Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YIM2sph5MLlur0wMSVucfzh4Nzk.roa
File: YIM2sph5MLlur0wMSVucfzh4Nzk.roa (raw, json)
Hash identifier: 54rrFN10a+QQk1LXhkhqxh+ur86zcmRulcH0VPNcFnU=
Subject key identifier: 60:83:36:B2:98:79:30:B9:6E:AF:4C:0C:49:5B:9C:7F:38:78:37:39
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6754A02EF58608BE4A9525C3CFCB
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YIM2sph5MLlur0wMSVucfzh4Nzk.roa
Signing time: Thu 02 Jan 2025 09:50:26 +0000
ROA not before: Thu 02 Jan 2025 09:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24810
IP address blocks: 81.22.200.0/21 maxlen: 21
81.22.200.0/24 maxlen: 24
81.22.201.0/24 maxlen: 24
81.22.202.0/24 maxlen: 24
81.22.203.0/24 maxlen: 24
81.22.204.0/24 maxlen: 24
81.22.205.0/24 maxlen: 24
81.22.206.0/24 maxlen: 24
81.22.207.0/24 maxlen: 24
81.22.208.0/24 maxlen: 24
81.22.209.0/24 maxlen: 24
81.22.210.0/24 maxlen: 24
81.22.211.0/24 maxlen: 24
81.22.212.0/24 maxlen: 24
81.22.213.0/24 maxlen: 24
81.22.214.0/24 maxlen: 24
81.22.215.0/24 maxlen: 24
81.23.144.0/24 maxlen: 24
81.23.145.0/24 maxlen: 24
81.23.147.0/24 maxlen: 24
81.23.148.0/24 maxlen: 24
81.23.149.0/24 maxlen: 24
81.23.156.0/24 maxlen: 24
81.23.158.0/24 maxlen: 24
81.23.159.0/24 maxlen: 24
87.117.160.0/24 maxlen: 24
87.117.161.0/24 maxlen: 24
87.117.162.0/24 maxlen: 24
87.117.164.0/24 maxlen: 24
87.117.165.0/24 maxlen: 24
87.117.166.0/24 maxlen: 24
87.117.167.0/24 maxlen: 24
87.117.168.0/24 maxlen: 24
87.117.170.0/24 maxlen: 24
87.117.171.0/24 maxlen: 24
87.117.177.0/24 maxlen: 24
87.117.183.0/24 maxlen: 24
87.117.184.0/24 maxlen: 24
87.117.188.0/24 maxlen: 24
87.117.190.0/24 maxlen: 24
89.248.112.0/24 maxlen: 24
89.248.122.0/24 maxlen: 24
89.248.123.0/24 maxlen: 24
89.248.124.0/24 maxlen: 24
178.20.128.0/21 maxlen: 21
178.20.128.0/24 maxlen: 24
178.20.129.0/24 maxlen: 24
178.20.130.0/24 maxlen: 24
178.20.131.0/24 maxlen: 24
178.20.134.0/24 maxlen: 24
178.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 06:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:67:54:a0:2e:f5:86:08:be:4a:95:25:c3:cf:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=608336b2987930b96eaf4c0c495b9c7f38783739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:79:8c:d6:8f:55:ae:62:0a:ba:ec:2d:0a:cb:
2c:f2:78:a3:9a:64:a0:93:7e:68:ed:f1:68:b3:f2:
b9:97:42:4a:c4:99:e5:b1:a6:b4:d4:ae:59:4e:5f:
76:9b:d5:5f:5f:e4:eb:39:28:94:70:95:83:c2:4e:
9a:5f:57:de:0c:9c:63:29:fd:f4:6e:ad:9d:d0:b0:
d2:fa:8a:eb:60:a8:bf:06:45:18:c1:f8:23:a5:69:
9c:68:c2:50:4a:3a:64:42:33:42:3d:60:24:44:7f:
95:95:ee:e7:c6:96:2a:26:05:b0:b4:56:7f:ff:d4:
91:1d:c9:83:90:de:b0:2c:91:d8:68:3c:bb:ee:96:
53:dc:ee:3e:a9:13:80:01:91:26:c3:5b:70:13:06:
a3:ad:ce:c7:70:82:1f:5a:4f:8a:a3:71:85:26:38:
a7:f7:73:8a:36:04:cc:c4:48:f9:90:16:bc:f2:13:
89:77:38:ec:72:b8:84:be:e3:6a:ae:53:82:54:fb:
78:6d:d4:69:f4:44:80:a5:5b:65:ca:c5:f2:b5:16:
89:52:1b:e8:f7:f0:83:7f:a2:ec:38:01:95:9b:2c:
c0:82:7c:85:e8:86:a4:db:61:78:3c:20:41:d8:6e:
ae:7b:6c:aa:48:37:24:8b:6f:e4:ea:dd:80:ca:ca:
fc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:83:36:B2:98:79:30:B9:6E:AF:4C:0C:49:5B:9C:7F:38:78:37:39
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YIM2sph5MLlur0wMSVucfzh4Nzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.200.0-81.22.215.255
81.23.144.0/23
81.23.147.0-81.23.149.255
81.23.156.0/24
81.23.158.0/23
87.117.160.0-87.117.162.255
87.117.164.0-87.117.168.255
87.117.170.0/23
87.117.177.0/24
87.117.183.0-87.117.184.255
87.117.188.0/24
87.117.190.0/24
89.248.112.0/24
89.248.122.0-89.248.124.255
178.20.128.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:ab:33:ac:cb:c4:dc:aa:08:0c:00:99:f6:6f:75:14:be:10:
7c:81:f5:ad:54:3d:b2:bc:45:fc:bc:95:bd:4f:9c:43:5b:96:
6a:81:19:80:2a:d2:bc:0e:c2:9e:20:c8:c5:84:12:92:44:e2:
f3:ad:71:3b:bd:96:b2:7b:75:25:f3:6d:b0:96:31:a6:7e:bf:
f4:a5:9e:db:30:d2:2a:75:e0:67:b4:c5:2d:3b:12:e1:2e:79:
84:a0:0c:c4:7c:fc:81:b5:9c:72:c7:0b:ea:01:00:c8:24:22:
18:87:27:fe:3d:e7:d9:e0:a8:79:eb:2a:e8:06:8e:ca:9b:41:
6c:13:62:84:ce:a4:5a:fc:f7:a8:39:bd:a6:12:e9:fd:b8:0d:
c9:d9:a3:16:8a:cf:68:f2:75:e3:55:4a:40:d6:50:d7:93:01:
e8:1e:13:e0:8f:37:1b:f7:b7:db:d3:e9:c4:c0:8f:51:3d:c0:
71:dd:79:4b:bd:1d:a8:3a:06:37:78:34:25:2b:72:4d:04:d6:
2a:eb:35:9f:ff:93:7e:80:a1:af:66:39:8a:3e:07:ac:b2:39:
df:29:8f:fc:6c:c7:4c:c9:c7:f1:89:c7:32:b0:fa:3c:27:ae:
22:36:4a:3d:c3:5f:09:de:d9:70:14:8e:5e:47:42:70:90:87:
14:c5:d5:62
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZQmbGdUoC71hgi+SpUlw8/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDgzMzZiMjk4NzkzMGI5NmVhZjRjMGM0OTViOWM3ZjM4NzgzNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33mM1o9VrmIKuuwtCsss8nijmmSg
k35o7fFos/K5l0JKxJnlsaa01K5ZTl92m9VfX+TrOSiUcJWDwk6aX1feDJxjKf30
bq2d0LDS+orrYKi/BkUYwfgjpWmcaMJQSjpkQjNCPWAkRH+Vle7nxpYqJgWwtFZ/
/9SRHcmDkN6wLJHYaDy77pZT3O4+qROAAZEmw1twEwajrc7HcIIfWk+Ko3GFJjin
93OKNgTMxEj5kBa88hOJdzjscriEvuNqrlOCVPt4bdRp9ESApVtlysXytRaJUhvo
9/CDf6LsOAGVmyzAgnyF6Iak22F4PCBB2G6ue2yqSDcki2/k6t2Aysr8wwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFGCDNrKYeTC5bq9MDElbnH84eDc5MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWUlNMnNwaDVNTGx1cjB3TVNWdWNmemg0TnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYowDAME
A1EWyAMEA1EW0AMEAVEXkDAMAwQAUReTAwQBUReUAwQAURecAwQBUReeMAwDBAVX
daADBABXdaIwDAMEAld1pAMEAFd1qAMEAVd1qgMEAFd1sTAMAwQAV3W3AwQAV3W4
AwQAV3W8AwQAV3W+AwQAWfhwMAwDBAFZ+HoDBABZ+HwDBAOyFIAwDQYJKoZIhvcN
AQELBQADggEBAG+rM6zLxNyqCAwAmfZvdRS+EHyB9a1UPbK8Rfy8lb1PnENblmqB
GYAq0rwOwp4gyMWEEpJE4vOtcTu9lrJ7dSXzbbCWMaZ+v/Slntsw0ip14Ge0xS07
EuEueYSgDMR8/IG1nHLHC+oBAMgkIhiHJ/4959ngqHnrKugGjsqbQWwTYoTOpFr8
96g5vaYS6f24DcnZoxaKz2jydeNVSkDWUNeTAegeE+CPNxv3t9vT6cTAj1E9wHHd
eUu9Hag6Bjd4NCUrck0E1irrNZ//k36Aoa9mOYo+B6yyOd8pj/xsx0zJx/GJxzKw
+jwnriI2Sj3DXwne2XAUjl5HQnCQhxTF1WI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:59:32 2025 by rpki-client