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:53:73:53:52:0d:d8:27:f2:3c:62:42:cc:f3:2e:7c:c3:37:
bd:f5:0a:2f:f7:33:77:10:dd:f5:9e:63:28:da:7c:8a:87:42:
b2:3d:fc:8d:57:0b:19:36:73:d3:52:33:26:cf:ea:08:df:38:
b8:59:f3:e3:60:f8:4c:3c:5a:38:a9:e2:5e:9f:02:48:cd:11:
dd:6f:98:ec:87:14:bd:d8:a2:c0:68:d8:65:51:6c:ec:c2:95:
1c:7f:84:d7:df:6e:52:c6:86:bb:09:43:9a:2b:eb:e5:f5:0f:
76:8b:a7:91:31:64:57:2c:9a:60:11:e4:60:ca:01:92:ce:12:
3b:a4:57:7a:b7:76:39:82:76:e2:c4:f1:af:7f:59:a1:df:bd:
e0:0d:8f:3c:92:1c:d3:9e:e1:01:b4:e8:c0:ee:fa:af:3a:22:
99:87:7d:0f:8e:5a:f9:1d:f3:41:e6:90:b2:6f:aa:0c:ec:7c:
9f:34:65:38:a9:63:9e:7f:a2:cf:7f:fd:a7:95:78:b2:f5:b6:
fc:7b:de:29:96:dc:b8:44:87:c6:fb:aa:b3:5a:b2:3f:4e:0f:
8c:da:48:ff:a8:bb:39:be:78:92:5d:c8:14:ab:67:80:df:62:
26:83:b7:50:0b:54:49:39:91:c2:d2:0d:46:fb:d6:fd:92:4b:
f3:5b:bd:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWDV8cZBJOItAXsTkX5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY1ODAwYzMyYzAxZGZlYmExNzU5MGYxMzMwYjc0ODMyY2NkMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjihWp9RmxOEV1gaT/F34XkDEaMQ8
R6jlUfFRhmYmd+gt1nB8y3LLTZpapgnNx7QFrlQM5iA73vnsYtYabT03hub7PVZC
ZwkovVuBsyGluolqCMwfec7DLjXrlEEEU/eMcBECfuk1WRpHWafc8oC8kav1fVwp
LjktKheW22hBqSJPndyHz0lSJj7AyR5zlbZdQlMqwczvWCVCOPvD35EeuPbRG7WH
c6HFhqFzz+jpCpEnj6IGvTDJFVmWqSbeovDvVf1cETCG5jqqqDt3QI7r3EDHJXsG
LdqG76pPwF5xvLPrTvgY6BBfMpUZy18fa5p/K4xLsJe85ryAo3anc6lVVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNlgAwywB3+uhdZDxMwt0gyzNBlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWTJXQURETEFIZjY2RjFrUEV6QzNTRExNMEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTF+MA0G
CSqGSIb3DQEBCwUAA4IBAQChU3NTUg3YJ/I8YkLM8y58wze99Qov9zN3EN31nmMo
2nyKh0KyPfyNVwsZNnPTUjMmz+oI3zi4WfPjYPhMPFo4qeJenwJIzRHdb5jshxS9
2KLAaNhlUWzswpUcf4TX325Sxoa7CUOaK+vl9Q92i6eRMWRXLJpgEeRgygGSzhI7
pFd6t3Y5gnbixPGvf1mh373gDY88khzTnuEBtOjA7vqvOiKZh30Pjlr5HfNB5pCy
b6oM7HyfNGU4qWOef6LPf/2nlXiy9bb8e94plty4RIfG+6qzWrI/Tg+M2kj/qLs5
vniSXcgUq2eA32Img7dQC1RJOZHC0g1G+9b9kkvzW73S
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:13 2025 by rpki-client