Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yBaymk5ssAgNoohcZIB9VcKleOY.roa
File: yBaymk5ssAgNoohcZIB9VcKleOY.roa (raw, json)
Hash identifier: cHzA7SVt9bGZddOADMwlNh3F2T/F4zNTE6RGbnDlPHI=
Subject key identifier: C8:16:B2:9A:4E:6C:B0:08:0D:A2:88:5C:64:80:7D:55:C2:A5:78:E6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B3CC0F4C5AD565AB9D7C098AC6349EF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yBaymk5ssAgNoohcZIB9VcKleOY.roa
Signing time: Fri 06 Dec 2024 09:11:10 +0000
ROA not before: Fri 06 Dec 2024 09:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199707
IP address blocks: 77.93.157.0/24 maxlen: 24
79.99.78.0/24 maxlen: 24
89.28.239.0/24 maxlen: 24
109.176.19.0/24 maxlen: 24
213.210.4.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:3c:c0:f4:c5:ad:56:5a:b9:d7:c0:98:ac:63:49:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c816b29a4e6cb0080da2885c64807d55c2a578e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0f:d0:4a:59:c4:2f:68:62:ce:db:08:11:1f:
59:e4:f3:73:93:d9:9f:9c:81:07:3b:c6:35:68:12:
9e:8b:af:d0:5c:40:df:f8:af:0a:63:c4:dc:aa:81:
60:b9:cc:ed:f4:f7:79:7b:16:9e:4f:1e:6c:82:0a:
84:f8:7e:d5:f2:85:70:b7:7d:42:56:fe:18:ec:a5:
63:9f:4d:ae:e1:22:87:94:84:33:0d:13:a8:6d:3d:
17:bb:24:1d:29:01:47:dd:06:88:3b:12:2d:c0:54:
86:b8:58:90:a5:60:2e:35:a4:9a:f4:76:e9:16:cb:
68:e4:c6:36:6e:c9:17:df:ff:c6:c5:59:99:92:83:
36:09:cf:c5:35:cd:c8:01:28:ee:30:72:9f:8c:b4:
48:b6:19:7d:55:22:d4:88:68:8c:8f:a4:d1:20:69:
d2:03:d1:79:c5:98:32:df:22:68:ff:2a:2d:da:4b:
84:af:fb:6d:0e:7c:27:4f:1e:ac:30:23:f7:0b:cd:
b6:31:1f:bd:96:51:f6:46:25:e4:a6:b7:eb:03:01:
09:16:08:83:db:8b:f0:14:68:19:58:92:b3:88:45:
4c:2d:61:8d:6b:d9:5e:86:44:09:8b:90:c8:a3:e5:
fe:74:b7:aa:de:41:bd:05:fc:0d:64:dc:26:24:4f:
ad:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:16:B2:9A:4E:6C:B0:08:0D:A2:88:5C:64:80:7D:55:C2:A5:78:E6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yBaymk5ssAgNoohcZIB9VcKleOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.157.0/24
79.99.78.0/24
89.28.239.0/24
109.176.19.0/24
213.210.4.0/23
Signature Algorithm: sha256WithRSAEncryption
21:6f:f2:94:44:3f:26:ff:38:6c:91:d3:62:e9:55:65:e0:75:
2f:27:9f:d2:aa:ba:34:bb:6d:4a:ff:97:d3:f4:b5:12:61:c7:
50:9e:3f:21:4a:89:d7:1c:7c:df:05:62:4a:ea:df:d8:73:14:
3c:2e:88:6a:4d:31:b6:63:7f:81:be:f5:b1:67:2d:78:eb:52:
4f:51:2a:ca:43:45:b1:9e:69:3e:61:91:f6:e4:a7:d6:b3:55:
3b:fd:65:9e:94:28:10:ce:ac:52:a9:88:14:fc:91:8e:97:4a:
52:f1:15:4f:74:9d:77:36:a2:8b:e9:32:d0:9e:e2:d8:45:0f:
8a:5d:df:57:8b:ee:eb:d7:e8:0b:2e:f6:14:c4:3a:0b:f8:92:
e5:1e:94:be:9e:91:1e:ec:5d:1c:b0:3b:1f:cc:6b:2f:6d:4b:
b3:01:cf:6a:64:0f:af:0a:3d:1a:d5:76:45:bd:7e:a1:17:da:
38:5f:ae:98:06:bd:b9:b1:f9:39:c8:ec:c5:b4:df:5c:a4:0d:
9f:2c:7b:f8:5b:03:2e:13:ca:a0:b0:73:4b:9d:79:24:90:96:
cc:87:52:02:de:c5:f3:a6:cc:2d:82:73:49:96:cc:32:9f:9c:
38:cd:d3:e7:bb:66:81:71:2d:ca:c1:40:d9:0f:36:28:f0:e8:
d2:ad:e7:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZObPMD0xa1WWrnXwJisY0nvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkxMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE2YjI5YTRlNmNiMDA4MGRhMjg4NWM2NDgwN2Q1NWMyYTU3OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA/QSlnEL2hiztsIER9Z5PNzk9mf
nIEHO8Y1aBKei6/QXEDf+K8KY8TcqoFguczt9Pd5exaeTx5sggqE+H7V8oVwt31C
Vv4Y7KVjn02u4SKHlIQzDROobT0XuyQdKQFH3QaIOxItwFSGuFiQpWAuNaSa9Hbp
Fsto5MY2bskX3//GxVmZkoM2Cc/FNc3IASjuMHKfjLRIthl9VSLUiGiMj6TRIGnS
A9F5xZgy3yJo/yot2kuEr/ttDnwnTx6sMCP3C822MR+9llH2RiXkprfrAwEJFgiD
24vwFGgZWJKziEVMLWGNa9lehkQJi5DIo+X+dLeq3kG9BfwNZNwmJE+tjQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMgWsppObLAIDaKIXGSAfVXCpXjmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveUJheW1rNXNzQWdOb29oY1pJQjlWY0tsZU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATV2dAwQA
T2NOAwQAWRzvAwQAbbATAwQB1dIEMA0GCSqGSIb3DQEBCwUAA4IBAQAhb/KURD8m
/zhskdNi6VVl4HUvJ5/Sqro0u21K/5fT9LUSYcdQnj8hSonXHHzfBWJK6t/YcxQ8
LohqTTG2Y3+BvvWxZy1461JPUSrKQ0Wxnmk+YZH25KfWs1U7/WWelCgQzqxSqYgU
/JGOl0pS8RVPdJ13NqKL6TLQnuLYRQ+KXd9Xi+7r1+gLLvYUxDoL+JLlHpS+npEe
7F0csDsfzGsvbUuzAc9qZA+vCj0a1XZFvX6hF9o4X66YBr25sfk5yOzFtN9cpA2f
LHv4WwMuE8qgsHNLnXkkkJbMh1IC3sXzpswtgnNJlswyn5w4zdPnu2aBcS3KwUDZ
DzYo8OjSreeh
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:09 2025 by rpki-client