Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/yXHmE-UsS9Ar3GeUbY5tV89VuDY.roa
File: yXHmE-UsS9Ar3GeUbY5tV89VuDY.roa (raw, json)
Hash identifier: alBr/WcHDIz0XgZi56s6DWbKgoqnmjIw0dyZeHPrn3M=
Subject key identifier: C9:71:E6:13:E5:2C:4B:D0:2B:DC:67:94:6D:8E:6D:57:CF:55:B8:36
Certificate issuer: /CN=464dcfa96399716692d245a804887c09da451f8f
Certificate serial: 0194D055B9FB0074F501947C4C90BDA8C1B0
Authority key identifier: 46:4D:CF:A9:63:99:71:66:92:D2:45:A8:04:88:7C:09:DA:45:1F:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rk3PqWOZcWaS0kWoBIh8CdpFH48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/yXHmE-UsS9Ar3GeUbY5tV89VuDY.roa
Signing time: Tue 04 Feb 2025 09:41:06 +0000
ROA not before: Tue 04 Feb 2025 09:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51173
IP address blocks: 37.203.48.0/24 maxlen: 24
37.203.49.0/24 maxlen: 24
37.203.50.0/24 maxlen: 24
37.203.51.0/24 maxlen: 24
37.203.52.0/24 maxlen: 24
37.203.53.0/24 maxlen: 24
37.203.54.0/24 maxlen: 24
89.106.136.0/24 maxlen: 24
89.106.137.0/24 maxlen: 24
89.106.138.0/24 maxlen: 24
89.106.139.0/24 maxlen: 24
89.106.140.0/24 maxlen: 24
89.106.141.0/24 maxlen: 24
89.106.142.0/24 maxlen: 24
89.106.143.0/24 maxlen: 24
185.94.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 13:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:55:b9:fb:00:74:f5:01:94:7c:4c:90:bd:a8:c1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464dcfa96399716692d245a804887c09da451f8f
Validity
Not Before: Feb 4 09:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c971e613e52c4bd02bdc67946d8e6d57cf55b836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ad:4c:ee:dc:1b:03:75:1a:f6:45:3a:b4:16:
f0:97:8b:07:1c:a6:46:9a:2a:b7:71:72:22:4c:4e:
72:c0:2a:43:65:66:d2:52:8d:19:39:56:45:eb:ad:
37:c6:3e:d3:e9:10:a5:f8:a7:7e:6f:da:8d:b0:83:
f2:66:9e:e9:26:03:e3:ff:00:98:d2:83:b4:27:60:
6a:2d:d8:13:52:0a:40:89:02:5e:3a:5e:92:32:20:
f9:02:0d:6e:02:82:0a:21:25:8f:df:0e:d1:9f:40:
09:c3:d5:2b:42:13:cb:d2:bd:dd:82:ea:82:7b:36:
45:f9:02:11:76:c7:0d:5a:93:e1:42:2b:59:30:38:
01:5a:5c:d5:4b:42:67:6e:34:1e:3e:04:ee:72:21:
5c:72:52:1b:62:bf:3c:4a:f8:64:d7:54:e4:96:53:
69:d5:30:f9:23:84:3b:63:7e:70:1e:cc:e5:08:50:
d3:1e:45:39:d9:e0:d1:3a:b1:03:5b:26:6c:45:4e:
ab:0b:6a:27:67:0a:37:76:11:5e:21:10:2e:48:67:
9f:36:37:ac:3b:69:c9:cd:45:33:1f:43:da:db:2a:
09:f1:c9:8c:98:66:da:de:a3:49:a0:56:ab:b3:ad:
06:2d:80:7d:d4:1c:04:b3:7f:4f:de:06:43:65:a3:
66:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:71:E6:13:E5:2C:4B:D0:2B:DC:67:94:6D:8E:6D:57:CF:55:B8:36
X509v3 Authority Key Identifier:
keyid:46:4D:CF:A9:63:99:71:66:92:D2:45:A8:04:88:7C:09:DA:45:1F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rk3PqWOZcWaS0kWoBIh8CdpFH48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/yXHmE-UsS9Ar3GeUbY5tV89VuDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/Rk3PqWOZcWaS0kWoBIh8CdpFH48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.48.0-37.203.54.255
89.106.136.0/21
185.94.46.0/24
Signature Algorithm: sha256WithRSAEncryption
12:61:39:ac:fa:15:70:14:9d:25:0d:ba:0e:a0:2e:42:84:c3:
3e:18:66:b8:4b:20:3c:bb:77:46:9c:ce:82:c3:e9:55:c5:bf:
2c:86:d0:e4:da:f0:ec:b7:db:d2:61:1b:d0:b2:2d:07:06:9b:
1e:76:36:8b:34:88:ab:29:d6:f7:b3:74:16:fd:37:c7:9d:9d:
28:b4:b3:05:c1:b9:fd:fe:e4:91:66:a2:63:3b:dc:5c:fc:7c:
94:d1:6f:71:a1:c9:0f:9a:4a:e2:15:be:60:b5:db:4c:b1:36:
83:cc:b8:b6:35:7a:47:39:5d:f2:c4:36:80:c1:32:2a:15:6e:
39:48:00:d6:8b:fd:a3:f2:dc:8e:2d:40:fd:5a:dc:32:5f:ad:
75:4b:c9:55:67:4e:b5:f4:22:0f:d8:1b:a3:91:31:53:e5:98:
be:6e:7a:4f:83:ab:bb:79:5d:36:91:c4:00:f0:21:d2:bb:77:
ec:cd:85:19:ae:fd:20:68:fb:0f:ae:7a:cc:14:2f:2b:55:33:
4a:22:60:41:33:b5:5d:de:27:71:1e:a2:6f:b7:22:07:24:8c:
bf:3f:90:c8:b8:6f:c9:1c:74:87:4d:79:78:28:bd:a3:5c:e8:
d1:84:bd:e4:0a:c2:6d:21:af:c3:bc:48:58:75:b2:84:b7:09:
1d:f3:c3:5b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZTQVbn7AHT1AZR8TJC9qMGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NGRjZmE5NjM5OTcxNjY5MmQyNDVhODA0ODg3YzA5ZGE0
NTFmOGYwHhcNMjUwMjA0MDk0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTcxZTYxM2U1MmM0YmQwMmJkYzY3OTQ2ZDhlNmQ1N2NmNTViODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK1M7twbA3Ua9kU6tBbwl4sHHKZG
miq3cXIiTE5ywCpDZWbSUo0ZOVZF6603xj7T6RCl+Kd+b9qNsIPyZp7pJgPj/wCY
0oO0J2BqLdgTUgpAiQJeOl6SMiD5Ag1uAoIKISWP3w7Rn0AJw9UrQhPL0r3dguqC
ezZF+QIRdscNWpPhQitZMDgBWlzVS0JnbjQePgTuciFcclIbYr88Svhk11TkllNp
1TD5I4Q7Y35wHszlCFDTHkU52eDROrEDWyZsRU6rC2onZwo3dhFeIRAuSGefNjes
O2nJzUUzH0Pa2yoJ8cmMmGba3qNJoFars60GLYB91BwEs39P3gZDZaNmFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMlx5hPlLEvQK9xnlG2ObVfPVbg2MB8GA1UdIwQY
MBaAFEZNz6ljmXFmktJFqASIfAnaRR+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmszUHFXT1pjV2FTMGtXb0JJaDhDZHBGSDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82YmU1YTYtZWIwZS00NGI0LWI2YTct
YWYxZjM2ODExMDk4LzEveVhIbUUtVXNTOUFyM0dlVWJZNXRWODlWdURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82YmU1YTYtZWIwZS00NGI0LWI2YTctYWYxZjM2ODExMDk4
LzEvUmszUHFXT1pjV2FTMGtXb0JJaDhDZHBGSDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQlyzAD
BAAlyzYDBANZaogDBAC5Xi4wDQYJKoZIhvcNAQELBQADggEBABJhOaz6FXAUnSUN
ug6gLkKEwz4YZrhLIDy7d0aczoLD6VXFvyyG0OTa8Oy329JhG9CyLQcGmx52Nos0
iKsp1vezdBb9N8ednSi0swXBuf3+5JFmomM73Fz8fJTRb3GhyQ+aSuIVvmC120yx
NoPMuLY1ekc5XfLENoDBMioVbjlIANaL/aPy3I4tQP1a3DJfrXVLyVVnTrX0Ig/Y
G6ORMVPlmL5uek+Dq7t5XTaRxADwIdK7d+zNhRmu/SBo+w+ueswULytVM0oiYEEz
tV3eJ3Eeom+3IgckjL8/kMi4b8kcdIdNeXgovaNc6NGEveQKwm0hr8O8SFh1soS3
CR3zw1s=
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:04:22 2025 by rpki-client