Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/YXUOPX6cE9y3-HbqZ5h89vgXW-I.roa
File: YXUOPX6cE9y3-HbqZ5h89vgXW-I.roa (raw, json)
Hash identifier: DlTtGRkkvqAKxGiL8AgLg8RI4pgfHzZz/NQip9y+rHE=
Subject key identifier: 61:75:0E:3D:7E:9C:13:DC:B7:F8:76:EA:67:98:7C:F6:F8:17:5B:E2
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018CC9BB045932443D5D6D999CD3371D1D6A
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/YXUOPX6cE9y3-HbqZ5h89vgXW-I.roa
Signing time: Tue 02 Jan 2024 10:32:05 +0000
ROA not before: Tue 02 Jan 2024 10:32:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211936
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 07:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:04:59:32:44:3d:5d:6d:99:9c:d3:37:1d:1d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 2 10:32:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61750e3d7e9c13dcb7f876ea67987cf6f8175be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0c:68:84:ab:40:03:4c:5c:cb:a6:fc:cd:24:
84:76:89:37:9d:75:da:55:f6:ab:87:96:c6:a0:c5:
ea:32:8a:97:54:51:70:cc:80:9f:e8:7a:00:f6:a8:
a8:c4:ca:10:e5:b3:79:99:ec:1f:12:c8:06:57:9d:
a7:96:54:ed:16:57:86:d8:db:0c:8a:88:72:b1:a7:
3c:73:bb:2a:3b:5f:46:7f:83:eb:73:b4:f7:c4:9d:
e8:7e:d4:65:53:30:c7:6c:4b:03:a9:42:43:d3:a4:
25:36:6e:3a:b0:17:c3:8f:d9:b2:5f:21:51:2d:72:
df:a7:05:48:45:47:0d:0d:8e:b0:49:70:f5:53:44:
7c:49:79:fb:3d:06:01:3a:d0:fe:b5:8f:a5:b4:c1:
44:7e:cc:29:90:cb:3f:3c:05:e0:70:65:50:fe:16:
3f:a8:7e:1e:78:d9:ee:21:6f:5c:39:e0:d6:4c:00:
9b:c0:1b:bc:77:96:6f:c0:1b:f0:3c:7f:31:66:72:
3d:c8:f5:18:d3:18:22:ee:cb:78:34:e2:5f:ae:e7:
79:23:e1:78:60:0c:00:88:a6:91:fc:88:fa:31:78:
28:28:e5:72:85:86:92:fa:0e:63:5e:5b:3d:75:04:
f3:63:11:74:4a:cd:09:89:2a:a9:fe:62:20:3b:09:
dd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:75:0E:3D:7E:9C:13:DC:B7:F8:76:EA:67:98:7C:F6:F8:17:5B:E2
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/YXUOPX6cE9y3-HbqZ5h89vgXW-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
15:6a:91:cd:c8:0f:b5:cb:c1:d4:e8:f1:db:f2:c8:2b:9e:cd:
6d:6b:e7:d9:74:63:cf:6b:96:21:aa:a0:0e:f9:56:8a:88:ba:
26:57:62:66:8a:3b:96:26:07:eb:0c:81:1c:a8:39:0e:91:97:
01:19:80:a3:49:2f:dc:58:59:48:ad:06:0c:3a:70:dd:5f:75:
32:84:8a:48:5f:58:83:11:b2:40:d8:62:bd:86:31:8d:14:26:
47:16:be:78:96:b3:e3:17:b9:bb:fa:78:23:c4:bd:19:51:bc:
16:87:fc:08:09:66:4c:33:fd:88:eb:e9:61:1d:04:8b:29:eb:
0f:c4:5a:12:97:dd:41:ef:e7:09:63:35:e2:33:49:97:7b:61:
0a:1d:6d:7b:3c:c8:c1:29:3c:65:b4:5f:5e:9f:0d:de:1b:fb:
5f:49:25:b6:90:b8:e1:31:cc:09:b9:45:83:09:48:5e:8e:26:
c9:9d:ec:29:13:c0:06:27:fe:cd:d6:08:7d:f5:ab:06:54:cc:
dd:5b:8f:7c:c2:3a:ce:b9:b6:84:b3:f5:33:d7:94:c0:6a:80:
a9:ab:80:40:46:46:07:e5:b6:4b:71:77:26:51:8c:55:9b:f4:
ec:ee:3b:79:47:4b:af:a2:5c:8d:ea:15:81:10:33:32:f3:5d:
10:79:e8:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJuwRZMkQ9XW2ZnNM3HR1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjQwMTAyMTAzMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTc1MGUzZDdlOWMxM2RjYjdmODc2ZWE2Nzk4N2NmNmY4MTc1YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwxohKtAA0xcy6b8zSSEdok3nXXa
Vfarh5bGoMXqMoqXVFFwzICf6HoA9qioxMoQ5bN5mewfEsgGV52nllTtFleG2NsM
iohysac8c7sqO19Gf4Prc7T3xJ3oftRlUzDHbEsDqUJD06QlNm46sBfDj9myXyFR
LXLfpwVIRUcNDY6wSXD1U0R8SXn7PQYBOtD+tY+ltMFEfswpkMs/PAXgcGVQ/hY/
qH4eeNnuIW9cOeDWTACbwBu8d5ZvwBvwPH8xZnI9yPUY0xgi7st4NOJfrud5I+F4
YAwAiKaR/Ij6MXgoKOVyhYaS+g5jXls9dQTzYxF0Ss0JiSqp/mIgOwndGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGF1Dj1+nBPct/h26meYfPb4F1viMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvWVhVT1BYNmNFOXkzLUhicVo1aDg5dmdYVy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3IMA0G
CSqGSIb3DQEBCwUAA4IBAQAVapHNyA+1y8HU6PHb8sgrns1ta+fZdGPPa5YhqqAO
+VaKiLomV2JmijuWJgfrDIEcqDkOkZcBGYCjSS/cWFlIrQYMOnDdX3UyhIpIX1iD
EbJA2GK9hjGNFCZHFr54lrPjF7m7+ngjxL0ZUbwWh/wICWZMM/2I6+lhHQSLKesP
xFoSl91B7+cJYzXiM0mXe2EKHW17PMjBKTxltF9enw3eG/tfSSW2kLjhMcwJuUWD
CUhejibJnewpE8AGJ/7N1gh99asGVMzdW498wjrOubaEs/Uz15TAaoCpq4BARkYH
5bZLcXcmUYxVm/Ts7jt5R0uvolyN6hWBEDMy810Qeejy
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:58 2025 by rpki-client