Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YfLZjh7VeUjI2XuaauM_wymoTVU.roa
File: YfLZjh7VeUjI2XuaauM_wymoTVU.roa (raw, json)
Hash identifier: 1q9xYp/Uv1rov+lkIHhiXoQNCaXc6isfdSd+3G9JIxQ=
Subject key identifier: 61:F2:D9:8E:1E:D5:79:48:C8:D9:7B:9A:6A:E3:3F:C3:29:A8:4D:55
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01916B1FF8249534D60E4DB96BF8B1E63DF2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YfLZjh7VeUjI2XuaauM_wymoTVU.roa
Signing time: Mon 19 Aug 2024 14:52:22 +0000
ROA not before: Mon 19 Aug 2024 14:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 09:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:1f:f8:24:95:34:d6:0e:4d:b9:6b:f8:b1:e6:3d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 19 14:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f2d98e1ed57948c8d97b9a6ae33fc329a84d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:24:10:3c:d7:0c:e8:09:76:d2:8d:42:8f:2e:
46:de:97:0a:65:64:12:c2:c3:8a:d4:ef:1c:44:e6:
c7:8e:43:f0:ec:fd:51:bf:6f:ec:f6:ca:24:cd:15:
ea:54:4b:07:18:49:64:fc:69:b7:8d:54:b5:c1:8f:
4b:88:92:57:37:e5:b4:1d:1f:cd:cc:57:17:f7:d3:
66:3d:f3:14:bb:a1:da:0e:e0:e5:fa:a7:63:03:91:
78:e3:2b:3a:4d:2e:46:fb:5f:6a:68:28:9d:1d:82:
78:af:4e:71:33:05:b8:5a:cf:a0:eb:d6:36:9c:ac:
f0:3e:bc:94:24:07:a0:95:d3:88:b4:5f:72:73:f1:
73:85:a7:7d:51:d3:df:25:b4:ba:b1:eb:f6:04:be:
5b:e1:56:3c:23:02:f6:8a:3b:8d:dc:dc:43:e8:23:
d6:a8:1e:f1:43:14:e9:26:d1:60:2b:2e:9c:06:bd:
f8:bd:fb:1b:d7:82:d3:9d:59:81:7c:96:23:f9:f4:
a1:81:0b:b4:10:b8:35:d0:4d:7b:35:84:c5:32:45:
f5:07:7d:c4:d6:ba:a0:53:48:0d:aa:6e:a6:9c:8b:
fd:45:9a:88:96:bb:07:03:c2:39:c7:3d:41:93:ea:
44:31:2f:4a:b2:a2:64:9c:a4:8e:d0:d5:51:9c:fb:
3a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F2:D9:8E:1E:D5:79:48:C8:D9:7B:9A:6A:E3:3F:C3:29:A8:4D:55
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YfLZjh7VeUjI2XuaauM_wymoTVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
80:27:6c:e5:37:16:57:21:d7:05:cf:75:4b:10:45:45:a2:45:
f4:5f:6d:f5:76:d6:26:44:19:9f:32:c3:4f:e4:a1:1b:88:ac:
a3:76:d8:e2:ae:46:db:73:44:ca:b0:28:bc:7f:86:0d:d6:f5:
45:7a:fa:f1:b1:60:9a:fa:16:ce:bb:17:90:a7:d9:b1:4e:3b:
62:85:1d:cc:5f:ca:38:90:e0:5c:26:e9:76:a2:1b:47:1f:e4:
9e:87:27:99:31:91:63:55:23:cf:54:50:b0:aa:ad:49:c2:f3:
71:39:a4:96:25:e1:82:70:55:74:80:66:c1:f3:52:47:9a:11:
02:dc:cf:de:56:61:f8:5d:67:79:40:e4:1f:65:ff:88:a8:52:
4f:99:f2:2c:89:10:be:ba:26:de:a9:94:32:05:97:5c:42:c3:
66:e7:38:4c:b0:04:35:2a:b0:50:26:77:83:44:7b:41:65:a7:
1f:40:39:f3:4a:d6:ed:27:33:36:c2:6d:f0:07:10:b3:c3:05:
d9:36:f8:02:3a:09:af:a1:42:cd:59:ce:12:f4:e4:1c:5a:35:
98:77:1c:fc:fe:38:2d:df:ec:4d:a7:19:5f:26:e1:09:b9:0d:
d0:43:9a:4d:63:1a:39:de:f3:04:a9:83:ee:64:47:44:68:56:
2b:0f:80:5c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZFrH/gklTTWDk25a/ix5j3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODE5MTQ1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYyZDk4ZTFlZDU3OTQ4YzhkOTdiOWE2YWUzM2ZjMzI5YTg0ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CQQPNcM6Al20o1Cjy5G3pcKZWQS
wsOK1O8cRObHjkPw7P1Rv2/s9sokzRXqVEsHGElk/Gm3jVS1wY9LiJJXN+W0HR/N
zFcX99NmPfMUu6HaDuDl+qdjA5F44ys6TS5G+19qaCidHYJ4r05xMwW4Ws+g69Y2
nKzwPryUJAegldOItF9yc/Fzhad9UdPfJbS6sev2BL5b4VY8IwL2ijuN3NxD6CPW
qB7xQxTpJtFgKy6cBr34vfsb14LTnVmBfJYj+fShgQu0ELg10E17NYTFMkX1B33E
1rqgU0gNqm6mnIv9RZqIlrsHA8I5xz1Bk+pEMS9KsqJknKSO0NVRnPs6UQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFGHy2Y4e1XlIyNl7mmrjP8MpqE1VMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWWZMWmpoN1ZlVWpJMlh1YWF1TV93eW1vVFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAFS
mLADBAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1ZEwDAMEAlnVlAMEBVnVgAMEAFnVpwME
AlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJtsMwDBAG5
MX4DBATCaVADBAHUJlgDBADV2tMDBADZkUIDBAPZkUgwDQYJKoZIhvcNAQELBQAD
ggEBAIAnbOU3Flch1wXPdUsQRUWiRfRfbfV21iZEGZ8yw0/koRuIrKN22OKuRttz
RMqwKLx/hg3W9UV6+vGxYJr6Fs67F5Cn2bFOO2KFHcxfyjiQ4Fwm6XaiG0cf5J6H
J5kxkWNVI89UULCqrUnC83E5pJYl4YJwVXSAZsHzUkeaEQLcz95WYfhdZ3lA5B9l
/4ioUk+Z8iyJEL66Jt6plDIFl1xCw2bnOEywBDUqsFAmd4NEe0Flpx9AOfNK1u0n
MzbCbfAHELPDBdk2+AI6Ca+hQs1ZzhL05BxaNZh3HPz+OC3f7E2nGV8m4Qm5DdBD
mk1jGjne8wSpg+5kR0RoVisPgFw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:53 2025 by rpki-client