Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/yiU5G5chgpRbSZMuKJg_7LTkFqY.roa
File: yiU5G5chgpRbSZMuKJg_7LTkFqY.roa (raw, json)
Hash identifier: h1R711r6ZclVsJAPZqVmjiW4Vxtiy5WEv0UTRYrweZ8=
Subject key identifier: CA:25:39:1B:97:21:82:94:5B:49:93:2E:28:98:3F:EC:B4:E4:16:A6
Certificate issuer: /CN=8c810edc51abd61e69f3c69ee49d88e9896a6f09
Certificate serial: 018D57BD4AC56606EB1BA4D2FE3D51AD85FE
Authority key identifier: 8C:81:0E:DC:51:AB:D6:1E:69:F3:C6:9E:E4:9D:88:E9:89:6A:6F:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIEO3FGr1h5p88ae5J2I6Ylqbwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/yiU5G5chgpRbSZMuKJg_7LTkFqY.roa
Signing time: Tue 30 Jan 2024 00:20:39 +0000
ROA not before: Tue 30 Jan 2024 00:20:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216274
IP address blocks: 83.97.36.0/24 maxlen: 24
185.165.194.0/24 maxlen: 24
2a10:a180::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:57:bd:4a:c5:66:06:eb:1b:a4:d2:fe:3d:51:ad:85:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c810edc51abd61e69f3c69ee49d88e9896a6f09
Validity
Not Before: Jan 30 00:20:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca25391b972182945b49932e28983fecb4e416a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ff:e1:24:19:db:a9:f7:61:eb:c8:e5:d4:53:
9e:50:0e:06:a3:65:8f:b7:76:e4:ab:00:98:52:53:
01:e7:29:83:1e:2b:d6:10:3f:2c:60:e1:7e:c4:fa:
00:1b:d9:7b:36:ab:f1:58:63:f7:a4:8c:69:cf:59:
b6:89:93:d0:fd:1e:14:5e:82:cc:1e:d8:91:f9:60:
ea:9e:ae:b4:58:59:4a:76:12:45:ef:fd:f0:b3:ed:
98:c1:ee:b2:23:b1:95:21:62:57:89:48:99:ba:96:
18:bf:12:42:57:e4:87:f0:df:06:d4:c6:67:04:45:
9c:ad:ea:54:81:2c:8c:da:70:54:a5:06:4f:be:c3:
b5:8b:8d:a3:15:e4:7b:42:66:d7:27:d4:c0:4c:d2:
10:f4:c6:af:9b:87:37:b3:e8:b6:d1:42:3c:79:15:
85:f4:ff:39:80:20:c6:84:6a:f9:bf:fa:a6:b3:9f:
60:f1:17:44:ae:5e:b2:d0:c5:40:0e:ef:26:c5:e7:
b9:07:1b:58:d9:06:0a:30:85:7f:b7:ea:e5:54:4c:
d6:49:75:4d:0b:24:d8:63:b3:89:48:97:9d:74:79:
3f:d1:c8:23:ec:9e:a8:42:c0:2c:77:43:2d:d2:d4:
39:14:8b:ef:b3:cf:69:3f:bd:a1:f8:f8:73:f5:e0:
1f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:25:39:1B:97:21:82:94:5B:49:93:2E:28:98:3F:EC:B4:E4:16:A6
X509v3 Authority Key Identifier:
keyid:8C:81:0E:DC:51:AB:D6:1E:69:F3:C6:9E:E4:9D:88:E9:89:6A:6F:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIEO3FGr1h5p88ae5J2I6Ylqbwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/yiU5G5chgpRbSZMuKJg_7LTkFqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/jIEO3FGr1h5p88ae5J2I6Ylqbwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.36.0/24
185.165.194.0/24
IPv6:
2a10:a180::/30
Signature Algorithm: sha256WithRSAEncryption
21:2c:16:8b:20:b4:d1:df:af:e1:74:b5:0e:56:32:ca:f4:07:
43:12:4e:42:64:f8:81:06:f9:ca:ea:c6:e9:54:5f:1c:bb:b7:
95:79:43:cf:23:7a:90:00:88:c0:14:1e:de:d3:eb:6b:24:26:
ae:aa:3a:b3:fd:49:fd:96:93:fd:07:0c:15:4e:7b:52:32:b5:
ba:c5:5d:e5:04:7a:a1:0c:e1:db:8b:63:1a:2c:5a:18:44:3d:
40:7d:b4:62:04:60:4a:12:51:37:f2:97:9b:b8:81:b4:83:4e:
cb:3a:66:d8:01:04:5e:e4:4b:6f:74:4a:15:6a:50:10:46:e7:
64:fc:5b:e3:1a:9c:60:a2:32:ce:ce:f1:51:c0:ff:55:94:5a:
4a:be:4d:2c:0e:4d:e5:de:d7:3a:ee:a9:55:d9:fd:d9:fb:ae:
6b:be:24:1e:eb:c6:42:34:09:81:f3:de:c1:ed:d6:e5:c5:5a:
fc:11:3a:00:65:94:ef:1b:64:4c:46:46:ad:7f:71:9f:fa:2d:
89:7b:b9:7c:b9:b8:0c:44:4c:e3:24:ba:c1:e0:6c:02:8d:ee:
fe:91:52:61:41:d6:c3:fa:f2:70:14:e3:3c:3a:37:b6:25:56:
b3:6d:21:2f:2b:a6:d8:70:b5:c1:a6:42:a3:a5:c4:c9:c8:68:
9c:88:e9:69
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1XvUrFZgbrG6TS/j1RrYX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODEwZWRjNTFhYmQ2MWU2OWYzYzY5ZWU0OWQ4OGU5ODk2
YTZmMDkwHhcNMjQwMTMwMDAyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI1MzkxYjk3MjE4Mjk0NWI0OTkzMmUyODk4M2ZlY2I0ZTQxNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3//hJBnbqfdh68jl1FOeUA4Go2WP
t3bkqwCYUlMB5ymDHivWED8sYOF+xPoAG9l7NqvxWGP3pIxpz1m2iZPQ/R4UXoLM
HtiR+WDqnq60WFlKdhJF7/3ws+2Ywe6yI7GVIWJXiUiZupYYvxJCV+SH8N8G1MZn
BEWcrepUgSyM2nBUpQZPvsO1i42jFeR7QmbXJ9TATNIQ9Mavm4c3s+i20UI8eRWF
9P85gCDGhGr5v/qms59g8RdErl6y0MVADu8mxee5BxtY2QYKMIV/t+rlVEzWSXVN
CyTYY7OJSJeddHk/0cgj7J6oQsAsd0Mt0tQ5FIvvs89pP72h+Phz9eAfawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMolORuXIYKUW0mTLiiYP+y05BamMB8GA1UdIwQY
MBaAFIyBDtxRq9YeafPGnuSdiOmJam8JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklFTzNGR3IxaDVwODhhZTVKMkk2WWxxYndrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zOTI1NGMtNTI4Ni00Yjg0LWI2OTEt
NDAxNDQ3OGJiNmM4LzEveWlVNUc1Y2hncFJiU1pNdUtKZ183TFRrRnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zOTI1NGMtNTI4Ni00Yjg0LWI2OTEtNDAxNDQ3OGJiNmM4
LzEvaklFTzNGR3IxaDVwODhhZTVKMkk2WWxxYndrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAU2EkAwQA
uaXCMA0EAgACMAcDBQIqEKGAMA0GCSqGSIb3DQEBCwUAA4IBAQAhLBaLILTR36/h
dLUOVjLK9AdDEk5CZPiBBvnK6sbpVF8cu7eVeUPPI3qQAIjAFB7e0+trJCauqjqz
/Un9lpP9BwwVTntSMrW6xV3lBHqhDOHbi2MaLFoYRD1AfbRiBGBKElE38pebuIG0
g07LOmbYAQRe5EtvdEoValAQRudk/FvjGpxgojLOzvFRwP9VlFpKvk0sDk3l3tc6
7qlV2f3Z+65rviQe68ZCNAmB897B7dblxVr8EToAZZTvG2RMRkatf3Gf+i2Je7l8
ubgMREzjJLrB4GwCje7+kVJhQdbD+vJwFOM8Oje2JVazbSEvK6bYcLXBpkKjpcTJ
yGiciOlp
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:42:14 2025 by rpki-client