Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/ywU9BD-Ul2Kn1ocV4ZsewnuY0uE.roa
File: ywU9BD-Ul2Kn1ocV4ZsewnuY0uE.roa (raw, json)
Hash identifier: iPRGuDLw1vSp81K2iJmbytmGUYDpbS0FJTnCGny+q4s=
Subject key identifier: CB:05:3D:04:3F:94:97:62:A7:D6:87:15:E1:9B:1E:C2:7B:98:D2:E1
Certificate issuer: /CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Certificate serial: 0194228DF670EEA9F70BA356B1A2BA8CD6C8
Authority key identifier: AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/ywU9BD-Ul2Kn1ocV4ZsewnuY0uE.roa
Signing time: Wed 01 Jan 2025 15:48:36 +0000
ROA not before: Wed 01 Jan 2025 15:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47895
IP address blocks: 185.59.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 04 Apr 2025 09:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f6:70:ee:a9:f7:0b:a3:56:b1:a2:ba:8c:d6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Validity
Not Before: Jan 1 15:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb053d043f949762a7d68715e19b1ec27b98d2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ac:ac:54:f2:02:f0:57:0a:ec:91:30:6b:5b:
d9:ff:08:03:9a:9b:b1:b7:fc:fe:8c:95:e3:31:da:
d9:b6:b7:bb:8d:43:eb:2a:ef:da:6c:e1:fd:98:eb:
19:27:02:f1:a8:b0:d0:16:8a:6f:15:c7:09:e7:4f:
70:28:d1:8e:05:79:f3:7c:44:1d:9c:df:32:1e:97:
d4:ba:0f:0e:a1:3e:3b:35:3f:6f:6b:9b:11:91:c2:
7e:62:5b:7e:28:45:e9:f8:ac:71:2e:6b:c0:93:b7:
4c:25:20:2d:e9:93:50:d0:1c:52:0a:c8:ee:9a:75:
8d:93:be:aa:b4:74:25:0d:32:4c:00:06:e6:34:02:
38:0e:a3:10:84:15:dd:c1:b6:7a:7a:07:76:a8:a4:
85:a7:e7:a9:fb:90:e5:6e:07:2d:a8:3a:5f:68:db:
21:ef:00:8c:35:15:e4:3b:90:5b:e8:11:0b:fa:71:
d5:e3:47:09:c6:a3:0f:92:79:ea:5f:cd:1a:75:06:
8a:8d:7d:a2:ff:54:23:e0:4f:84:93:b8:dc:51:ef:
63:60:a0:b4:60:e8:78:4e:64:43:d1:44:91:b5:7e:
07:a7:e1:f0:a7:94:a8:e0:32:3e:1e:48:59:ec:e8:
f4:35:f6:2a:37:7e:ec:91:2a:01:53:34:ff:96:5c:
63:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:05:3D:04:3F:94:97:62:A7:D6:87:15:E1:9B:1E:C2:7B:98:D2:E1
X509v3 Authority Key Identifier:
keyid:AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/ywU9BD-Ul2Kn1ocV4ZsewnuY0uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.244.0/22
Signature Algorithm: sha256WithRSAEncryption
80:fa:a4:fa:d7:8b:68:2d:3d:ed:b8:5b:5b:49:5c:a2:86:e3:
d4:3e:22:64:9f:60:e6:0b:d8:35:cd:12:86:ff:ff:25:fa:10:
33:b3:15:4e:cc:50:e6:cd:e3:8c:84:58:de:88:ad:c3:c9:51:
8a:f1:73:62:2c:16:34:cf:5d:e8:01:aa:cf:fc:21:12:f8:6e:
bf:75:58:29:18:99:a6:6b:58:7d:aa:da:ef:86:3a:c5:1c:1f:
e2:3c:1a:9e:e3:eb:39:e4:8d:01:a0:02:cf:65:dd:b6:db:04:
21:95:5b:24:07:13:8e:85:a3:94:c6:ab:21:15:2e:42:bf:c2:
f6:c3:9c:25:c5:a4:fe:4c:d2:17:07:b6:ae:14:ba:dc:f6:83:
0b:25:4e:5c:72:d4:8a:c1:85:02:34:6e:a5:5c:a2:1e:c3:f2:
6b:e5:d7:d5:92:ab:f6:4c:39:77:a5:4c:29:32:9a:b8:50:6f:
52:9e:10:3c:f6:00:2c:6a:f3:1f:83:4c:ae:86:8b:de:fa:dd:
2e:1f:05:9b:91:46:76:1d:7b:6c:17:43:c0:57:00:18:8f:d1:
47:d1:f2:a6:87:e3:98:56:ce:1e:c5:4b:e8:0a:8e:95:5c:ea:
22:36:2a:e6:0d:44:09:2a:e0:da:63:d8:9a:93:af:05:24:76:
3d:3c:aa:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfZw7qn3C6NWsaK6jNbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzAxMTBkMzBkNTJlOGE2OTY5NTg4YjNmNjIxNDE2YmNk
ZjY0NGIwHhcNMjUwMTAxMTU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA1M2QwNDNmOTQ5NzYyYTdkNjg3MTVlMTliMWVjMjdiOThkMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6ysVPIC8FcK7JEwa1vZ/wgDmpux
t/z+jJXjMdrZtre7jUPrKu/abOH9mOsZJwLxqLDQFopvFccJ509wKNGOBXnzfEQd
nN8yHpfUug8OoT47NT9va5sRkcJ+Ylt+KEXp+KxxLmvAk7dMJSAt6ZNQ0BxSCsju
mnWNk76qtHQlDTJMAAbmNAI4DqMQhBXdwbZ6egd2qKSFp+ep+5DlbgctqDpfaNsh
7wCMNRXkO5Bb6BEL+nHV40cJxqMPknnqX80adQaKjX2i/1Qj4E+Ek7jcUe9jYKC0
YOh4TmRD0USRtX4Hp+Hwp5So4DI+HkhZ7Oj0NfYqN37skSoBUzT/llxjwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsFPQQ/lJdip9aHFeGbHsJ7mNLhMB8GA1UdIwQY
MBaAFKpwEQ0w1S6KaWlYiz9iFBa832RLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEt
ODI0M2FlZjZmZTVhLzEveXdVOUJELVVsMktuMW9jVjRac2V3bnVZMHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEtODI0M2FlZjZmZTVh
LzEvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTv0MA0G
CSqGSIb3DQEBCwUAA4IBAQCA+qT614toLT3tuFtbSVyihuPUPiJkn2DmC9g1zRKG
//8l+hAzsxVOzFDmzeOMhFjeiK3DyVGK8XNiLBY0z13oAarP/CES+G6/dVgpGJmm
a1h9qtrvhjrFHB/iPBqe4+s55I0BoALPZd222wQhlVskBxOOhaOUxqshFS5Cv8L2
w5wlxaT+TNIXB7auFLrc9oMLJU5cctSKwYUCNG6lXKIew/Jr5dfVkqv2TDl3pUwp
Mpq4UG9SnhA89gAsavMfg0yuhove+t0uHwWbkUZ2HXtsF0PAVwAYj9FH0fKmh+OY
Vs4exUvoCo6VXOoiNirmDUQJKuDaY9iak68FJHY9PKpv
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:18:34 2025 by rpki-client