Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YRT4qg3l9ohO0buY1zCBksG9KhU.roa
File: YRT4qg3l9ohO0buY1zCBksG9KhU.roa (raw, json)
Hash identifier: A2dTYlDh3zQsHQPSKyT8QJPx2IIu8ZOOiomFLeOJO+s=
Subject key identifier: 61:14:F8:AA:0D:E5:F6:88:4E:D1:BB:98:D7:30:81:92:C1:BD:2A:15
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194ADC3547EEC233F0A258EB725BCEA8F93
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YRT4qg3l9ohO0buY1zCBksG9KhU.roa
Signing time: Tue 28 Jan 2025 16:34:06 +0000
ROA not before: Tue 28 Jan 2025 16:34:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 80.240.86.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 11:54:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:c3:54:7e:ec:23:3f:0a:25:8e:b7:25:bc:ea:8f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 28 16:34:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6114f8aa0de5f6884ed1bb98d7308192c1bd2a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:e0:5b:99:72:8a:ff:c6:bb:ff:61:69:d1:
51:12:88:48:68:ad:e2:05:8f:db:56:0c:fc:ca:03:
fc:cc:7c:5d:87:b4:8c:be:9c:d0:58:b1:04:c5:82:
16:1b:4d:8c:f6:32:16:5e:d3:59:d6:23:03:02:47:
48:4a:17:3f:ed:b4:72:15:d2:32:79:ad:48:2c:fa:
f2:32:d5:74:d2:69:00:40:e9:5d:9f:53:96:00:06:
d7:4d:a2:1c:c6:e0:89:4f:86:62:ee:a3:23:27:ea:
c9:93:4c:a5:00:39:7a:66:94:99:64:e3:55:aa:50:
62:ac:58:6c:10:ee:0f:f4:fb:12:a5:c7:af:b1:ee:
82:29:e6:dd:24:41:56:28:18:5d:b3:c9:61:1e:b7:
63:a3:0c:3b:8d:67:0b:21:12:b8:86:51:7d:85:5f:
3a:d6:ff:23:15:17:4a:bb:61:a2:47:c4:7c:36:99:
bd:50:f1:b7:da:02:4a:5b:f0:30:04:54:35:cc:ad:
d6:ed:49:26:96:0e:4a:a6:b1:2a:0d:5b:15:b2:65:
c1:0b:5d:ce:eb:2a:2b:78:91:a9:18:7b:30:ef:32:
80:49:e0:c8:44:68:e3:af:69:db:e6:13:19:05:68:
d8:8b:f3:3a:9e:6c:2d:16:77:7a:63:79:8b:46:2c:
3f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:14:F8:AA:0D:E5:F6:88:4E:D1:BB:98:D7:30:81:92:C1:BD:2A:15
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YRT4qg3l9ohO0buY1zCBksG9KhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
109.176.193.0/24
Signature Algorithm: sha256WithRSAEncryption
89:4a:f1:dd:7f:f3:a5:70:0b:8e:57:1e:40:4e:26:49:f8:96:
89:18:eb:16:1e:b5:b4:44:ae:9c:fa:09:34:70:54:80:1b:68:
ee:9b:fe:89:49:30:23:56:07:23:08:69:df:67:cd:19:72:4f:
06:2a:c7:d7:40:4f:a2:7d:83:1f:5f:e6:0c:e6:25:3e:48:1f:
81:e0:52:b5:7d:21:ba:6b:95:4f:e5:f0:b9:8d:a6:a8:65:60:
25:a3:a1:4b:3d:f1:4a:59:fc:f9:38:eb:49:65:fa:4c:c5:93:
20:7c:85:0a:82:db:8c:8e:23:11:5e:e4:92:3d:c1:1c:68:33:
4b:25:e8:11:e2:d9:9d:26:9d:2e:9c:d1:93:73:e4:f3:9b:88:
b7:db:65:13:1b:f3:66:02:aa:79:71:1a:e5:18:de:01:b1:53:
d8:d6:7c:fc:6a:46:ce:18:fa:5e:84:5f:1c:6b:3f:4b:3e:08:
03:ad:17:f7:a9:f2:db:6c:4a:5b:2e:a1:85:75:73:60:19:f0:
41:dc:02:f8:8b:cf:d6:46:de:5c:f4:02:d0:05:b5:85:9f:9e:
63:1a:a8:92:34:16:77:49:e2:fb:70:82:57:73:86:8e:45:9c:
d5:4e:64:99:64:03:72:94:d0:40:46:88:31:43:ab:a8:ae:0f:
1e:a9:64:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZStw1R+7CM/CiWOtyW86o+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTI4MTYzNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTE0ZjhhYTBkZTVmNjg4NGVkMWJiOThkNzMwODE5MmMxYmQyYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo3gW5lyiv/Gu/9hadFREohIaK3i
BY/bVgz8ygP8zHxdh7SMvpzQWLEExYIWG02M9jIWXtNZ1iMDAkdIShc/7bRyFdIy
ea1ILPryMtV00mkAQOldn1OWAAbXTaIcxuCJT4Zi7qMjJ+rJk0ylADl6ZpSZZONV
qlBirFhsEO4P9PsSpcevse6CKebdJEFWKBhds8lhHrdjoww7jWcLIRK4hlF9hV86
1v8jFRdKu2GiR8R8Npm9UPG32gJKW/AwBFQ1zK3W7Ukmlg5KprEqDVsVsmXBC13O
6yoreJGpGHsw7zKASeDIRGjjr2nb5hMZBWjYi/M6nmwtFnd6Y3mLRiw/0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEU+KoN5faITtG7mNcwgZLBvSoVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWVJUNHFnM2w5b2hPMGJ1WTF6Q0Jrc0c5S2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPBWAwQA
bbDBMA0GCSqGSIb3DQEBCwUAA4IBAQCJSvHdf/OlcAuOVx5ATiZJ+JaJGOsWHrW0
RK6c+gk0cFSAG2jum/6JSTAjVgcjCGnfZ80Zck8GKsfXQE+ifYMfX+YM5iU+SB+B
4FK1fSG6a5VP5fC5jaaoZWAlo6FLPfFKWfz5OOtJZfpMxZMgfIUKgtuMjiMRXuSS
PcEcaDNLJegR4tmdJp0unNGTc+Tzm4i322UTG/NmAqp5cRrlGN4BsVPY1nz8akbO
GPpehF8caz9LPggDrRf3qfLbbEpbLqGFdXNgGfBB3AL4i8/WRt5c9ALQBbWFn55j
GqiSNBZ3SeL7cIJXc4aORZzVTmSZZANylNBARogxQ6uorg8eqWS2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:29 2025 by rpki-client