Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/YI01qIFpkk-Yfcpf8lgn6Wb1pOk.roa
File: YI01qIFpkk-Yfcpf8lgn6Wb1pOk.roa (raw, json)
Hash identifier: aUUH3CFEr0HHVtBErsY4JXnW3lygjxa4giYybu9Fe2s=
Subject key identifier: 60:8D:35:A8:81:69:92:4F:98:7D:CA:5F:F2:58:27:E9:66:F5:A4:E9
Certificate issuer: /CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Certificate serial: 018CCA2B23054751AC81BB25095FEF21A741
Authority key identifier: 68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/YI01qIFpkk-Yfcpf8lgn6Wb1pOk.roa
Signing time: Tue 02 Jan 2024 12:34:33 +0000
ROA not before: Tue 02 Jan 2024 12:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211274
IP address blocks: 193.56.11.0/24 maxlen: 24
2a0b:4740::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:23:05:47:51:ac:81:bb:25:09:5f:ef:21:a7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Validity
Not Before: Jan 2 12:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=608d35a88169924f987dca5ff25827e966f5a4e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:94:2e:df:2d:50:bc:b8:41:55:ee:78:09:a7:
b4:c9:45:e8:37:e3:4e:e1:3f:c6:d7:41:34:fe:80:
a2:06:d3:ff:42:34:12:19:32:f8:79:8c:51:1e:41:
43:d4:52:6f:b4:6f:b4:14:d6:01:aa:03:e5:9c:0f:
b7:ac:41:6e:b3:00:d5:31:1d:5b:bd:73:79:57:9d:
63:6b:95:ec:b1:11:9f:9f:12:4a:dd:d6:be:00:ce:
94:fc:c0:97:b1:37:ac:80:ad:b1:9f:e0:e0:dc:d6:
a7:cf:00:11:04:4b:36:00:e4:33:f0:56:40:51:a0:
3e:76:82:30:40:61:bf:2a:05:36:f9:cf:7a:9e:b4:
85:88:d5:bd:d8:9e:87:3e:6a:8a:b5:8c:3f:d5:90:
ef:94:98:d5:a1:8f:c3:10:53:c3:63:0e:fe:0a:1f:
a4:9d:da:42:1c:fa:b6:30:ee:09:55:69:d9:44:38:
de:91:09:4f:84:3f:0a:a8:d6:fc:ca:5f:58:26:7c:
77:14:2a:0c:49:25:03:85:90:15:ff:60:aa:41:fb:
34:dc:05:40:46:18:f0:9e:23:47:69:a6:2a:b5:48:
d5:6b:02:22:fe:eb:54:d2:cc:f1:10:b3:36:8f:83:
b2:5b:3f:2c:d3:13:aa:13:7c:e0:a3:c2:13:b3:73:
a7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8D:35:A8:81:69:92:4F:98:7D:CA:5F:F2:58:27:E9:66:F5:A4:E9
X509v3 Authority Key Identifier:
keyid:68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/YI01qIFpkk-Yfcpf8lgn6Wb1pOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.11.0/24
IPv6:
2a0b:4740::/29
Signature Algorithm: sha256WithRSAEncryption
15:cf:41:cb:94:b7:c2:1b:25:68:b2:cb:52:aa:f6:f4:90:a5:
91:d7:ee:ec:d2:ef:3e:25:7e:d6:04:2a:bf:c3:d3:f0:06:51:
ea:ef:2d:fc:f9:e2:42:bb:79:fb:11:6b:ae:b8:a4:87:1d:83:
6f:82:92:18:10:4a:cb:a2:5e:ce:b7:9f:4b:f1:e7:36:69:6c:
75:89:1c:7f:9b:3b:98:f6:44:49:93:4b:46:6a:e8:78:8c:5f:
c9:33:c7:19:1a:4d:8c:71:70:d6:59:0a:ad:f8:a0:9f:bc:28:
03:a2:9a:0b:72:56:37:af:b6:3b:56:01:9b:10:02:ff:84:6d:
26:d0:33:13:ab:29:f9:7f:38:2d:80:ad:aa:bb:9b:c4:f6:19:
a2:d0:ad:7a:8c:ce:18:bd:fd:06:37:b5:f7:01:33:4d:32:63:
01:bc:3c:47:f2:43:40:cb:ad:71:19:59:41:e5:b6:67:44:fe:
38:22:28:81:a1:07:eb:4a:79:62:f3:71:51:8b:d5:f6:0f:c2:
cd:8b:85:18:21:97:ca:bb:b5:eb:3d:b7:aa:47:cf:64:62:ca:
d7:7b:ee:4e:e0:17:6f:9a:2f:78:8f:23:36:a3:57:a4:d1:72:
15:84:1d:ad:76:9f:a7:4b:1f:23:fe:6a:20:82:2d:ed:e3:10:
96:89:4c:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKyMFR1GsgbslCV/vIadBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDE3ZGE4YWE0ZmUwYjhjZmYxODg0MTJlZWRkYTYzY2Jk
Y2Y5OTYwHhcNMjQwMTAyMTIzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhkMzVhODgxNjk5MjRmOTg3ZGNhNWZmMjU4MjdlOTY2ZjVhNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZQu3y1QvLhBVe54Cae0yUXoN+NO
4T/G10E0/oCiBtP/QjQSGTL4eYxRHkFD1FJvtG+0FNYBqgPlnA+3rEFuswDVMR1b
vXN5V51ja5XssRGfnxJK3da+AM6U/MCXsTesgK2xn+Dg3NanzwARBEs2AOQz8FZA
UaA+doIwQGG/KgU2+c96nrSFiNW92J6HPmqKtYw/1ZDvlJjVoY/DEFPDYw7+Ch+k
ndpCHPq2MO4JVWnZRDjekQlPhD8KqNb8yl9YJnx3FCoMSSUDhZAV/2CqQfs03AVA
RhjwniNHaaYqtUjVawIi/utU0szxELM2j4OyWz8s0xOqE3zgo8ITs3OnMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGCNNaiBaZJPmH3KX/JYJ+lm9aTpMB8GA1UdIwQY
MBaAFGhBfaiqT+C4z/GIQS7t2mPL3PmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYt
NGQ1MzdjZjAxODA5LzEvWUkwMXFJRnBray1ZZmNwZjhsZ242V2IxcE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYtNGQ1MzdjZjAxODA5
LzEvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTgLMA0E
AgACMAcDBQMqC0dAMA0GCSqGSIb3DQEBCwUAA4IBAQAVz0HLlLfCGyVosstSqvb0
kKWR1+7s0u8+JX7WBCq/w9PwBlHq7y38+eJCu3n7EWuuuKSHHYNvgpIYEErLol7O
t59L8ec2aWx1iRx/mzuY9kRJk0tGauh4jF/JM8cZGk2McXDWWQqt+KCfvCgDopoL
clY3r7Y7VgGbEAL/hG0m0DMTqyn5fzgtgK2qu5vE9hmi0K16jM4Yvf0GN7X3ATNN
MmMBvDxH8kNAy61xGVlB5bZnRP44IiiBoQfrSnli83FRi9X2D8LNi4UYIZfKu7Xr
PbeqR89kYsrXe+5O4Bdvmi94jyM2o1ek0XIVhB2tdp+nSx8j/moggi3t4xCWiUwt
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:04 2025 by rpki-client