Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yi6vfhnJGrdp0McdlSOUHNFhFyo.roa
File: yi6vfhnJGrdp0McdlSOUHNFhFyo.roa (raw, json)
Hash identifier: d0iRyFbXKl1EgRtA+9qFs3g3ZBUR/AbNQRZxDT/MJU8=
Subject key identifier: CA:2E:AF:7E:19:C9:1A:B7:69:D0:C7:1D:95:23:94:1C:D1:61:17:2A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01924FAA3AF726BB9262730E9CE775B4191C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yi6vfhnJGrdp0McdlSOUHNFhFyo.roa
Signing time: Wed 02 Oct 2024 23:56:49 +0000
ROA not before: Wed 02 Oct 2024 23:56:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.176.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 11:24:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4f:aa:3a:f7:26:bb:92:62:73:0e:9c:e7:75:b4:19:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 2 23:56:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca2eaf7e19c91ab769d0c71d9523941cd161172a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:69:5a:cd:b4:f0:19:c0:06:d7:b1:66:be:93:
32:cf:68:22:32:4d:d6:0b:24:64:e8:30:d4:45:8a:
84:5e:dd:85:b1:22:11:a9:ff:f9:a5:e7:51:f0:8b:
14:8d:f6:3f:1e:9c:20:e1:1d:c4:20:0d:47:fd:36:
a7:b6:84:94:d0:2c:b3:05:4b:61:0e:e8:68:e6:25:
a9:d2:56:69:f7:90:50:ce:e2:ed:8b:46:de:06:79:
b4:5b:f2:63:bc:be:2e:ad:d0:65:92:2a:34:4b:16:
01:f2:a0:a4:65:48:57:98:80:79:86:b0:2f:4f:97:
9d:91:6e:da:bd:21:c0:c6:f5:ca:05:ca:1c:64:50:
8e:e0:ce:72:6e:83:1d:d1:86:e8:04:95:2e:60:d5:
92:45:a6:16:37:9d:e8:1e:ac:b3:1c:9a:02:80:c7:
e9:bd:80:d4:59:3b:d2:29:bb:28:d3:04:87:c2:31:
c2:46:ae:64:51:bb:17:65:34:4f:0a:9d:44:49:d8:
3d:b2:67:de:b2:7c:9e:0d:ec:95:83:8f:57:61:b5:
56:63:79:38:16:50:a7:6d:c2:ef:ab:f3:84:b8:15:
39:99:e4:15:60:17:8a:b1:b8:f7:3c:fb:2e:11:20:
cd:cd:be:16:d9:ea:40:51:29:55:98:87:49:f3:cf:
1c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:2E:AF:7E:19:C9:1A:B7:69:D0:C7:1D:95:23:94:1C:D1:61:17:2A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yi6vfhnJGrdp0McdlSOUHNFhFyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.176.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
89.213.212.0/24
89.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c9:3e:66:5f:e9:b3:16:3d:83:de:49:bd:9b:4d:59:6e:1a:
94:22:3a:4a:13:69:e9:03:37:13:34:4f:1d:d6:e6:e1:60:21:
bd:91:43:98:15:7f:c4:63:6f:af:68:eb:87:f6:fb:a7:c0:03:
f1:c7:8b:6f:bc:22:68:37:9e:15:14:7c:91:ba:47:15:f0:86:
d8:7a:da:6b:b4:96:26:d8:b5:20:4e:eb:3c:36:d4:07:ea:81:
cc:f0:cf:59:50:0d:f4:37:cd:f4:4d:80:7b:78:8e:11:9b:8f:
33:40:56:ca:d4:61:a9:3d:82:65:de:7a:e1:0e:98:8c:3b:f3:
bd:d7:a1:72:9d:19:35:38:ca:b7:7e:56:1f:c9:7a:11:43:77:
70:38:c3:ff:6c:a2:ed:6c:36:4b:6a:f0:99:97:09:11:04:c0:
44:14:fe:43:73:0c:d0:77:5e:e2:ac:8e:08:74:c4:09:c5:33:
d9:f6:52:63:5c:da:95:5a:cf:fa:b5:40:ef:e5:50:93:35:b1:
fe:17:c0:ee:85:68:8f:0f:bb:96:5a:5c:1f:8f:89:03:3a:93:
1e:a7:09:6b:18:a4:60:5e:dd:36:60:93:79:3a:69:79:fc:f4:
65:32:90:fc:56:f2:03:aa:9e:45:52:96:60:5e:bb:8c:45:1a:
15:18:ce:7f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJPqjr3JruSYnMOnOd1tBkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDAyMjM1NjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTJlYWY3ZTE5YzkxYWI3NjlkMGM3MWQ5NTIzOTQxY2QxNjExNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12lazbTwGcAG17FmvpMyz2giMk3W
CyRk6DDURYqEXt2FsSIRqf/5pedR8IsUjfY/Hpwg4R3EIA1H/TantoSU0CyzBUth
Duho5iWp0lZp95BQzuLti0beBnm0W/JjvL4urdBlkio0SxYB8qCkZUhXmIB5hrAv
T5edkW7avSHAxvXKBcocZFCO4M5yboMd0YboBJUuYNWSRaYWN53oHqyzHJoCgMfp
vYDUWTvSKbso0wSHwjHCRq5kUbsXZTRPCp1ESdg9smfesnyeDeyVg49XYbVWY3k4
FlCnbcLvq/OEuBU5meQVYBeKsbj3PPsuESDNzb4W2epAUSlVmIdJ888ccQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMour34ZyRq3adDHHZUjlBzRYRcqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveWk2dmZobkpHcmRwME1jZGxTT1VITkZoRnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUQW9AwQA
UpiwAwQAWdWYAwQAWdWwAwQAWdW3AwQAWdXUAwQAWdX5MA0GCSqGSIb3DQEBCwUA
A4IBAQAiyT5mX+mzFj2D3km9m01ZbhqUIjpKE2npAzcTNE8d1ubhYCG9kUOYFX/E
Y2+vaOuH9vunwAPxx4tvvCJoN54VFHyRukcV8IbYetprtJYm2LUgTus8NtQH6oHM
8M9ZUA30N830TYB7eI4Rm48zQFbK1GGpPYJl3nrhDpiMO/O916FynRk1OMq3flYf
yXoRQ3dwOMP/bKLtbDZLavCZlwkRBMBEFP5DcwzQd17irI4IdMQJxTPZ9lJjXNqV
Ws/6tUDv5VCTNbH+F8DuhWiPD7uWWlwfj4kDOpMepwlrGKRgXt02YJN5Oml5/PRl
MpD8VvIDqp5FUpZgXruMRRoVGM5/
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:17 2025 by rpki-client