Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Yw17HeCbVPwYZSVSWRJZqYO85M8.roa
File: Yw17HeCbVPwYZSVSWRJZqYO85M8.roa (raw, json)
Hash identifier: 2q2NS56xMVs7ALPXIUx0f7oSuWj3MM+EO9URwdgysf8=
Subject key identifier: 63:0D:7B:1D:E0:9B:54:FC:18:65:25:52:59:12:59:A9:83:BC:E4:CF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222038389FA0C1F18E4EA5599B701C71
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Yw17HeCbVPwYZSVSWRJZqYO85M8.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200908
IP address blocks: 185.254.156.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
194.41.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 12:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:38:38:9f:a0:c1:f1:8e:4e:a5:59:9b:70:1c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=630d7b1de09b54fc18652552591259a983bce4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:d3:5c:8d:fc:c7:27:67:26:49:88:2b:67:
ee:51:13:52:99:a6:fb:ad:d0:de:a5:a3:2c:0b:b5:
ac:c7:6d:0a:58:b8:94:4a:c9:b1:6e:9a:4e:36:90:
78:c5:5e:23:9d:db:39:82:0b:85:d6:6a:6a:60:2b:
aa:d1:76:01:9b:3d:e6:93:d3:05:53:9a:a7:6d:24:
a5:44:21:eb:68:ed:25:66:8d:6d:93:57:14:98:37:
2a:52:2a:ff:de:f0:dd:40:1d:45:63:f7:a4:60:3d:
f5:03:36:21:4b:b6:b9:dd:f8:56:5f:ca:1b:d4:23:
61:8a:c8:df:68:5e:99:05:5d:42:a3:cb:43:8a:ab:
95:2d:63:dd:e4:12:a0:0c:31:99:99:c5:5d:3b:18:
df:15:3d:5c:a8:7d:cb:0c:21:12:9c:cf:6c:5f:39:
4b:b9:bd:fa:c3:7b:82:32:1e:b7:f0:39:25:f1:4c:
ce:83:28:f4:68:85:10:dc:06:a2:10:07:87:d6:71:
9f:fc:8b:97:7a:82:a7:bb:bc:1b:41:49:f4:18:7a:
cc:cc:8f:22:2b:bd:5c:f4:47:73:f0:94:15:e3:27:
b8:0b:e8:d7:e9:82:b9:b3:0b:60:e4:ec:3c:29:84:
0d:10:1d:bc:58:60:2c:f9:33:90:de:bf:31:85:42:
3f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0D:7B:1D:E0:9B:54:FC:18:65:25:52:59:12:59:A9:83:BC:E4:CF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Yw17HeCbVPwYZSVSWRJZqYO85M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.156.0/24
185.254.158.0/24
194.41.118.0/24
Signature Algorithm: sha256WithRSAEncryption
92:36:3b:21:b6:ff:d3:9c:41:48:ad:45:10:99:36:03:0a:d5:
85:b2:c0:36:c2:08:5c:72:1e:4c:6d:c2:99:e8:dd:2a:b7:31:
13:40:07:98:f6:cc:0f:00:6d:78:0b:5a:17:c1:52:8a:96:a4:
c5:40:2d:0d:3a:91:ec:93:7f:8d:a2:1d:3d:5a:41:a9:03:1c:
ec:eb:87:f9:57:c0:24:23:a9:11:42:02:a8:e4:45:1a:85:2f:
a7:6d:3b:3f:01:0d:26:c0:ad:42:74:ad:6d:ef:6e:4f:a6:b3:
00:cf:ff:ba:3e:06:e4:a8:aa:8e:39:34:8d:96:e8:b9:c4:cc:
de:6f:54:11:a4:ba:6b:5d:29:68:8c:c1:1d:ee:21:81:94:30:
1e:5a:7e:c2:3a:62:93:31:3e:81:b8:91:d4:10:f7:73:ff:a5:
1e:54:f7:3c:66:61:b5:87:c9:71:b7:dc:a8:b6:88:d5:9d:47:
55:d1:62:d1:52:7b:03:33:1c:9b:32:f6:74:7f:ce:ae:c0:83:
1b:29:43:28:fe:57:57:10:2b:4e:69:ae:89:04:63:2e:f1:9e:
63:56:53:8c:e6:b0:6e:29:5f:5b:9a:87:af:d2:17:03:f7:3a:
72:da:72:63:d9:6f:0e:b9:03:4b:c5:07:1f:ec:7c:e2:9c:97:
6f:0b:d7:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiIDg4n6DB8Y5OpVmbcBxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBkN2IxZGUwOWI1NGZjMTg2NTI1NTI1OTEyNTlhOTgzYmNlNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFvTXI38xydnJkmIK2fuURNSmab7
rdDepaMsC7Wsx20KWLiUSsmxbppONpB4xV4jnds5gguF1mpqYCuq0XYBmz3mk9MF
U5qnbSSlRCHraO0lZo1tk1cUmDcqUir/3vDdQB1FY/ekYD31AzYhS7a53fhWX8ob
1CNhisjfaF6ZBV1Co8tDiquVLWPd5BKgDDGZmcVdOxjfFT1cqH3LDCESnM9sXzlL
ub36w3uCMh638Dkl8UzOgyj0aIUQ3AaiEAeH1nGf/IuXeoKnu7wbQUn0GHrMzI8i
K71c9Edz8JQV4ye4C+jX6YK5swtg5Ow8KYQNEB28WGAs+TOQ3r8xhUI/SQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGMNex3gm1T8GGUlUlkSWamDvOTPMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWXcxN0hlQ2JWUHdZWlNWU1dSSlpxWU84NU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuf6cAwQA
uf6eAwQAwil2MA0GCSqGSIb3DQEBCwUAA4IBAQCSNjshtv/TnEFIrUUQmTYDCtWF
ssA2wghcch5MbcKZ6N0qtzETQAeY9swPAG14C1oXwVKKlqTFQC0NOpHsk3+Noh09
WkGpAxzs64f5V8AkI6kRQgKo5EUahS+nbTs/AQ0mwK1CdK1t725PprMAz/+6Pgbk
qKqOOTSNlui5xMzeb1QRpLprXSlojMEd7iGBlDAeWn7COmKTMT6BuJHUEPdz/6Ue
VPc8ZmG1h8lxt9yotojVnUdV0WLRUnsDMxybMvZ0f86uwIMbKUMo/ldXECtOaa6J
BGMu8Z5jVlOM5rBuKV9bmoev0hcD9zpy2nJj2W8OuQNLxQcf7HzinJdvC9cu
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:32:18 2025 by rpki-client