Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/YX7VLAunMbg2RHpBuhPWQFoQzV0.roa
File: YX7VLAunMbg2RHpBuhPWQFoQzV0.roa (raw, json)
Hash identifier: N1P7PzgqIxcP57wACOj5NptToI4+AGN1bGBxYUxfZSw=
Subject key identifier: 61:7E:D5:2C:0B:A7:31:B8:36:44:7A:41:BA:13:D6:40:5A:10:CD:5D
Certificate issuer: /CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Certificate serial: 01927BC21D0ABE2B64447DCBF626E855D108
Authority key identifier: D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/YX7VLAunMbg2RHpBuhPWQFoQzV0.roa
Signing time: Fri 11 Oct 2024 13:26:11 +0000
ROA not before: Fri 11 Oct 2024 13:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215546
IP address blocks: 185.134.172.0/22 maxlen: 24
193.243.183.0/26 maxlen: 26
2a0d:40c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Oct 2024 19:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:c2:1d:0a:be:2b:64:44:7d:cb:f6:26:e8:55:d1:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Validity
Not Before: Oct 11 13:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=617ed52c0ba731b836447a41ba13d6405a10cd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6f:54:8c:f8:b6:79:5f:ac:e8:b0:1b:25:b4:
7c:a4:a4:79:92:b9:23:a4:3f:07:10:84:4f:e6:bd:
58:90:4e:b8:b8:ff:8f:9a:f2:65:4a:b1:cd:3e:e0:
9b:02:0e:ce:06:34:1b:ae:f4:5f:12:23:42:07:a8:
08:da:5f:d3:ae:c3:01:6a:11:e0:5a:94:44:66:22:
ec:21:00:4a:6e:be:5a:68:22:9b:1a:c0:f0:74:4f:
de:39:ca:d0:0f:89:31:3d:92:b3:73:89:04:03:bb:
25:54:e9:63:52:31:dc:56:f6:c3:56:35:54:bb:56:
6d:6d:5e:7a:78:ff:42:36:ed:f4:35:39:51:60:90:
c8:44:ff:45:e8:0b:58:2b:3f:b5:d2:82:0d:f3:a0:
77:54:95:c5:b3:db:50:d2:69:2a:b4:f6:89:6b:48:
ed:f6:c1:eb:b5:80:a5:a6:bc:2a:d9:dd:5d:da:53:
53:b6:51:8a:64:91:21:fd:73:a0:e1:e1:dd:ff:fa:
40:29:9b:49:6b:b9:2e:d2:d7:bf:b5:9f:ca:d1:57:
9b:5d:1f:6b:61:98:c3:e3:ab:29:7d:3c:ec:de:61:
d4:9b:32:17:0a:5f:c7:cc:ee:9b:64:49:95:da:a1:
74:1a:9b:ee:3c:76:0c:74:09:30:86:d8:bd:75:94:
e8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:7E:D5:2C:0B:A7:31:B8:36:44:7A:41:BA:13:D6:40:5A:10:CD:5D
X509v3 Authority Key Identifier:
keyid:D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/YX7VLAunMbg2RHpBuhPWQFoQzV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.172.0/22
193.243.183.0/26
IPv6:
2a0d:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:48:97:cc:83:c0:70:30:3d:73:28:f1:4a:8e:da:e0:f3:41:
d0:42:89:03:0b:23:bb:ad:69:ce:4f:47:76:8b:30:dc:ac:6a:
4e:3d:42:7d:61:1a:7f:bd:f8:42:6c:e4:f1:e8:53:e2:68:f9:
2a:4f:3f:4c:f0:5f:88:87:8d:68:59:fa:55:72:ee:1b:22:d8:
ac:cb:7f:f0:ea:38:ad:14:f0:63:97:da:52:95:39:bd:b6:5b:
df:e1:b4:f4:2b:2c:b7:c3:23:15:41:b5:61:e6:7e:ac:1a:a4:
76:56:84:5b:33:42:64:04:12:04:8e:04:cb:cd:c0:0b:47:9f:
41:12:2c:4e:85:9f:33:f4:84:e5:21:16:de:03:99:d2:89:ef:
96:3b:cf:77:ed:0b:97:51:56:b9:3f:b2:6d:46:2e:50:52:61:
74:25:df:6b:87:66:3c:9d:7b:d6:0c:81:09:ed:2b:a0:38:20:
f0:d8:ed:a1:fe:34:8d:76:34:82:7d:ba:0e:57:e5:ef:78:e1:
10:50:63:86:47:25:83:f0:42:80:1b:f1:3b:73:32:f9:84:d7:
29:25:8e:eb:db:0a:b3:7e:54:42:c6:8b:a1:25:2f:7f:b8:80:
15:bd:17:29:dd:61:40:39:a4:06:8e:c1:2b:1f:50:66:38:38:
eb:8f:f3:f8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZJ7wh0KvitkRH3L9iboVdEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODljYjcxODkxYzZkOTRiZDllNmYxNGYxNmU3ZTM3YzJj
NzI4YmYwHhcNMjQxMDExMTMyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTdlZDUyYzBiYTczMWI4MzY0NDdhNDFiYTEzZDY0MDVhMTBjZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW9UjPi2eV+s6LAbJbR8pKR5krkj
pD8HEIRP5r1YkE64uP+PmvJlSrHNPuCbAg7OBjQbrvRfEiNCB6gI2l/TrsMBahHg
WpREZiLsIQBKbr5aaCKbGsDwdE/eOcrQD4kxPZKzc4kEA7slVOljUjHcVvbDVjVU
u1ZtbV56eP9CNu30NTlRYJDIRP9F6AtYKz+10oIN86B3VJXFs9tQ0mkqtPaJa0jt
9sHrtYClprwq2d1d2lNTtlGKZJEh/XOg4eHd//pAKZtJa7ku0te/tZ/K0VebXR9r
YZjD46spfTzs3mHUmzIXCl/HzO6bZEmV2qF0GpvuPHYMdAkwhti9dZToowIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGF+1SwLpzG4NkR6QboT1kBaEM1dMB8GA1UdIwQY
MBaAFNaJy3GJHG2UvZ5vFPFufjfCxyi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0Yjgt
ODI0ZmZjNjk0MmY0LzEvWVg3VkxBdW5NYmcyUkhwQnVoUFdRRm9RelYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0YjgtODI0ZmZjNjk0MmY0
LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANAwQCuYasAwUG
wfO3ADANBAIAAjAHAwUAKg1AwDANBgkqhkiG9w0BAQsFAAOCAQEAr0iXzIPAcDA9
cyjxSo7a4PNB0EKJAwsju61pzk9Hdosw3KxqTj1CfWEaf734Qmzk8ehT4mj5Kk8/
TPBfiIeNaFn6VXLuGyLYrMt/8Oo4rRTwY5faUpU5vbZb3+G09Csst8MjFUG1YeZ+
rBqkdlaEWzNCZAQSBI4Ey83AC0efQRIsToWfM/SE5SEW3gOZ0onvljvPd+0Ll1FW
uT+ybUYuUFJhdCXfa4dmPJ171gyBCe0roDgg8Njtof40jXY0gn26Dlfl73jhEFBj
hkclg/BCgBvxO3My+YTXKSWO69sKs35UQsaLoSUvf7iAFb0XKd1hQDmkBo7BKx9Q
Zjg464/z+A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:36:00 2025 by rpki-client