Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YvFrwY8IZk5s8x69CbQ7lCExhDs.roa
File: YvFrwY8IZk5s8x69CbQ7lCExhDs.roa (raw, json)
Hash identifier: NEIqXqd3cmuKVYCbaHdR1F3dOub9BLhaZjlLqh6O/54=
Subject key identifier: 62:F1:6B:C1:8F:08:66:4E:6C:F3:1E:BD:09:B4:3B:94:21:31:84:3B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D63E3E6B00BB8150B93F516D41D0FC28B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YvFrwY8IZk5s8x69CbQ7lCExhDs.roa
Signing time: Thu 01 Feb 2024 08:58:16 +0000
ROA not before: Thu 01 Feb 2024 08:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203758
IP address blocks: 82.153.70.0/24 maxlen: 24
109.176.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 08:43:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:e3:e6:b0:0b:b8:15:0b:93:f5:16:d4:1d:0f:c2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 1 08:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62f16bc18f08664e6cf31ebd09b43b942131843b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:87:b6:d0:b0:e0:06:28:76:a6:48:b8:ab:
76:6a:4d:3b:0c:b5:03:42:e4:74:9c:44:ee:24:1d:
8c:9c:60:e3:9a:52:1d:d2:79:b2:c6:81:4e:5f:39:
f8:42:a6:d5:a0:68:81:e0:df:8f:cc:5f:c0:11:2c:
eb:f8:46:2a:7a:ac:f1:f5:87:05:f9:0d:0b:11:12:
3a:fd:e6:a8:f3:69:a9:59:2e:61:08:33:34:9c:dc:
dd:dc:83:5b:cb:0f:24:be:76:b6:17:b8:28:ff:cb:
70:d0:42:b2:62:51:de:c2:8a:43:8d:38:cf:5d:bb:
8f:28:8e:42:1e:eb:d8:b2:86:b9:ce:f5:19:25:0c:
51:35:10:3a:66:22:25:07:4f:b9:e7:46:b9:cb:f5:
d9:3a:e4:f9:55:bb:71:27:47:13:cc:4b:9f:e9:a4:
c4:e0:d2:1e:5a:2e:c9:6a:c9:b1:c1:3f:a5:0e:45:
9f:cb:b4:8b:92:cb:a8:25:15:53:80:0b:c7:76:b7:
15:cd:b1:f7:d5:5f:1d:2d:31:17:dd:2e:3e:ce:75:
c0:90:c1:2d:21:ab:55:13:5f:a9:48:ce:1e:a1:a1:
0a:a4:b3:17:ad:a5:c4:5c:b7:e3:1b:2f:45:ba:2d:
9a:f7:68:5c:f3:5c:05:18:ae:db:d5:70:82:00:f5:
e5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F1:6B:C1:8F:08:66:4E:6C:F3:1E:BD:09:B4:3B:94:21:31:84:3B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YvFrwY8IZk5s8x69CbQ7lCExhDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.70.0/24
109.176.252.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d4:78:2f:81:a7:a5:f6:de:3c:6f:66:33:55:4e:4d:6b:18:
c4:bb:bc:2a:f3:5b:ba:8f:87:c9:6d:5d:8c:67:95:3f:ea:4d:
7c:f6:47:50:01:09:ec:33:20:8e:de:e5:06:2a:f4:45:c4:a9:
c2:e7:67:ff:c1:ad:a0:9a:b2:f2:aa:6c:3e:96:27:1e:68:b1:
0f:a1:ef:64:a1:a8:7d:2f:44:4d:a6:1c:79:d5:02:97:21:4c:
ed:68:91:74:34:c5:21:3a:0d:d6:e7:45:6c:77:dc:c5:9f:ca:
ae:a3:b0:1f:3f:09:ce:82:80:6d:c1:32:73:1d:45:93:fb:0f:
07:ad:0c:37:36:4a:31:3d:6b:02:d0:6c:d1:39:f0:82:26:4d:
aa:91:9c:d6:50:77:65:b9:f6:04:b1:43:b6:97:34:95:4b:b3:
ca:ba:09:d9:b7:66:08:f1:45:e9:7e:f7:4b:dd:d8:bc:53:38:
35:a2:0d:02:d3:4e:4f:08:8f:c6:16:bb:3f:83:84:19:2c:08:
1e:7b:39:82:b2:e5:b7:af:9c:e6:d1:26:a6:67:12:6d:01:d7:
9d:0d:d1:ff:fc:92:80:60:2a:f2:c4:ab:16:cf:15:27:72:28:
81:c1:f1:7b:c7:a0:9c:47:91:04:41:60:74:c9:51:f2:b9:7a:
a0:83:3d:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1j4+awC7gVC5P1FtQdD8KLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjAxMDg1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYxNmJjMThmMDg2NjRlNmNmMzFlYmQwOWI0M2I5NDIxMzE4NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVqHttCw4AYodqZIuKt2ak07DLUD
QuR0nETuJB2MnGDjmlId0nmyxoFOXzn4QqbVoGiB4N+PzF/AESzr+EYqeqzx9YcF
+Q0LERI6/eao82mpWS5hCDM0nNzd3INbyw8kvna2F7go/8tw0EKyYlHewopDjTjP
XbuPKI5CHuvYsoa5zvUZJQxRNRA6ZiIlB0+550a5y/XZOuT5VbtxJ0cTzEuf6aTE
4NIeWi7JasmxwT+lDkWfy7SLksuoJRVTgAvHdrcVzbH31V8dLTEX3S4+znXAkMEt
IatVE1+pSM4eoaEKpLMXraXEXLfjGy9Fui2a92hc81wFGK7b1XCCAPXlWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGLxa8GPCGZObPMevQm0O5QhMYQ7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWXZGcndZOElaazVzOHg2OUNiUTdsQ0V4aERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplGAwQA
bbD8MA0GCSqGSIb3DQEBCwUAA4IBAQAy1Hgvgael9t48b2YzVU5NaxjEu7wq81u6
j4fJbV2MZ5U/6k189kdQAQnsMyCO3uUGKvRFxKnC52f/wa2gmrLyqmw+liceaLEP
oe9koah9L0RNphx51QKXIUztaJF0NMUhOg3W50Vsd9zFn8quo7AfPwnOgoBtwTJz
HUWT+w8HrQw3NkoxPWsC0GzROfCCJk2qkZzWUHdlufYEsUO2lzSVS7PKugnZt2YI
8UXpfvdL3di8Uzg1og0C005PCI/GFrs/g4QZLAgeezmCsuW3r5zm0SamZxJtAded
DdH//JKAYCryxKsWzxUnciiBwfF7x6CcR5EEQWB0yVHyuXqggz3b
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:38 2025 by rpki-client