Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/Yy_R3kMUbsuOVgpmhwDSg5elvzY.roa
File: Yy_R3kMUbsuOVgpmhwDSg5elvzY.roa (raw, json)
Hash identifier: cVv+6+69qF4TeXilmAngDwCi6Du6wwyQmkQJS3EHUXM=
Subject key identifier: 63:2F:D1:DE:43:14:6E:CB:8E:56:0A:66:87:00:D2:83:97:A5:BF:36
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 0194206828E5A20AB45BC88DC6BD1C9FDF81
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/Yy_R3kMUbsuOVgpmhwDSg5elvzY.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.158.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:28:e5:a2:0a:b4:5b:c8:8d:c6:bd:1c:9f:df:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=632fd1de43146ecb8e560a668700d28397a5bf36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d9:44:c0:f4:3d:cf:72:90:31:2d:25:1e:21:
b6:a2:00:2a:e4:fb:c7:e2:72:1a:ad:f5:0c:f1:f1:
0b:f9:24:7f:1c:70:87:8a:b5:50:1a:a0:86:e9:ae:
27:a8:07:16:1c:d6:8d:68:cb:c6:5f:2f:6c:2b:37:
19:5d:ef:16:e4:18:1f:ce:d2:4d:cf:75:80:1b:f9:
b3:0a:64:85:5e:69:62:3a:ca:3d:b5:e5:a3:f7:fd:
a3:08:ec:c4:8c:87:1c:24:b1:66:33:5c:cc:1e:42:
05:fc:f2:37:f3:be:e9:2d:8b:9e:4b:05:1b:a2:26:
45:d0:a8:e8:5f:4d:b6:a7:a7:c5:bf:04:9a:fa:47:
5a:c9:1d:3d:76:5a:4b:7d:87:e0:ef:94:96:54:ae:
29:18:83:a3:d5:a8:d0:52:f2:1a:07:a3:c4:38:1f:
95:62:24:84:2c:20:dc:ae:b6:e6:e8:b8:86:0f:34:
8f:76:29:85:d7:3c:68:aa:72:ca:91:38:0f:b6:e7:
54:9e:9a:07:52:73:e4:30:95:cd:20:20:90:b2:2d:
3e:82:9d:f0:79:5f:7e:99:ba:2e:67:c1:22:6c:3f:
6c:58:80:0b:1b:7f:14:7a:1e:6d:e4:4d:1c:45:45:
4b:a2:ac:e5:58:73:bb:97:4a:53:8d:db:b7:cd:e0:
06:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2F:D1:DE:43:14:6E:CB:8E:56:0A:66:87:00:D2:83:97:A5:BF:36
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/Yy_R3kMUbsuOVgpmhwDSg5elvzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.125.0/24
Signature Algorithm: sha256WithRSAEncryption
60:20:0d:8f:9a:ff:65:b0:87:67:f4:5d:f1:e6:1f:2d:46:5b:
f6:e2:b1:34:b8:4e:97:7d:67:86:32:cc:cd:49:d4:2c:44:f0:
30:9e:ca:dd:97:56:27:2e:e4:7b:38:30:72:a9:83:0e:08:82:
05:f1:90:1a:9e:5f:04:9a:94:f2:32:3d:e9:c2:52:aa:91:06:
dd:25:32:17:d9:ce:88:8b:db:1b:73:09:a2:77:fa:1c:06:52:
0b:40:4b:1c:c6:31:be:8b:49:d0:ea:f4:12:4b:5f:f6:4e:5f:
17:a4:ae:30:bf:fd:8e:84:40:02:ed:f5:c6:68:5f:99:1e:25:
6f:79:db:3c:e6:d6:21:20:ad:61:13:8d:d9:cd:22:5c:77:b5:
f5:50:44:52:a0:b6:6a:72:b5:a5:cd:b9:f8:45:e1:66:68:d5:
07:90:82:94:42:18:0e:49:85:90:7a:d3:ba:aa:aa:42:0d:34:
a2:2b:f6:79:56:17:6c:88:f4:70:06:97:4a:83:a2:af:8c:49:
48:28:14:83:bb:83:c1:a7:89:d7:d8:bc:cd:1c:31:3e:58:92:
9c:40:04:1d:b4:03:f8:be:f6:45:48:07:03:ee:35:f6:6d:84:
09:a7:d8:03:ba:7d:60:a7:03:bd:78:2a:6e:48:3f:05:1a:1a:
78:6a:8d:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaCjlogq0W8iNxr0cn9+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJmZDFkZTQzMTQ2ZWNiOGU1NjBhNjY4NzAwZDI4Mzk3YTViZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttlEwPQ9z3KQMS0lHiG2ogAq5PvH
4nIarfUM8fEL+SR/HHCHirVQGqCG6a4nqAcWHNaNaMvGXy9sKzcZXe8W5BgfztJN
z3WAG/mzCmSFXmliOso9teWj9/2jCOzEjIccJLFmM1zMHkIF/PI3877pLYueSwUb
oiZF0KjoX022p6fFvwSa+kdayR09dlpLfYfg75SWVK4pGIOj1ajQUvIaB6PEOB+V
YiSELCDcrrbm6LiGDzSPdimF1zxoqnLKkTgPtudUnpoHUnPkMJXNICCQsi0+gp3w
eV9+mbouZ8EibD9sWIALG38Ueh5t5E0cRUVLoqzlWHO7l0pTjdu3zeAGSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMv0d5DFG7LjlYKZocA0oOXpb82MB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvWXlfUjNrTVVic3VPVmdwbWh3RFNnNWVsdnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ59MA0G
CSqGSIb3DQEBCwUAA4IBAQBgIA2Pmv9lsIdn9F3x5h8tRlv24rE0uE6XfWeGMszN
SdQsRPAwnsrdl1YnLuR7ODByqYMOCIIF8ZAanl8EmpTyMj3pwlKqkQbdJTIX2c6I
i9sbcwmid/ocBlILQEscxjG+i0nQ6vQSS1/2Tl8XpK4wv/2OhEAC7fXGaF+ZHiVv
eds85tYhIK1hE43ZzSJcd7X1UERSoLZqcrWlzbn4ReFmaNUHkIKUQhgOSYWQetO6
qqpCDTSiK/Z5VhdsiPRwBpdKg6KvjElIKBSDu4PBp4nX2LzNHDE+WJKcQAQdtAP4
vvZFSAcD7jX2bYQJp9gDun1gpwO9eCpuSD8FGhp4ao3z
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:24:59 2025 by rpki-client