Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/yYBVhTkk3G1mgUXY9v7S8p44pME.roa
File: yYBVhTkk3G1mgUXY9v7S8p44pME.roa (raw, json)
Hash identifier: C32dOrAFsAFW//mulPOaSuFGoM6yIRc/LZv4epWu/bM=
Subject key identifier: C9:80:55:85:39:24:DC:6D:66:81:45:D8:F6:FE:D2:F2:9E:38:A4:C1
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 0195413B093C2022D307487158DC0879B9D1
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/yYBVhTkk3G1mgUXY9v7S8p44pME.roa
Signing time: Wed 26 Feb 2025 07:49:02 +0000
ROA not before: Wed 26 Feb 2025 07:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
5.182.47.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.252.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/48 maxlen: 48
2a05:ab80:1::/48 maxlen: 48
2a05:ab80:3::/48 maxlen: 48
2a05:ab80:4::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
2a05:ab80:200::/48 maxlen: 48
2a05:ab80:300::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Feb 2025 07:14:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:3b:09:3c:20:22:d3:07:48:71:58:dc:08:79:b9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Feb 26 07:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c98055853924dc6d668145d8f6fed2f29e38a4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ea:e8:3d:2f:58:04:cc:14:59:6b:0a:bd:fa:
d7:63:7e:47:9b:2e:d3:f0:e4:7a:d0:85:4f:b6:ab:
71:6f:83:ee:2a:8b:3b:06:32:bf:a9:50:aa:5f:6c:
e1:ad:2e:8e:99:da:3e:67:ab:10:c9:29:89:a4:db:
8a:45:6d:fb:44:91:aa:1e:4a:0e:46:72:f3:0d:f6:
9c:9a:86:d8:4a:a5:2c:71:79:9f:ac:61:76:93:86:
9b:b8:2e:01:49:07:75:27:7f:d7:97:3a:b2:f2:ec:
59:81:e4:29:00:31:17:43:a1:0b:6f:b0:d0:62:ee:
9c:53:fd:82:18:ca:41:40:c0:41:e0:88:fc:fb:c2:
3c:13:b0:c6:59:d3:2b:92:39:a5:52:19:46:7f:47:
fa:d7:a4:d8:6b:67:ae:5f:30:d4:45:8d:fe:f3:a1:
c5:6c:70:06:a5:08:61:2c:de:1e:a2:bc:8b:43:8d:
63:c5:2a:83:a1:86:9e:81:40:58:90:9c:57:6f:80:
22:b5:16:46:fe:0c:91:52:cd:97:c8:02:c3:c0:b7:
c3:00:10:87:8c:ee:37:9d:a3:78:62:8b:7f:0f:ba:
ff:30:0f:4e:06:d1:e1:e9:d2:01:f2:f6:c1:3d:8a:
41:c3:6e:8d:35:bc:01:e5:87:53:0c:b7:f1:32:83:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:80:55:85:39:24:DC:6D:66:81:45:D8:F6:FE:D2:F2:9E:38:A4:C1
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/yYBVhTkk3G1mgUXY9v7S8p44pME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0/22
45.159.112.0/22
62.3.42.0/24
85.208.252.0/22
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
IPv6:
2a05:ab80::/47
2a05:ab80:3::-2a05:ab80:4:ffff:ffff:ffff:ffff:ffff
2a05:ab80:100::/48
2a05:ab80:200::/48
2a05:ab80:300::/48
Signature Algorithm: sha256WithRSAEncryption
4f:7f:39:7e:ba:de:6c:a3:11:1a:c6:58:03:29:30:33:12:0b:
82:0b:ec:f3:71:02:c7:19:64:24:42:74:01:d8:6a:a2:0b:20:
e9:4f:d0:ae:b1:3f:13:1f:08:84:55:09:5d:b9:38:c6:6b:77:
80:0c:d5:0e:6e:2c:08:fb:6c:5d:90:fd:4d:bf:6d:6d:55:ff:
09:74:8b:a8:d8:56:99:6b:f4:46:dc:9e:da:f8:cb:74:e6:b2:
2a:e8:ea:cb:b5:a5:e1:31:ae:96:79:4e:26:8e:5f:76:5f:13:
cd:62:94:4d:04:ce:ab:8f:bf:d4:44:b2:e3:b5:15:2b:0b:05:
cd:53:38:f4:95:53:ec:5c:5c:d4:16:5b:f7:32:ad:6a:4c:dc:
c6:38:d8:ab:b5:a3:49:c0:d4:e3:fa:26:ff:c2:53:ef:2b:1c:
59:3f:72:7c:fe:3b:a7:92:bd:dc:16:aa:36:4e:cd:40:93:92:
bc:c7:43:12:5d:58:8f:cf:85:28:89:37:1d:5a:54:8e:d5:d1:
22:f2:e7:91:d4:93:2f:eb:30:6b:a8:e3:61:dc:ff:5f:f0:ca:
de:ad:f6:f4:16:21:44:e5:bc:c9:f4:c5:80:78:8e:c1:21:ee:
59:ef:9f:8b:13:d9:11:b6:c2:21:9e:52:08:c2:3e:80:07:91:
0f:14:95:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZVBOwk8ICLTB0hxWNwIebnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjUwMjI2MDc0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgwNTU4NTM5MjRkYzZkNjY4MTQ1ZDhmNmZlZDJmMjllMzhhNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OroPS9YBMwUWWsKvfrXY35Hmy7T
8OR60IVPtqtxb4PuKos7BjK/qVCqX2zhrS6Omdo+Z6sQySmJpNuKRW37RJGqHkoO
RnLzDfacmobYSqUscXmfrGF2k4abuC4BSQd1J3/Xlzqy8uxZgeQpADEXQ6ELb7DQ
Yu6cU/2CGMpBQMBB4Ij8+8I8E7DGWdMrkjmlUhlGf0f616TYa2euXzDURY3+86HF
bHAGpQhhLN4eoryLQ41jxSqDoYaegUBYkJxXb4AitRZG/gyRUs2XyALDwLfDABCH
jO43naN4Yot/D7r/MA9OBtHh6dIB8vbBPYpBw26NNbwB5YdTDLfxMoPmAQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFMmAVYU5JNxtZoFF2Pb+0vKeOKTBMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEveVlCVmhUa2szRzFtZ1VYWTl2N1M4cDQ0cE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjBQBAIAATBKAwQCBbYs
AwQCLZ9wAwQAPgMqAwQCVdD8AwQCuQQcMAwDBAC5MiUDBAO5MiADBAK5dKADBAK5
1aQDBAK5/1gDBAHBjUADBAHBjX4wPgQCAAIwOAMHASoFq4AAADASAwcAKgWrgAAD
AwcAKgWrgAAEAwcAKgWrgAEAAwcAKgWrgAIAAwcAKgWrgAMAMA0GCSqGSIb3DQEB
CwUAA4IBAQBPfzl+ut5soxEaxlgDKTAzEguCC+zzcQLHGWQkQnQB2GqiCyDpT9Cu
sT8THwiEVQlduTjGa3eADNUObiwI+2xdkP1Nv21tVf8JdIuo2FaZa/RG3J7a+Mt0
5rIq6OrLtaXhMa6WeU4mjl92XxPNYpRNBM6rj7/URLLjtRUrCwXNUzj0lVPsXFzU
Flv3Mq1qTNzGONirtaNJwNTj+ib/wlPvKxxZP3J8/junkr3cFqo2Ts1Ak5K8x0MS
XViPz4UoiTcdWlSO1dEi8ueR1JMv6zBrqONh3P9f8Mrerfb0FiFE5bzJ9MWAeI7B
Ie5Z75+LE9kRtsIhnlIIwj6AB5EPFJXR
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:21 2025 by rpki-client