Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/YVqRBNUM9acXfl4dSs49kKr56Io.roa
File: YVqRBNUM9acXfl4dSs49kKr56Io.roa (raw, json)
Hash identifier: +aPOV2ONshqWvZRxhoz4TGCMVl1fvenlXMRlYVfSQY8=
Subject key identifier: 61:5A:91:04:D5:0C:F5:A7:17:7E:5E:1D:4A:CE:3D:90:AA:F9:E8:8A
Certificate issuer: /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial: 01941FFA5D615403F27B73407F044F6F219A
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/YVqRBNUM9acXfl4dSs49kKr56Io.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207605
IP address blocks: 176.119.205.0/24 maxlen: 24
195.189.140.0/24 maxlen: 24
195.189.141.0/24 maxlen: 24
2a05:4500::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 Jan 2025 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5d:61:54:03:f2:7b:73:40:7f:04:4f:6f:21:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=615a9104d50cf5a7177e5e1d4ace3d90aaf9e88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b2:e9:ce:24:47:c3:17:8a:e2:2f:9f:58:ff:
af:42:02:25:b0:2a:50:ad:dc:de:99:68:1f:84:32:
fa:b8:b7:21:02:50:1d:87:ed:65:91:9b:23:c8:99:
e9:9c:e9:1b:06:64:aa:86:b7:79:bb:25:9a:07:63:
a3:e8:c0:79:3a:95:f8:36:57:ac:10:0e:09:6c:f3:
76:5f:a6:02:f8:93:f7:00:91:78:10:65:a6:4d:3f:
ce:3b:5c:fd:82:1e:1f:4d:25:e1:71:22:d3:81:96:
b5:16:96:e5:5f:bd:c2:c6:d3:6d:e0:74:23:1a:ed:
eb:96:89:9c:e1:36:01:89:bf:a4:d1:6a:8b:bf:11:
37:ab:4d:d3:6f:2b:db:ea:21:e3:40:11:1b:d2:78:
85:d5:38:de:25:9e:e9:3f:a8:22:37:e2:ec:48:ac:
8a:0d:96:35:74:74:aa:f9:dd:5c:b7:a0:b5:37:5a:
d1:6a:1a:87:d2:06:8c:82:6f:2a:9b:c1:d4:89:bc:
5a:8f:2c:8e:e2:e5:0e:59:19:8a:f3:f6:d0:6b:d8:
41:c7:12:0d:80:8d:70:45:2b:5f:1e:14:9b:92:ff:
21:d0:ea:88:55:db:8e:3e:05:1a:48:22:e8:a1:63:
da:6f:2a:db:a8:f6:e6:77:b3:e7:23:4f:42:84:51:
b0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5A:91:04:D5:0C:F5:A7:17:7E:5E:1D:4A:CE:3D:90:AA:F9:E8:8A
X509v3 Authority Key Identifier:
keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/YVqRBNUM9acXfl4dSs49kKr56Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.205.0/24
195.189.140.0/23
IPv6:
2a05:4500::/29
Signature Algorithm: sha256WithRSAEncryption
48:b0:c3:50:bb:a6:14:8d:b8:0d:49:94:a2:f4:5f:9a:e2:57:
8a:b9:95:34:f7:54:e4:aa:6e:1c:0d:b1:61:3a:68:e7:7d:12:
05:c0:0f:a5:6a:f1:ae:62:ec:1a:bd:16:3b:3b:be:1e:f2:70:
65:7e:b3:8d:51:df:c1:72:cc:25:70:44:53:d6:0b:b0:5a:14:
25:29:ec:f9:ed:3b:9e:4d:1a:4b:85:42:00:b0:09:58:27:ce:
da:10:da:44:ac:6f:9c:7d:eb:e6:cb:4b:d0:16:92:b8:1a:89:
42:a2:71:f4:b0:c4:ef:b3:e0:71:55:bf:c6:c2:f6:1f:cc:4d:
cb:19:f2:2c:4c:d3:75:60:b3:56:c1:30:72:23:0b:95:18:49:
e0:48:8b:52:2a:5b:38:d3:4e:e3:0d:b1:98:10:64:f8:5c:d1:
dd:42:7c:ba:10:b3:98:99:83:7d:ca:b6:dd:da:d9:95:d1:de:
3e:ab:f1:e4:9e:d7:7d:b9:16:91:c2:72:ce:e2:2e:22:ba:e7:
39:5d:b6:a1:b0:98:0b:6e:67:90:df:ae:15:27:19:8d:f1:25:
03:83:c3:85:2b:23:6c:19:1f:41:62:19:b9:28:a0:45:96:ab:
89:4c:f8:5a:f8:f4:c3:6c:ca:db:27:f2:7b:3d:1d:9f:10:5d:
95:33:d3:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+l1hVAPye3NAfwRPbyGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVhOTEwNGQ1MGNmNWE3MTc3ZTVlMWQ0YWNlM2Q5MGFhZjllODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbLpziRHwxeK4i+fWP+vQgIlsCpQ
rdzemWgfhDL6uLchAlAdh+1lkZsjyJnpnOkbBmSqhrd5uyWaB2Oj6MB5OpX4Nles
EA4JbPN2X6YC+JP3AJF4EGWmTT/OO1z9gh4fTSXhcSLTgZa1FpblX73CxtNt4HQj
Gu3rlomc4TYBib+k0WqLvxE3q03Tbyvb6iHjQBEb0niF1TjeJZ7pP6giN+LsSKyK
DZY1dHSq+d1ct6C1N1rRahqH0gaMgm8qm8HUibxajyyO4uUOWRmK8/bQa9hBxxIN
gI1wRStfHhSbkv8h0OqIVduOPgUaSCLooWPabyrbqPbmd7PnI09ChFGwuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGFakQTVDPWnF35eHUrOPZCq+eiKMB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvWVZxUkJOVU05YWNYZmw0ZFNzNDlrS3I1NklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHfNAwQB
w72MMA0EAgACMAcDBQMqBUUAMA0GCSqGSIb3DQEBCwUAA4IBAQBIsMNQu6YUjbgN
SZSi9F+a4leKuZU091Tkqm4cDbFhOmjnfRIFwA+lavGuYuwavRY7O74e8nBlfrON
Ud/BcswlcERT1guwWhQlKez57TueTRpLhUIAsAlYJ87aENpErG+cfevmy0vQFpK4
GolConH0sMTvs+BxVb/GwvYfzE3LGfIsTNN1YLNWwTByIwuVGEngSItSKls4007j
DbGYEGT4XNHdQny6ELOYmYN9yrbd2tmV0d4+q/Hkntd9uRaRwnLO4i4iuuc5Xbah
sJgLbmeQ364VJxmN8SUDg8OFKyNsGR9BYhm5KKBFlquJTPha+PTDbMrbJ/J7PR2f
EF2VM9N7
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:36:21 2025 by rpki-client