Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/yZbZmueBnRVe1xy-dL62fc-FphQ.roa
File: yZbZmueBnRVe1xy-dL62fc-FphQ.roa (raw, json)
Hash identifier: Bvw1Qonoy4ZnZRgXgEPP64+EqxJ0GVLEvDlx81r/5II=
Subject key identifier: C9:96:D9:9A:E7:81:9D:15:5E:D7:1C:BE:74:BE:B6:7D:CF:85:A6:14
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0194228DEEF42A4BE2D2258CAE33889305B0
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/yZbZmueBnRVe1xy-dL62fc-FphQ.roa
Signing time: Wed 01 Jan 2025 15:48:34 +0000
ROA not before: Wed 01 Jan 2025 15:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50266
IP address blocks: 31.20.0.0/16 maxlen: 24
31.21.0.0/16 maxlen: 24
31.184.64.0/18 maxlen: 24
31.187.128.0/17 maxlen: 24
62.166.128.0/17 maxlen: 24
62.250.0.0/17 maxlen: 24
62.250.128.0/17 maxlen: 24
81.59.0.0/17 maxlen: 17
82.172.0.0/17 maxlen: 17
82.174.0.0/16 maxlen: 24
85.223.0.0/17 maxlen: 24
87.208.0.0/16 maxlen: 24
87.209.0.0/16 maxlen: 24
87.210.0.0/16 maxlen: 24
87.212.0.0/16 maxlen: 24
92.254.0.0/17 maxlen: 24
94.157.0.0/16 maxlen: 24
95.98.0.0/15 maxlen: 24
95.99.0.0/16 maxlen: 16
143.177.0.0/16 maxlen: 24
143.178.0.0/17 maxlen: 24
143.178.128.0/17 maxlen: 24
143.179.0.0/16 maxlen: 24
178.224.0.0/16 maxlen: 24
178.226.0.0/16 maxlen: 24
188.88.0.0/14 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 10:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ee:f4:2a:4b:e2:d2:25:8c:ae:33:88:93:05:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 1 15:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c996d99ae7819d155ed71cbe74beb67dcf85a614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9c:e5:97:a7:d1:c9:37:74:68:04:23:fc:db:
e9:7d:02:48:14:90:7c:04:23:dd:4b:7b:54:3e:fd:
be:31:43:1b:9a:2f:ec:e8:4e:d6:44:3f:ec:8a:1d:
9e:c4:c1:59:d9:e0:98:b9:a8:a0:05:7c:80:86:87:
56:a0:88:95:fe:0d:54:82:bb:8b:14:28:69:e4:35:
b8:e0:fe:d8:02:2e:48:44:2b:e1:bd:44:a8:ba:9f:
60:b9:93:af:1c:8b:0e:a8:d4:88:d9:b4:6b:7d:dc:
8d:5e:06:60:01:72:75:21:f1:42:98:d9:4e:e6:dd:
8e:48:0f:92:a7:26:24:3a:16:11:32:49:9d:7b:57:
ca:7b:1f:08:0c:4c:7e:33:8e:1b:ca:df:34:74:2a:
35:0c:28:04:8c:45:f9:30:a6:f8:43:00:95:36:c6:
23:cf:c7:82:ad:ce:e3:00:e3:64:e1:cc:e8:ab:45:
4d:47:e0:94:8f:39:0d:fc:14:72:e2:d4:de:5c:db:
69:6b:ba:84:86:e5:91:1b:c9:1f:ba:9f:fb:ba:2e:
c2:19:31:ff:14:f6:60:38:38:48:d2:60:5f:f6:b9:
59:b0:cf:d4:bb:e7:6d:6c:8f:c6:6f:c5:5e:a2:d3:
96:6e:f4:13:54:8a:8d:78:40:9a:fe:8e:32:87:3f:
12:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:96:D9:9A:E7:81:9D:15:5E:D7:1C:BE:74:BE:B6:7D:CF:85:A6:14
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/yZbZmueBnRVe1xy-dL62fc-FphQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.20.0.0/15
31.184.64.0/18
31.187.128.0/17
62.166.128.0/17
62.250.0.0/16
81.59.0.0/17
82.172.0.0/17
82.174.0.0/16
85.223.0.0/17
87.208.0.0-87.210.255.255
87.212.0.0/16
92.254.0.0/17
94.157.0.0/16
95.98.0.0/15
143.177.0.0-143.179.255.255
178.224.0.0/16
178.226.0.0/16
188.88.0.0/14
Signature Algorithm: sha256WithRSAEncryption
67:b8:0e:b8:72:97:ef:7e:fc:57:2b:50:ea:62:3c:1e:6e:3e:
25:14:12:e7:cc:ef:e4:ef:14:dc:0d:73:83:bc:66:ea:fa:fd:
8f:86:13:11:2a:a4:07:ae:27:3a:6c:38:aa:54:52:9c:5b:13:
0f:4f:3b:48:27:ad:b7:65:a8:3f:40:16:e6:54:e3:62:04:6f:
37:74:71:5a:9d:51:1f:d4:38:51:63:ca:62:83:0a:1e:d0:ce:
9a:75:d2:f1:05:b5:bd:f8:11:bd:60:4a:e3:4d:c6:14:62:94:
9a:15:d5:65:c9:cf:22:f8:8f:1f:e1:35:3a:22:47:5e:61:b7:
dc:44:3a:0f:3a:3f:3a:d9:4b:49:8d:4e:c7:3c:41:58:94:48:
dc:68:5e:d9:9a:6e:19:60:32:51:1f:7c:f2:a9:00:08:f1:f0:
7e:59:5e:5c:c9:38:42:54:09:2a:7f:67:3f:7b:dc:64:81:c4:
66:13:a3:f1:1c:2d:56:74:53:76:a3:fa:d7:07:87:7e:e4:18:
62:3d:15:e4:93:1c:35:22:04:c0:f5:3a:e3:1d:0c:aa:71:e8:
a6:59:44:1d:ca:7e:4d:17:a6:1b:71:1b:02:b7:f6:83:52:02:
ff:b4:4f:f1:e8:67:03:c0:61:27:5b:0c:c3:ef:38:a4:ab:0a:
04:1a:f5:f3
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZQije70Kkvi0iWMrjOIkwWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjUwMTAxMTU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk2ZDk5YWU3ODE5ZDE1NWVkNzFjYmU3NGJlYjY3ZGNmODVhNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpzll6fRyTd0aAQj/NvpfQJIFJB8
BCPdS3tUPv2+MUMbmi/s6E7WRD/sih2exMFZ2eCYuaigBXyAhodWoIiV/g1UgruL
FChp5DW44P7YAi5IRCvhvUSoup9guZOvHIsOqNSI2bRrfdyNXgZgAXJ1IfFCmNlO
5t2OSA+SpyYkOhYRMkmde1fKex8IDEx+M44byt80dCo1DCgEjEX5MKb4QwCVNsYj
z8eCrc7jAONk4czoq0VNR+CUjzkN/BRy4tTeXNtpa7qEhuWRG8kfup/7ui7CGTH/
FPZgODhI0mBf9rlZsM/Uu+dtbI/Gb8VeotOWbvQTVIqNeECa/o4yhz8SqQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFMmW2ZrngZ0VXtccvnS+tn3PhaYUMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEveVpiWm11ZUJuUlZlMXh5LWRMNjJmYy1GcGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwdQQCAAEwbwMDAR8UAwQG
H7hAAwQHH7uAAwQHPqaAAwMAPvoDBAdROwADBAdSrAADAwBSrgMEB1XfADAKAwME
V9ADAwBX0gMDAFfUAwQHXP4AAwMAXp0DAwFfYjAKAwMAj7EDAwKPsAMDALLgAwMA
suIDAwK8WDANBgkqhkiG9w0BAQsFAAOCAQEAZ7gOuHKX7378VytQ6mI8Hm4+JRQS
58zv5O8U3A1zg7xm6vr9j4YTESqkB64nOmw4qlRSnFsTD087SCett2WoP0AW5lTj
YgRvN3RxWp1RH9Q4UWPKYoMKHtDOmnXS8QW1vfgRvWBK403GFGKUmhXVZcnPIviP
H+E1OiJHXmG33EQ6Dzo/OtlLSY1OxzxBWJRI3Ghe2ZpuGWAyUR988qkACPHwflle
XMk4QlQJKn9nP3vcZIHEZhOj8RwtVnRTdqP61weHfuQYYj0V5JMcNSIEwPU64x0M
qnHopllEHcp+TRemG3EbArf2g1IC/7RP8ehnA8BhJ1sMw+84pKsKBBr18w==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:23:22 2025 by rpki-client