Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/yxAZ6XcjVhi8HH78ZReMSCJIV2Y.roa
File: yxAZ6XcjVhi8HH78ZReMSCJIV2Y.roa (raw, json)
Hash identifier: Sb7ojUNS01nMjcYJ5jQgBWKK6E0ddWd9BwDJBIXUGBE=
Subject key identifier: CB:10:19:E9:77:23:56:18:BC:1C:7E:FC:65:17:8C:48:22:48:57:66
Certificate issuer: /CN=a7bdab2580abb3bf628b5d4f89d497cd9d92a4e3
Certificate serial: 018CC56E3D7C04AEDD74B1DF92DD65208365
Authority key identifier: A7:BD:AB:25:80:AB:B3:BF:62:8B:5D:4F:89:D4:97:CD:9D:92:A4:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/yxAZ6XcjVhi8HH78ZReMSCJIV2Y.roa
Signing time: Mon 01 Jan 2024 14:29:45 +0000
ROA not before: Mon 01 Jan 2024 14:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6856
IP address blocks: 195.98.80.0/20 maxlen: 20
92.244.224.0/19 maxlen: 19
94.141.32.0/19 maxlen: 19
46.164.192.0/18 maxlen: 18
83.139.128.0/18 maxlen: 18
195.98.64.0/20 maxlen: 20
217.25.224.0/20 maxlen: 20
2a00:1af8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3d:7c:04:ae:dd:74:b1:df:92:dd:65:20:83:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7bdab2580abb3bf628b5d4f89d497cd9d92a4e3
Validity
Not Before: Jan 1 14:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb1019e977235618bc1c7efc65178c4822485766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3f:13:34:96:22:b8:a3:f0:cf:65:a4:1c:49:
8a:a8:86:bf:1e:52:90:9c:dc:54:82:bc:16:5f:d4:
1b:e1:19:67:e7:21:5c:4f:68:66:86:26:82:d5:02:
d4:3e:63:c3:c6:3a:de:c3:8b:9b:b1:de:f2:fd:ff:
a3:bb:3c:34:3a:d5:0d:88:fc:f1:7f:4b:07:0a:86:
11:d8:24:b2:c5:48:47:c0:cd:25:da:e2:da:ed:35:
e3:ff:e3:60:71:61:f0:c5:ea:64:0c:6f:e7:f0:29:
ca:3e:2a:cd:a1:cf:fe:58:28:83:e4:2f:dd:f9:65:
d7:9c:31:7b:96:a8:0c:97:59:21:38:5b:2c:33:0c:
6c:27:47:86:93:21:51:34:48:7b:fb:76:30:d4:83:
bf:8d:40:ef:79:c7:79:50:85:ad:c4:78:49:0d:bb:
f2:a2:7c:bf:63:88:7b:24:8a:f0:e4:ce:21:73:76:
e0:3a:e8:45:45:be:f0:73:21:81:c3:f9:4e:5b:cd:
0a:de:9f:7c:6b:9b:b6:f3:f1:66:5a:25:92:24:a5:
bf:96:06:f3:47:65:79:5a:6f:a9:b8:bb:da:af:f0:
42:bd:e2:f2:bd:be:dc:8c:78:b2:be:e2:a4:62:2d:
d1:1d:08:ef:78:32:1c:4b:60:bf:6f:aa:b8:6a:b9:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:10:19:E9:77:23:56:18:BC:1C:7E:FC:65:17:8C:48:22:48:57:66
X509v3 Authority Key Identifier:
keyid:A7:BD:AB:25:80:AB:B3:BF:62:8B:5D:4F:89:D4:97:CD:9D:92:A4:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/yxAZ6XcjVhi8HH78ZReMSCJIV2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/p72rJYCrs79ii11PidSXzZ2SpOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.164.192.0/18
83.139.128.0/18
92.244.224.0/19
94.141.32.0/19
195.98.64.0/19
217.25.224.0/20
IPv6:
2a00:1af8::/32
Signature Algorithm: sha256WithRSAEncryption
bd:fa:22:5f:1c:d1:eb:17:24:50:62:c8:69:bb:4c:cb:8f:8f:
94:90:6c:b1:c8:f5:c3:16:12:48:ac:ca:c9:76:47:f7:ea:93:
cb:1a:e0:30:a2:9c:6c:16:8b:f2:a2:45:7b:a7:72:f2:ac:8e:
67:7e:20:ae:3b:ae:ed:23:47:b0:88:fd:31:9c:eb:4b:93:89:
20:96:4c:2d:f4:ba:a1:62:77:56:2f:19:56:cf:62:3e:68:f5:
18:e6:7c:d4:ac:c1:e8:e4:ce:88:6c:39:2f:b1:43:6f:7a:71:
62:bd:d2:7a:54:aa:05:91:11:2b:72:90:83:6c:0c:a7:f1:bf:
c7:c7:ff:dd:a8:35:b3:6d:8f:2b:3a:68:bc:1b:7e:8c:16:d4:
37:8b:d9:4b:57:4e:5c:27:e1:95:91:32:f6:1f:53:43:58:20:
2c:d8:dd:44:de:90:ad:c4:84:a1:69:75:7a:a7:60:0c:04:6c:
28:7e:9f:f9:62:c0:99:81:95:ff:1a:49:73:ef:48:14:80:d6:
48:03:f1:da:19:67:9f:1a:2e:f5:30:29:a2:47:d9:87:6e:a9:
62:f0:f2:81:db:63:7f:16:e8:c6:0b:30:16:23:7a:af:32:ae:
be:8a:f8:8c:db:fc:16:52:f7:2e:14:ba:b1:ed:9a:25:ab:80:
5a:fb:fe:ee
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFbj18BK7ddLHfkt1lIINlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YmRhYjI1ODBhYmIzYmY2MjhiNWQ0Zjg5ZDQ5N2NkOWQ5
MmE0ZTMwHhcNMjQwMTAxMTQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjEwMTllOTc3MjM1NjE4YmMxYzdlZmM2NTE3OGM0ODIyNDg1NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3j8TNJYiuKPwz2WkHEmKqIa/HlKQ
nNxUgrwWX9Qb4Rln5yFcT2hmhiaC1QLUPmPDxjrew4ubsd7y/f+juzw0OtUNiPzx
f0sHCoYR2CSyxUhHwM0l2uLa7TXj/+NgcWHwxepkDG/n8CnKPirNoc/+WCiD5C/d
+WXXnDF7lqgMl1khOFssMwxsJ0eGkyFRNEh7+3Yw1IO/jUDvecd5UIWtxHhJDbvy
ony/Y4h7JIrw5M4hc3bgOuhFRb7wcyGBw/lOW80K3p98a5u28/FmWiWSJKW/lgbz
R2V5Wm+puLvar/BCveLyvb7cjHiyvuKkYi3RHQjveDIcS2C/b6q4arkwBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMsQGel3I1YYvBx+/GUXjEgiSFdmMB8GA1UdIwQY
MBaAFKe9qyWAq7O/YotdT4nUl82dkqTjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDcyckpZQ3JzNzlpaTExUGlkU1h6WjJTcE9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84ZjFiNDYtYTRiMS00ZmYyLWJiZWMt
MWQ3MDlhNWM2MTZiLzEveXhBWjZYY2pWaGk4SEg3OFpSZU1TQ0pJVjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84ZjFiNDYtYTRiMS00ZmYyLWJiZWMtMWQ3MDlhNWM2MTZi
LzEvcDcyckpZQ3JzNzlpaTExUGlkU1h6WjJTcE9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGLqTAAwQG
U4uAAwQFXPTgAwQFXo0gAwQFw2JAAwQE2RngMA0EAgACMAcDBQAqABr4MA0GCSqG
SIb3DQEBCwUAA4IBAQC9+iJfHNHrFyRQYshpu0zLj4+UkGyxyPXDFhJIrMrJdkf3
6pPLGuAwopxsFovyokV7p3LyrI5nfiCuO67tI0ewiP0xnOtLk4kglkwt9LqhYndW
LxlWz2I+aPUY5nzUrMHo5M6IbDkvsUNvenFivdJ6VKoFkRErcpCDbAyn8b/Hx//d
qDWzbY8rOmi8G36MFtQ3i9lLV05cJ+GVkTL2H1NDWCAs2N1E3pCtxIShaXV6p2AM
BGwofp/5YsCZgZX/Gklz70gUgNZIA/HaGWefGi71MCmiR9mHbqli8PKB22N/FujG
CzAWI3qvMq6+iviM2/wWUvcuFLqx7Zolq4Ba+/7u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:57 2025 by rpki-client