Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/yTMS9meYsiEWtxD32darsyWqFRM.roa
File: yTMS9meYsiEWtxD32darsyWqFRM.roa (raw, json)
Hash identifier: UCMtQQ8ukrSPrrNULG+2cu6iTLhAfOC4UJV8zj8H28Y=
Subject key identifier: C9:33:12:F6:67:98:B2:21:16:B7:10:F7:D9:D6:AB:B3:25:AA:15:13
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 019735CEC5B629C65DF3C87777BCB25A9D38
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/yTMS9meYsiEWtxD32darsyWqFRM.roa
Signing time: Tue 03 Jun 2025 12:40:32 +0000
ROA not before: Tue 03 Jun 2025 12:40:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214497
IP address blocks: 213.21.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:ce:c5:b6:29:c6:5d:f3:c8:77:77:bc:b2:5a:9d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jun 3 12:40:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c93312f66798b22116b710f7d9d6abb325aa1513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d7:df:0d:ce:00:c2:5f:5d:9c:51:4a:3c:7f:
42:ac:99:24:00:4d:52:65:83:03:14:9f:58:f5:16:
70:1d:72:96:5e:26:cc:a4:4a:b4:e0:d9:43:6b:04:
62:c5:ed:61:33:f2:4c:67:b8:f3:f5:50:73:9e:da:
78:4c:ff:51:90:81:6a:7b:c5:eb:d8:e4:15:a5:7d:
9a:75:d3:a6:cb:54:4a:50:51:54:a6:1d:7c:d6:d6:
f8:81:8c:c9:5c:a2:d1:ea:f1:17:b5:34:dc:67:33:
80:82:39:44:2d:91:e6:89:04:fb:48:2e:b8:18:a1:
c3:f3:de:2f:48:30:2b:df:56:47:ee:cb:cf:33:e6:
35:4e:92:b1:e3:0b:1d:5a:48:db:89:17:1a:ac:fa:
e3:f5:35:be:cf:44:e0:80:85:24:c9:82:f9:64:0a:
82:49:b1:dc:3b:a0:e3:0f:66:e0:fc:a2:d5:c5:69:
72:8e:35:1f:ef:28:ed:60:28:0d:43:dc:aa:21:4d:
54:68:a6:a4:ed:9d:24:ce:9f:6d:64:29:4e:76:69:
d0:bc:84:cf:e8:f1:8a:f6:7f:8c:e4:bc:17:94:ea:
13:1c:a8:d6:40:65:8a:6e:7e:91:56:0f:7e:05:50:
6f:3c:c0:ac:be:62:fd:e3:0f:15:86:49:c6:df:6b:
56:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:33:12:F6:67:98:B2:21:16:B7:10:F7:D9:D6:AB:B3:25:AA:15:13
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/yTMS9meYsiEWtxD32darsyWqFRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.232.0/24
Signature Algorithm: sha256WithRSAEncryption
84:64:0d:a7:43:aa:53:74:4e:6b:96:e9:56:ee:57:58:97:fa:
3a:ae:57:88:27:ca:d0:2f:5e:0e:c3:69:c9:d7:e0:c8:47:0a:
54:a9:48:50:c2:62:5b:b2:b4:d9:90:7c:16:bf:5e:5d:6d:0d:
52:9e:bd:c2:0d:62:51:0f:2c:09:24:c8:92:82:4a:bd:a3:6e:
15:3c:3f:43:75:b1:32:e8:fb:bf:aa:51:46:51:1e:2d:ff:b0:
e3:73:9e:12:f2:22:3f:bd:a3:8e:f3:d3:4c:91:ae:6e:2f:65:
90:da:91:22:18:22:af:f2:e0:47:15:6d:a7:04:d9:3c:b4:3b:
96:96:d9:3d:5d:c9:86:85:e8:c8:0e:bc:df:57:e8:ae:af:4f:
bb:6e:05:70:e3:c1:28:50:1d:21:bf:9c:10:52:70:6a:f3:26:
91:76:51:ef:2a:e1:f7:4b:7b:1e:fa:20:e9:2a:4b:19:58:e7:
2d:ae:93:8e:2c:ea:82:af:04:24:9a:11:ee:5c:f7:32:67:d5:
84:dd:b5:0a:c4:38:d0:f8:4c:e2:cd:df:dd:ce:af:bb:7e:b9:
a6:12:81:7c:d3:03:64:4c:4e:89:8e:cd:2f:04:2f:f8:01:a3:
a9:7f:aa:57:24:ee:d3:73:82:b8:a0:db:24:f6:f4:06:d5:6b:
eb:23:4b:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc1zsW2KcZd88h3d7yyWp04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwNjAzMTI0MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTMzMTJmNjY3OThiMjIxMTZiNzEwZjdkOWQ2YWJiMzI1YWExNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NffDc4Awl9dnFFKPH9CrJkkAE1S
ZYMDFJ9Y9RZwHXKWXibMpEq04NlDawRixe1hM/JMZ7jz9VBzntp4TP9RkIFqe8Xr
2OQVpX2addOmy1RKUFFUph181tb4gYzJXKLR6vEXtTTcZzOAgjlELZHmiQT7SC64
GKHD894vSDAr31ZH7svPM+Y1TpKx4wsdWkjbiRcarPrj9TW+z0TggIUkyYL5ZAqC
SbHcO6DjD2bg/KLVxWlyjjUf7yjtYCgNQ9yqIU1UaKak7Z0kzp9tZClOdmnQvITP
6PGK9n+M5LwXlOoTHKjWQGWKbn6RVg9+BVBvPMCsvmL94w8VhknG32tWqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkzEvZnmLIhFrcQ99nWq7MlqhUTMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEveVRNUzltZVlzaUVXdHhEMzJkYXJzeVdxRlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXoMA0G
CSqGSIb3DQEBCwUAA4IBAQCEZA2nQ6pTdE5rlulW7ldYl/o6rleIJ8rQL14Ow2nJ
1+DIRwpUqUhQwmJbsrTZkHwWv15dbQ1Snr3CDWJRDywJJMiSgkq9o24VPD9DdbEy
6Pu/qlFGUR4t/7Djc54S8iI/vaOO89NMka5uL2WQ2pEiGCKv8uBHFW2nBNk8tDuW
ltk9XcmGhejIDrzfV+iur0+7bgVw48EoUB0hv5wQUnBq8yaRdlHvKuH3S3se+iDp
KksZWOctrpOOLOqCrwQkmhHuXPcyZ9WE3bUKxDjQ+Ezizd/dzq+7frmmEoF80wNk
TE6Jjs0vBC/4AaOpf6pXJO7Tc4K4oNsk9vQG1WvrI0uo
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:49:17 2025 by rpki-client