Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ycI9LJiW-8f4tiHHC-6MSfHzoTI.roa
File: ycI9LJiW-8f4tiHHC-6MSfHzoTI.roa (raw, json)
Hash identifier: umlHYin9asb7Q259tD7/DPW6jZ6gDz1db6iZe4VmN1g=
Subject key identifier: C9:C2:3D:2C:98:96:FB:C7:F8:B6:21:C7:0B:EE:8C:49:F1:F3:A1:32
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192667EF5813B4CF5482B9B456404EE5565
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ycI9LJiW-8f4tiHHC-6MSfHzoTI.roa
Signing time: Mon 07 Oct 2024 10:20:49 +0000
ROA not before: Mon 07 Oct 2024 10:20:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 193.124.44.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:7e:f5:81:3b:4c:f5:48:2b:9b:45:64:04:ee:55:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 7 10:20:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9c23d2c9896fbc7f8b621c70bee8c49f1f3a132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:9a:ab:1c:ac:f0:6f:6f:49:d3:9e:5f:f6:
5f:66:9d:30:d0:48:a6:7e:70:42:88:ee:30:92:31:
05:b9:04:65:94:2c:53:40:e9:16:aa:1b:4c:11:a8:
ee:10:82:99:23:1d:37:96:03:a2:ba:30:f4:64:75:
d9:25:1d:40:b5:03:c3:3b:54:29:ef:5b:31:85:93:
0b:25:dc:ce:43:71:dd:93:73:75:e1:b0:50:f0:7a:
63:63:d0:5e:be:48:56:b3:2e:35:fb:9a:a3:b8:0a:
da:44:06:fb:f9:de:a2:e2:81:09:81:54:cd:72:0f:
23:07:23:c8:1f:44:37:0d:b2:32:0b:22:40:9d:94:
f1:42:7e:37:a8:ae:4c:3a:1a:e3:ed:21:2b:66:89:
67:81:47:cf:25:8e:e5:2f:1d:0a:25:34:1f:60:4b:
d0:13:ec:5a:a1:d7:f9:f9:00:7c:fd:f3:34:a0:90:
de:9d:af:cb:fc:df:cc:07:2f:f0:46:95:1b:88:3e:
76:89:42:e5:56:1a:e8:a6:1c:4e:f3:19:14:34:ee:
72:da:1b:ae:b9:8b:a6:f7:a0:1a:36:44:a5:02:e9:
a5:21:32:1c:48:1a:2f:36:88:c7:44:de:6d:51:82:
65:ed:82:20:14:aa:73:28:4d:41:12:bf:f2:93:e7:
ce:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C2:3D:2C:98:96:FB:C7:F8:B6:21:C7:0B:EE:8C:49:F1:F3:A1:32
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ycI9LJiW-8f4tiHHC-6MSfHzoTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.37.0/24
195.133.17.0/24
Signature Algorithm: sha256WithRSAEncryption
79:91:76:6a:0c:f4:0e:42:d2:b0:8c:b5:e3:93:47:eb:a7:fd:
be:df:8b:5d:20:e9:59:42:f4:6c:e3:e0:5b:04:55:8b:f9:df:
25:28:f2:1c:19:87:3f:50:94:a2:d7:a4:1a:e2:51:93:8f:57:
26:da:3a:fa:08:1f:d4:53:01:4b:bf:ee:6d:50:09:d3:09:74:
a0:1f:c1:f9:24:7b:33:f3:af:37:8c:aa:cb:fb:4b:ef:4d:3b:
b1:67:4d:1c:e7:f0:08:61:4c:96:d7:1c:37:a5:63:7b:7b:61:
43:4f:24:d2:aa:17:24:9c:b6:f6:1b:af:86:2f:67:fd:3b:70:
d1:37:6b:91:b6:ea:b9:3a:54:cb:4e:3c:f1:f4:06:d5:49:a0:
fd:15:b0:39:c3:44:11:3f:60:a5:b5:c2:da:0a:6d:3d:57:6f:
ba:24:7a:52:35:31:74:d9:0b:47:91:94:d1:83:c2:d9:32:1e:
93:c6:97:d3:86:e0:63:49:68:58:37:1b:4e:97:46:e5:aa:91:
38:bb:36:4c:75:02:6a:6b:0a:05:2d:c8:a3:05:2f:62:82:6c:
fa:14:40:ef:91:75:04:ed:d7:28:d4:3b:21:e6:e5:c2:5d:2d:
8c:25:99:8a:f2:8d:5d:6c:cd:15:cc:fb:e7:80:7e:58:07:f3:
7c:cc:29:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJmfvWBO0z1SCubRWQE7lVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDA3MTAyMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWMyM2QyYzk4OTZmYmM3ZjhiNjIxYzcwYmVlOGM0OWYxZjNhMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2iaqxys8G9vSdOeX/ZfZp0w0Eim
fnBCiO4wkjEFuQRllCxTQOkWqhtMEajuEIKZIx03lgOiujD0ZHXZJR1AtQPDO1Qp
71sxhZMLJdzOQ3Hdk3N14bBQ8HpjY9BevkhWsy41+5qjuAraRAb7+d6i4oEJgVTN
cg8jByPIH0Q3DbIyCyJAnZTxQn43qK5MOhrj7SErZolngUfPJY7lLx0KJTQfYEvQ
E+xaodf5+QB8/fM0oJDena/L/N/MBy/wRpUbiD52iULlVhrophxO8xkUNO5y2huu
uYum96AaNkSlAumlITIcSBovNojHRN5tUYJl7YIgFKpzKE1BEr/yk+fOpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMnCPSyYlvvH+LYhxwvujEnx86EyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWNJOUxKaVctOGY0dGlISEMtNk1TZkh6b1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwsAwQA
wlclAwQAw4URMA0GCSqGSIb3DQEBCwUAA4IBAQB5kXZqDPQOQtKwjLXjk0frp/2+
34tdIOlZQvRs4+BbBFWL+d8lKPIcGYc/UJSi16Qa4lGTj1cm2jr6CB/UUwFLv+5t
UAnTCXSgH8H5JHsz8683jKrL+0vvTTuxZ00c5/AIYUyW1xw3pWN7e2FDTyTSqhck
nLb2G6+GL2f9O3DRN2uRtuq5OlTLTjzx9AbVSaD9FbA5w0QRP2CltcLaCm09V2+6
JHpSNTF02QtHkZTRg8LZMh6TxpfThuBjSWhYNxtOl0blqpE4uzZMdQJqawoFLcij
BS9igmz6FEDvkXUE7dco1Dsh5uXCXS2MJZmK8o1dbM0VzPvngH5YB/N8zCkg
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:12:23 2025 by rpki-client