Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YMPp7WZyr7gWC3JQUnftfJUJWrk.roa
File: YMPp7WZyr7gWC3JQUnftfJUJWrk.roa (raw, json)
Hash identifier: QmI9g/kP/tNAyRaGFu42ZtcTKYwcoQTg67fRxfrKm2E=
Subject key identifier: 60:C3:E9:ED:66:72:AF:B8:16:0B:72:50:52:77:ED:7C:95:09:5A:B9
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194999E27D319DFFBDA7B167600429A3E65
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YMPp7WZyr7gWC3JQUnftfJUJWrk.roa
Signing time: Fri 24 Jan 2025 18:41:06 +0000
ROA not before: Fri 24 Jan 2025 18:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
195.85.71.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sat 25 Jan 2025 06:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:9e:27:d3:19:df:fb:da:7b:16:76:00:42:9a:3e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 24 18:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60c3e9ed6672afb8160b72505277ed7c95095ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b1:2e:75:08:af:4e:9d:48:8f:50:04:4c:ba:
d0:c7:3a:52:7b:44:1c:a0:7b:65:a6:eb:e5:3b:40:
a2:bb:4f:42:ea:0b:2c:ec:c0:de:b2:74:c8:b8:df:
83:a8:0c:02:9a:e2:f4:38:45:bd:be:34:42:30:14:
e8:71:44:b0:53:61:84:98:72:f9:ac:e1:e9:1a:99:
66:62:22:1e:1e:76:b6:de:73:7d:15:a4:02:fc:11:
18:a6:2d:ba:d0:4e:4e:74:6a:02:05:6f:d1:cd:cc:
16:db:f4:41:0d:ed:77:8a:20:7c:e7:84:56:c2:0e:
f4:f8:fe:1d:de:ff:5f:81:7e:b1:e9:34:0d:4f:44:
c8:3d:06:ee:06:3b:d8:c9:8a:9c:07:72:df:78:4b:
57:60:33:e9:3f:d3:9e:2d:28:09:ee:e2:29:b4:d3:
79:e8:17:60:a9:f5:9b:98:a6:c2:0d:df:24:62:b6:
0b:1d:37:74:42:7f:69:30:c8:b7:d5:e8:29:96:66:
7b:e5:d1:82:eb:74:92:b5:4d:a9:c0:da:c6:76:fe:
06:77:b9:0f:81:16:ef:35:d4:79:bd:84:cc:4a:48:
d9:ac:f9:5d:2e:df:70:9b:0f:c0:e6:71:97:9e:11:
57:d4:a3:4c:81:9c:1f:68:9b:51:e6:07:ce:05:de:
36:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C3:E9:ED:66:72:AF:B8:16:0B:72:50:52:77:ED:7C:95:09:5A:B9
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YMPp7WZyr7gWC3JQUnftfJUJWrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.144.100.0/24
185.211.48.0-185.211.50.255
185.227.240.0/24
193.201.208.0/22
194.36.100.0/22
194.124.64.0/22
195.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
81:3b:79:0b:11:d2:92:74:d8:f5:a1:81:63:3b:7d:67:8b:72:
11:fc:9c:9b:6b:ad:7f:37:09:c2:9c:65:08:b5:7c:31:ea:df:
1b:49:cf:7e:d8:90:f1:76:25:f4:04:a9:10:11:b8:e3:0c:72:
0d:57:13:e2:07:8e:7c:b2:85:2c:bc:ae:b1:b6:de:94:27:a4:
86:4c:b8:cf:4f:36:d0:d5:e9:d5:ec:98:2d:80:d6:43:28:56:
87:cd:1b:8d:f9:45:38:41:1a:e5:03:96:fb:1a:0e:9a:98:63:
54:58:7d:b0:a1:f7:4b:54:da:72:81:6c:62:f1:4d:cf:d4:e1:
d2:36:79:88:31:07:00:12:92:9a:9a:23:63:39:4b:cf:38:cb:
70:54:04:19:6d:57:70:91:61:19:eb:d5:e3:fe:9e:f9:a1:8e:
9a:71:08:b6:32:2b:42:b7:26:c7:69:65:ff:97:a9:ba:eb:b5:
0c:81:d8:1e:63:ef:5d:46:b5:94:1f:27:4b:5f:09:6e:32:48:
6c:78:46:3c:95:dc:2e:92:a7:f4:a6:bb:b2:06:6a:c4:fa:85:
a5:de:69:43:86:db:2e:94:11:79:60:00:0f:2b:1a:1a:8a:90:
0a:93:77:21:7a:8a:52:f2:64:d0:e2:24:34:24:40:81:4d:56:
d9:05:4c:53
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZSZnifTGd/72nsWdgBCmj5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTI0MTg0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGMzZTllZDY2NzJhZmI4MTYwYjcyNTA1Mjc3ZWQ3Yzk1MDk1YWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbEudQivTp1Ij1AETLrQxzpSe0Qc
oHtlpuvlO0Ciu09C6gss7MDesnTIuN+DqAwCmuL0OEW9vjRCMBTocUSwU2GEmHL5
rOHpGplmYiIeHna23nN9FaQC/BEYpi260E5OdGoCBW/RzcwW2/RBDe13iiB854RW
wg70+P4d3v9fgX6x6TQNT0TIPQbuBjvYyYqcB3LfeEtXYDPpP9OeLSgJ7uIptNN5
6BdgqfWbmKbCDd8kYrYLHTd0Qn9pMMi31egplmZ75dGC63SStU2pwNrGdv4Gd7kP
gRbvNdR5vYTMSkjZrPldLt9wmw/A5nGXnhFX1KNMgZwfaJtR5gfOBd42bwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGDD6e1mcq+4FgtyUFJ37XyVCVq5MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWU1QcDdXWnlyN2dXQzNKUVVuZnRmSlVKV3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLYgAAwQA
gAB3AwQCuXUUAwQAuZBkMAwDBAS50zADBAC50zIDBAC54/ADBALBydADBALCJGQD
BALCfEADBALDVUQwDQYJKoZIhvcNAQELBQADggEBAIE7eQsR0pJ02PWhgWM7fWeL
chH8nJtrrX83CcKcZQi1fDHq3xtJz37YkPF2JfQEqRARuOMMcg1XE+IHjnyyhSy8
rrG23pQnpIZMuM9PNtDV6dXsmC2A1kMoVofNG435RThBGuUDlvsaDpqYY1RYfbCh
90tU2nKBbGLxTc/U4dI2eYgxBwASkpqaI2M5S884y3BUBBltV3CRYRnr1eP+nvmh
jppxCLYyK0K3JsdpZf+XqbrrtQyB2B5j711GtZQfJ0tfCW4ySGx4RjyV3C6Sp/Sm
u7IGasT6haXeaUOG2y6UEXlgAA8rGhqKkAqTdyF6ilLyZNDiJDQkQIFNVtkFTFM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:22:11 2025 by rpki-client