Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/yfL7ck43SUUrg0-pYsoaUu6dXzA.roa
File: yfL7ck43SUUrg0-pYsoaUu6dXzA.roa (raw, json)
Hash identifier: FhI+6pgqnrdEeJDAJlx/mUU9KnTtn8SmNeoq64XYvik=
Subject key identifier: C9:F2:FB:72:4E:37:49:45:2B:83:4F:A9:62:CA:1A:52:EE:9D:5F:30
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 0195419C14686B41E1D51547D41312590871
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/yfL7ck43SUUrg0-pYsoaUu6dXzA.roa
Signing time: Wed 26 Feb 2025 09:35:02 +0000
ROA not before: Wed 26 Feb 2025 09:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 77.87.123.0/24 maxlen: 24
86.54.24.0/24 maxlen: 24
86.54.25.0/24 maxlen: 24
86.54.26.0/24 maxlen: 24
141.98.184.0/22 maxlen: 22
194.9.118.0/24 maxlen: 24
2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:37:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:9c:14:68:6b:41:e1:d5:15:47:d4:13:12:59:08:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Feb 26 09:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9f2fb724e3749452b834fa962ca1a52ee9d5f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dc:ea:ba:6c:b7:19:43:c9:da:56:4c:e2:bc:
8e:26:cc:14:6f:5c:a3:1c:14:95:79:c0:4e:63:a0:
60:2f:c3:41:47:a4:bf:6e:e5:4c:48:4d:c5:13:38:
a3:bd:e1:22:5c:b1:4c:13:8f:f4:c0:9c:4a:5d:17:
72:69:3d:ed:4b:4d:97:bc:e9:c2:0b:98:cc:61:18:
09:3f:7e:4a:b3:da:d1:65:ef:fe:59:71:5b:39:c2:
25:5d:40:57:d1:66:5e:98:81:ec:2a:a4:5a:32:8f:
02:9f:1d:d0:23:bb:98:c9:99:e9:c6:f6:61:27:ff:
11:65:96:41:31:3f:0c:23:9c:96:c7:a5:6c:23:f9:
c9:39:f5:e9:41:2b:1d:9d:b9:ad:0e:19:01:37:2d:
da:a3:9a:e7:ca:4a:bd:e9:ce:d8:f8:8e:48:a5:d8:
3a:a6:67:b8:3b:a0:4b:cc:c3:f5:22:ac:e3:7e:f1:
57:97:b9:7f:91:24:94:72:99:93:5a:da:26:46:4f:
4d:d4:36:2d:cb:89:ca:33:e1:7e:d3:66:9a:40:7d:
a8:84:ce:45:c4:35:d9:b4:d7:7c:d4:b8:a6:96:f5:
93:63:8e:fa:2b:ab:97:a6:89:08:0b:3b:cf:70:ed:
1c:c1:e8:94:11:47:89:79:d5:89:90:36:2f:b5:69:
f8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F2:FB:72:4E:37:49:45:2B:83:4F:A9:62:CA:1A:52:EE:9D:5F:30
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/yfL7ck43SUUrg0-pYsoaUu6dXzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.123.0/24
86.54.24.0-86.54.26.255
141.98.184.0/22
194.9.118.0/24
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
34:92:4f:f2:31:fa:19:b1:f5:4c:cd:78:a4:e4:55:8b:b0:f3:
76:5c:c2:20:08:93:1d:50:c1:60:df:ec:33:da:bb:c7:3d:76:
da:3e:d2:e9:29:be:9c:e8:c4:f6:52:bc:c2:74:de:de:25:69:
70:94:a6:1f:58:98:2c:13:11:ee:b9:bb:c4:95:65:4f:50:24:
82:d1:e4:7b:c5:7a:59:17:ff:b2:15:73:f6:1f:61:be:84:37:
80:76:ec:7f:6a:8a:73:9e:8e:c6:fe:89:77:a7:e8:a7:fb:f4:
86:bb:60:62:72:60:de:dd:b0:06:cf:f1:5c:c0:13:04:73:ec:
7f:c6:ee:74:a7:b3:70:03:35:87:99:c6:b2:d9:7b:3c:78:3d:
14:7b:63:d8:30:34:d0:ff:bc:8c:48:e0:d8:5e:56:f5:7f:76:
85:31:5e:88:1e:4a:5f:33:1b:31:8c:8d:38:55:57:34:23:e6:
32:59:23:24:d0:f1:c5:7a:62:6d:d1:fc:c6:4b:7e:9b:1f:20:
10:5e:fa:d7:09:6f:05:06:fc:f5:39:6c:e7:0f:a8:72:a8:1c:
85:d1:41:0b:3e:18:3b:52:89:48:d6:42:1e:fd:71:c2:e8:3c:
08:72:25:a9:d7:3c:b7:07:d3:e7:1e:b8:d0:77:87:e4:1f:18:
3f:63:a6:86
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZVBnBRoa0Hh1RVH1BMSWQhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUwMjI2MDkzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYyZmI3MjRlMzc0OTQ1MmI4MzRmYTk2MmNhMWE1MmVlOWQ1ZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdzqumy3GUPJ2lZM4ryOJswUb1yj
HBSVecBOY6BgL8NBR6S/buVMSE3FEzijveEiXLFME4/0wJxKXRdyaT3tS02XvOnC
C5jMYRgJP35Ks9rRZe/+WXFbOcIlXUBX0WZemIHsKqRaMo8Cnx3QI7uYyZnpxvZh
J/8RZZZBMT8MI5yWx6VsI/nJOfXpQSsdnbmtDhkBNy3ao5rnykq96c7Y+I5Ipdg6
pme4O6BLzMP1IqzjfvFXl7l/kSSUcpmTWtomRk9N1DYty4nKM+F+02aaQH2ohM5F
xDXZtNd81LimlvWTY476K6uXpokICzvPcO0cweiUEUeJedWJkDYvtWn4sQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMny+3JON0lFK4NPqWLKGlLunV8wMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEveWZMN2NrNDNTVVVyZzAtcFlzb2FVdTZkWHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQATVd7MAwD
BANWNhgDBABWNhoDBAKNYrgDBADCCXYwDQQCAAIwBwMFAyoTbEAwDQYJKoZIhvcN
AQELBQADggEBADSST/Ix+hmx9UzNeKTkVYuw83ZcwiAIkx1QwWDf7DPau8c9dto+
0ukpvpzoxPZSvMJ03t4laXCUph9YmCwTEe65u8SVZU9QJILR5HvFelkX/7IVc/Yf
Yb6EN4B27H9qinOejsb+iXen6Kf79Ia7YGJyYN7dsAbP8VzAEwRz7H/G7nSns3AD
NYeZxrLZezx4PRR7Y9gwNND/vIxI4NheVvV/doUxXogeSl8zGzGMjThVVzQj5jJZ
IyTQ8cV6Ym3R/MZLfpsfIBBe+tcJbwUG/PU5bOcPqHKoHIXRQQs+GDtSiUjWQh79
ccLoPAhyJanXPLcH0+ceuNB3h+QfGD9jpoY=
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:35:28 2025 by rpki-client