Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/YSxLmvkw9XAzCelr5jlyO2jrdvU.roa
File: YSxLmvkw9XAzCelr5jlyO2jrdvU.roa (raw, json)
Hash identifier: Obowmcv+dT5y2h+iLp3TE3Twphnw4+aiHFWcinkIsYA=
Subject key identifier: 61:2C:4B:9A:F9:30:F5:70:33:09:E9:6B:E6:39:72:3B:68:EB:76:F5
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 019427B5A069D9A3A0BF4B82E06D68F64F7C
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/YSxLmvkw9XAzCelr5jlyO2jrdvU.roa
Signing time: Thu 02 Jan 2025 15:50:02 +0000
ROA not before: Thu 02 Jan 2025 15:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42894
IP address blocks: 131.237.0.0/16 maxlen: 24
145.31.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
145.50.0.0/16 maxlen: 24
194.104.116.0/22 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Jan 2025 14:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a0:69:d9:a3:a0:bf:4b:82:e0:6d:68:f6:4f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 15:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=612c4b9af930f5703309e96be639723b68eb76f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c9:65:5b:a3:c2:23:54:fb:c9:0d:de:8f:08:
91:d0:c9:20:d0:5b:b0:e0:55:a7:eb:6a:ac:de:67:
6a:97:f5:2d:63:06:55:72:6c:6a:69:d1:1a:ba:4e:
07:22:b0:13:60:68:b4:7b:3a:54:c2:77:4e:33:52:
48:0e:04:80:94:b2:3f:c2:ec:50:27:e1:1b:2c:f2:
77:70:dd:d1:fa:1d:e4:b5:d1:1e:4d:6e:7f:2f:05:
8d:a8:ea:6e:1a:e1:0a:c6:0f:ee:c2:9c:03:76:b7:
d2:1c:54:1a:bf:4f:0e:2f:67:6b:d5:6f:b4:e4:50:
5f:17:5e:21:bb:68:9b:e1:94:4f:bb:e1:f0:45:b7:
03:50:57:7d:d3:a6:d0:9d:25:8a:ea:44:18:13:36:
de:02:84:b7:72:2f:d4:9b:35:af:cf:30:eb:f9:4c:
56:09:ca:c4:16:20:9e:f8:e2:5c:dc:7a:40:a7:b0:
6b:d7:0d:f2:8c:ea:ea:2c:29:a3:7d:98:5a:2f:40:
6f:92:89:17:ce:33:34:79:e5:de:98:48:d9:e0:36:
a1:fc:99:0d:e2:c8:9a:35:05:d7:6f:dc:ea:d4:ed:
4a:e8:28:10:0c:55:32:6c:1f:fe:32:cc:17:17:68:
aa:26:84:fd:4c:93:59:75:2e:90:6f:e0:89:e8:69:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2C:4B:9A:F9:30:F5:70:33:09:E9:6B:E6:39:72:3B:68:EB:76:F5
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/YSxLmvkw9XAzCelr5jlyO2jrdvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
0b:73:c4:0d:20:94:87:0c:c4:af:15:7e:ae:e7:26:64:b0:e2:
e9:ae:87:9f:00:21:b7:17:17:bb:83:31:26:dd:52:5d:85:fc:
b9:1c:e8:df:a4:2c:df:54:45:ea:6e:1c:79:a8:6b:98:0e:1b:
18:47:04:17:1a:19:2d:80:81:eb:05:64:d0:12:5c:55:1e:66:
e3:eb:c8:d0:e2:17:a6:57:42:31:58:c8:9b:63:06:69:a8:2a:
3e:98:d9:de:79:30:2f:eb:76:4f:fe:d5:cc:88:66:26:24:2c:
b3:56:20:a6:c9:66:16:00:0f:f8:8a:3c:be:2e:7c:a7:1d:53:
88:4c:08:ff:0f:49:10:9f:31:28:e7:db:5c:c1:cf:ed:f6:3e:
6f:0a:b9:33:ef:29:db:f7:35:ea:8a:35:64:2a:d6:83:6f:af:
4a:56:76:7d:0b:93:d8:51:06:8c:65:23:77:31:92:6c:24:aa:
98:b1:96:41:66:14:31:a9:62:b0:34:ae:3e:a5:7d:b6:e9:c1:
38:de:8e:89:a2:b4:e7:c3:33:15:7a:e1:01:39:51:ed:d4:af:
fc:43:a7:02:b3:f5:7f:28:d2:99:1f:66:60:a8:74:a6:23:1e:
45:95:94:a6:77:79:ec:17:73:ba:ce:d3:47:ac:b3:a4:67:b6:
e2:41:5b:55
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQntaBp2aOgv0uC4G1o9k98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjUwMTAyMTU1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTJjNGI5YWY5MzBmNTcwMzMwOWU5NmJlNjM5NzIzYjY4ZWI3NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cllW6PCI1T7yQ3ejwiR0Mkg0Fuw
4FWn62qs3mdql/UtYwZVcmxqadEauk4HIrATYGi0ezpUwndOM1JIDgSAlLI/wuxQ
J+EbLPJ3cN3R+h3ktdEeTW5/LwWNqOpuGuEKxg/uwpwDdrfSHFQav08OL2dr1W+0
5FBfF14hu2ib4ZRPu+HwRbcDUFd906bQnSWK6kQYEzbeAoS3ci/UmzWvzzDr+UxW
CcrEFiCe+OJc3HpAp7Br1w3yjOrqLCmjfZhaL0BvkokXzjM0eeXemEjZ4Dah/JkN
4siaNQXXb9zq1O1K6CgQDFUybB/+MswXF2iqJoT9TJNZdS6Qb+CJ6GkExwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGEsS5r5MPVwMwnpa+Y5cjto63b1MB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvWVN4TG12a3c5WEF6Q2VscjVqbHlPMmpyZHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQALc8QNIJSHDMSvFX6u5yZksOLproefACG3Fxe7gzEm3VJdhfy5HOjfpCzf
VEXqbhx5qGuYDhsYRwQXGhktgIHrBWTQElxVHmbj68jQ4hemV0IxWMibYwZpqCo+
mNneeTAv63ZP/tXMiGYmJCyzViCmyWYWAA/4ijy+LnynHVOITAj/D0kQnzEo59tc
wc/t9j5vCrkz7ynb9zXqijVkKtaDb69KVnZ9C5PYUQaMZSN3MZJsJKqYsZZBZhQx
qWKwNK4+pX226cE43o6JorTnwzMVeuEBOVHt1K/8Q6cCs/V/KNKZH2ZgqHSmIx5F
lZSmd3nsF3O6ztNHrLOkZ7biQVtV
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:47:50 2025 by rpki-client