Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/0Y0A4emIM6rWgATZQpMrou_6gxs.roa
File: 0Y0A4emIM6rWgATZQpMrou_6gxs.roa (raw, json)
Hash identifier: r30ApEU7sbWCn86PE06YJoDoz7IYR3g8HlaoSDOpQhA=
Subject key identifier: D1:8D:00:E1:E9:88:33:AA:D6:80:04:D9:42:93:2B:A2:EF:FA:83:1B
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0194EEFF5D84D08A80A12FFA86C111BA1E72
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/0Y0A4emIM6rWgATZQpMrou_6gxs.roa
Signing time: Mon 10 Feb 2025 08:35:00 +0000
ROA not before: Mon 10 Feb 2025 08:35:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59532
IP address blocks: 81.181.251.0/24 maxlen: 24
217.156.121.0/24 maxlen: 24
217.156.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 11:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:ff:5d:84:d0:8a:80:a1:2f:fa:86:c1:11:ba:1e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 10 08:35:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d18d00e1e98833aad68004d942932ba2effa831b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c7:6f:45:41:9d:c0:2b:fb:f9:94:d1:83:55:
ce:67:93:00:5e:f5:fa:12:47:81:79:4f:5f:70:e5:
90:73:9c:ff:52:08:f4:f0:cf:c2:31:4c:50:c5:a2:
1f:4a:4e:98:fe:35:1e:ae:84:6e:4d:82:aa:5b:80:
31:34:10:90:35:05:29:22:89:e6:80:41:90:c9:31:
a2:a3:dc:f5:3e:f2:ad:9f:d2:0a:18:a0:41:ce:f9:
5a:26:89:ca:98:a3:17:5d:db:0e:3e:7c:07:2a:43:
10:a7:bf:b5:2f:0d:cb:26:21:93:d0:b9:10:28:5b:
6f:3e:94:0e:aa:e1:aa:04:ce:6d:41:c2:73:92:0e:
7f:42:ef:66:73:5d:24:40:84:12:42:8d:06:e1:f8:
22:79:e3:13:b1:7e:0c:37:74:57:ca:c6:bb:e9:b3:
8e:75:44:22:d1:79:48:17:11:b8:f5:8f:8f:7f:6f:
49:f5:be:33:28:ed:59:33:1f:6c:1a:0e:ca:31:3e:
a4:df:51:41:ac:a2:11:2e:70:6d:18:34:a5:64:f3:
bb:04:98:31:e1:2f:7e:cd:f9:67:c1:a6:f8:2a:8a:
b4:9f:77:06:01:ca:12:ab:e2:c7:6f:9d:d3:04:65:
38:2f:14:ab:e6:56:42:3a:47:fd:7c:5e:b3:16:8e:
8b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8D:00:E1:E9:88:33:AA:D6:80:04:D9:42:93:2B:A2:EF:FA:83:1B
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/0Y0A4emIM6rWgATZQpMrou_6gxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.181.251.0/24
217.156.121.0/24
217.156.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:68:dd:3c:a2:4a:27:5a:1d:45:51:c8:95:f9:f5:00:c2:0e:
fc:eb:fd:bd:88:a3:ed:70:b4:b6:c9:8b:5e:af:38:eb:8b:3a:
47:03:fa:8a:7a:e6:37:d1:76:c1:ef:c0:07:03:5e:d0:71:9b:
17:82:4d:40:e8:f4:d4:ea:01:0b:f1:20:bc:c9:65:5f:77:38:
d0:da:33:7e:e7:b4:a6:53:98:b8:6f:d1:0b:4b:d6:01:88:8a:
eb:ee:7b:a5:c9:a1:7a:40:2b:59:df:b6:8f:a5:57:a9:29:b4:
26:11:aa:94:dd:b2:f2:5f:2f:e6:ba:47:74:63:9c:16:03:eb:
4c:6e:9a:d9:66:15:4b:66:4f:33:67:d4:20:6b:d6:1e:5b:6c:
d0:99:c3:59:d2:29:47:1b:41:03:38:9d:75:c0:49:c4:2a:da:
b5:28:bb:e9:65:f2:a7:25:86:86:27:e1:7c:c9:1c:57:0e:2d:
40:91:a1:bc:34:d7:e8:7c:34:20:66:ff:e0:e7:09:45:05:07:
b4:30:07:04:0f:0b:f4:0d:ed:3c:f5:4a:57:b5:fa:e6:fc:f7:
52:27:ea:ec:d2:4d:e3:dc:45:8b:4e:46:93:db:9b:69:7d:80:
2c:bc:d2:7a:d5:e7:16:54:af:58:fc:ad:1e:62:9a:19:02:c9:
54:6c:2b:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTu/12E0IqAoS/6hsERuh5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMjEwMDgzNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThkMDBlMWU5ODgzM2FhZDY4MDA0ZDk0MjkzMmJhMmVmZmE4MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sdvRUGdwCv7+ZTRg1XOZ5MAXvX6
EkeBeU9fcOWQc5z/Ugj08M/CMUxQxaIfSk6Y/jUeroRuTYKqW4AxNBCQNQUpIonm
gEGQyTGio9z1PvKtn9IKGKBBzvlaJonKmKMXXdsOPnwHKkMQp7+1Lw3LJiGT0LkQ
KFtvPpQOquGqBM5tQcJzkg5/Qu9mc10kQIQSQo0G4fgieeMTsX4MN3RXysa76bOO
dUQi0XlIFxG49Y+Pf29J9b4zKO1ZMx9sGg7KMT6k31FBrKIRLnBtGDSlZPO7BJgx
4S9+zflnwab4Koq0n3cGAcoSq+LHb53TBGU4LxSr5lZCOkf9fF6zFo6LmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNGNAOHpiDOq1oAE2UKTK6Lv+oMbMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMFkwQTRlbUlNNnJXZ0FUWlFwTXJvdV82Z3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUbX7AwQA
2Zx5AwQA2Zx+MA0GCSqGSIb3DQEBCwUAA4IBAQBtaN08okonWh1FUciV+fUAwg78
6/29iKPtcLS2yYterzjrizpHA/qKeuY30XbB78AHA17QcZsXgk1A6PTU6gEL8SC8
yWVfdzjQ2jN+57SmU5i4b9ELS9YBiIrr7nulyaF6QCtZ37aPpVepKbQmEaqU3bLy
Xy/mukd0Y5wWA+tMbprZZhVLZk8zZ9Qga9YeW2zQmcNZ0ilHG0EDOJ11wEnEKtq1
KLvpZfKnJYaGJ+F8yRxXDi1AkaG8NNfofDQgZv/g5wlFBQe0MAcEDwv0De089UpX
tfrm/PdSJ+rs0k3j3EWLTkaT25tpfYAsvNJ61ecWVK9Y/K0eYpoZAslUbCvp
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:34:58 2025 by rpki-client