Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/y53xH-OkQ6hMaVfBgGiVQVaWnHk.roa
File: y53xH-OkQ6hMaVfBgGiVQVaWnHk.roa (raw, json)
Hash identifier: jyNp1JjEUkG2YZo8/QHOituBH1HbOzU9LFTc4w0fzP0=
Subject key identifier: CB:9D:F1:1F:E3:A4:43:A8:4C:69:57:C1:80:68:95:41:56:96:9C:79
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01941FFA6E0A380E85507F23115033748D81
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/y53xH-OkQ6hMaVfBgGiVQVaWnHk.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214515
IP address blocks: 37.32.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 18:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6e:0a:38:0e:85:50:7f:23:11:50:33:74:8d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb9df11fe3a443a84c6957c18068954156969c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4a:47:df:0c:87:74:b0:db:7c:9c:e3:69:81:
bb:83:ee:b2:d6:d9:1d:61:52:f7:90:64:41:cd:28:
f7:e5:9b:a6:dc:e0:e5:7f:7b:8a:be:cc:e3:dc:85:
a7:96:19:af:f6:6a:91:93:0c:37:10:fa:17:12:f5:
b7:cd:6b:bb:0a:6d:42:a0:06:54:2e:0c:db:c5:d3:
1e:06:0f:9d:8d:95:79:9f:34:cd:75:be:8d:d5:73:
08:47:87:4a:f6:86:30:c6:87:ba:9a:d6:95:3d:1a:
e8:44:f1:d0:c9:9b:b4:1c:49:e5:50:35:46:0f:c2:
66:9b:ca:c2:b0:20:50:34:53:09:c3:1c:87:df:8a:
3d:91:e8:8a:6f:ed:d0:4e:7d:1d:35:3c:0f:6f:fa:
cc:26:79:e4:bb:b5:e3:ac:83:9f:82:d4:41:c6:e5:
4a:0c:1f:ee:36:be:48:30:a7:03:92:6e:7a:b9:8c:
c9:ec:3a:2c:34:5f:27:67:d7:dc:9f:e2:df:77:b4:
d9:7e:64:c2:08:dc:a1:5e:86:f2:17:02:e0:47:15:
f7:4d:a7:41:43:94:cf:ee:2b:cd:fc:51:b4:62:0c:
4b:a8:db:39:ea:6f:3f:b1:7e:20:26:ad:cf:62:81:
f2:ab:bb:eb:fd:9f:31:da:03:6d:75:20:c7:95:3d:
ab:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9D:F1:1F:E3:A4:43:A8:4C:69:57:C1:80:68:95:41:56:96:9C:79
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/y53xH-OkQ6hMaVfBgGiVQVaWnHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:21:3e:ec:f1:14:2b:f6:2a:5f:ea:2a:95:51:4f:5a:c1:dd:
48:8f:83:f2:82:1e:11:72:be:5c:07:d1:93:52:52:7a:3e:31:
46:47:1c:62:9f:af:ed:1d:33:df:10:d4:c8:74:18:78:ff:31:
8e:b7:30:bf:f6:dc:15:f4:15:8b:3a:eb:22:dc:bb:2d:68:94:
42:41:eb:f8:32:77:1f:4f:d4:12:2e:9e:c3:2d:55:0b:05:bd:
73:a2:73:7a:e1:2e:3e:bb:33:02:09:c7:79:d2:83:d2:93:af:
e6:72:cf:01:57:73:87:28:3c:66:1a:be:94:81:b4:15:74:68:
17:70:44:16:74:9c:3f:19:93:b1:cf:34:94:bd:ee:5d:7d:a2:
28:2f:0c:d6:a8:1e:6f:98:01:f1:59:a6:49:22:d6:fb:f8:d3:
fc:d4:2a:5b:f1:b8:51:2f:dd:d2:f2:fb:eb:a3:72:1f:06:e2:
e5:36:f2:e3:44:65:a6:04:f3:ae:86:38:b3:b0:c9:69:2f:c1:
90:3f:2c:fc:f9:a1:39:0d:9d:c7:34:44:5b:dc:db:cb:24:52:
46:de:04:1e:ab:2c:89:e1:29:a8:89:d8:23:01:8b:aa:0e:4d:
8e:da:33:32:e6:60:53:32:57:af:cf:90:ed:8b:b1:ad:3f:18:
18:b5:c2:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+m4KOA6FUH8jEVAzdI2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjlkZjExZmUzYTQ0M2E4NGM2OTU3YzE4MDY4OTU0MTU2OTY5Yzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UpH3wyHdLDbfJzjaYG7g+6y1tkd
YVL3kGRBzSj35Zum3ODlf3uKvszj3IWnlhmv9mqRkww3EPoXEvW3zWu7Cm1CoAZU
LgzbxdMeBg+djZV5nzTNdb6N1XMIR4dK9oYwxoe6mtaVPRroRPHQyZu0HEnlUDVG
D8Jmm8rCsCBQNFMJwxyH34o9keiKb+3QTn0dNTwPb/rMJnnku7XjrIOfgtRBxuVK
DB/uNr5IMKcDkm56uYzJ7DosNF8nZ9fcn+Lfd7TZfmTCCNyhXobyFwLgRxX3TadB
Q5TP7ivN/FG0YgxLqNs56m8/sX4gJq3PYoHyq7vr/Z8x2gNtdSDHlT2rRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMud8R/jpEOoTGlXwYBolUFWlpx5MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEveTUzeEgtT2tRNmhNYVZmQmdHaVZRVmFXbkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSApMA0G
CSqGSIb3DQEBCwUAA4IBAQCeIT7s8RQr9ipf6iqVUU9awd1Ij4Pygh4Rcr5cB9GT
UlJ6PjFGRxxin6/tHTPfENTIdBh4/zGOtzC/9twV9BWLOusi3LstaJRCQev4Mncf
T9QSLp7DLVULBb1zonN64S4+uzMCCcd50oPSk6/mcs8BV3OHKDxmGr6UgbQVdGgX
cEQWdJw/GZOxzzSUve5dfaIoLwzWqB5vmAHxWaZJItb7+NP81Cpb8bhRL93S8vvr
o3IfBuLlNvLjRGWmBPOuhjizsMlpL8GQPyz8+aE5DZ3HNERb3NvLJFJG3gQeqyyJ
4SmoidgjAYuqDk2O2jMy5mBTMlevz5Dti7GtPxgYtcJV
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:01:50 2025 by rpki-client