Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/_YRkStq2NAC1C6LAPcT4TQmdiFQ.roa
File: _YRkStq2NAC1C6LAPcT4TQmdiFQ.roa (raw, json)
Hash identifier: YAIAzn0BD0ElxNuAiFYO8hPulUq1NvcqP7oJ58JQEh0=
Subject key identifier: FD:84:64:4A:DA:B6:34:00:B5:0B:A2:C0:3D:C4:F8:4D:09:9D:88:54
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 018EEC86E0899A2E488EE4F5D1E4007ED3E2
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/_YRkStq2NAC1C6LAPcT4TQmdiFQ.roa
Signing time: Wed 17 Apr 2024 14:47:26 +0000
ROA not before: Wed 17 Apr 2024 14:47:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28787
IP address blocks: 37.61.0.0/17 maxlen: 17
37.61.56.0/21 maxlen: 21
37.61.77.0/24 maxlen: 24
37.61.78.0/24 maxlen: 24
37.61.79.0/24 maxlen: 24
37.61.112.0/22 maxlen: 22
37.61.116.0/22 maxlen: 22
37.61.120.0/22 maxlen: 22
37.61.124.0/22 maxlen: 22
81.17.80.0/20 maxlen: 20
81.17.82.0/24 maxlen: 24
185.30.88.0/23 maxlen: 23
185.30.90.0/23 maxlen: 23
188.253.128.0/19 maxlen: 19
188.253.208.0/22 maxlen: 22
188.253.212.0/22 maxlen: 22
188.253.216.0/22 maxlen: 22
188.253.220.0/22 maxlen: 22
188.253.224.0/21 maxlen: 21
188.253.232.0/21 maxlen: 21
188.253.254.0/24 maxlen: 24
188.253.255.0/24 maxlen: 24
194.135.152.0/23 maxlen: 23
194.135.154.0/23 maxlen: 23
194.135.166.0/23 maxlen: 23
194.135.168.0/23 maxlen: 23
194.135.170.0/24 maxlen: 24
194.135.171.0/24 maxlen: 24
194.135.172.0/24 maxlen: 24
194.135.173.0/24 maxlen: 24
194.135.174.0/24 maxlen: 24
194.135.176.0/24 maxlen: 24
194.135.177.0/24 maxlen: 24
194.135.178.0/24 maxlen: 24
194.135.179.0/24 maxlen: 24
213.154.0.0/19 maxlen: 19
217.64.16.0/20 maxlen: 20
217.64.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 15:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:86:e0:89:9a:2e:48:8e:e4:f5:d1:e4:00:7e:d3:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Apr 17 14:47:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd84644adab63400b50ba2c03dc4f84d099d8854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:32:64:da:44:e2:d7:f3:2f:41:86:36:35:db:
21:1b:f7:37:99:d1:d1:f6:5c:ad:1c:c1:fd:62:fd:
64:a2:fc:b7:8a:90:17:4d:94:a9:46:87:94:92:91:
db:85:2b:f6:c5:da:02:3b:66:59:0a:a5:31:e3:bc:
0c:62:08:e0:fa:75:71:f9:2d:f8:2d:01:64:81:ff:
36:78:42:c2:4a:2d:e4:40:d8:2d:26:f3:e4:37:9a:
39:33:fd:eb:ef:81:da:09:d5:11:29:59:1f:62:b6:
0f:c3:6e:80:24:a0:27:41:7a:66:4f:be:f4:2a:54:
49:73:0f:73:b5:88:a5:f3:49:a3:9c:d3:83:92:81:
64:c4:89:62:13:ff:df:78:1c:9f:02:17:50:cb:8c:
5d:ac:7e:32:87:b8:e0:8d:6a:c4:0a:30:33:1f:1f:
af:86:a9:be:88:09:8c:db:6b:f8:78:f4:20:e1:0a:
f6:aa:59:fd:8e:56:f9:c7:41:4a:cf:80:5e:24:f1:
a7:a2:d7:6a:41:4e:88:73:06:42:ca:0d:bc:93:e3:
0c:4e:92:73:8c:a5:b4:53:fa:68:bb:bc:35:ab:e3:
45:e4:4e:9f:3e:cc:31:9c:88:e1:48:e0:cb:75:84:
22:22:0e:5e:67:57:6f:97:10:68:8f:be:5c:cb:14:
d5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:84:64:4A:DA:B6:34:00:B5:0B:A2:C0:3D:C4:F8:4D:09:9D:88:54
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/_YRkStq2NAC1C6LAPcT4TQmdiFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.0.0/17
81.17.80.0/20
185.30.88.0/22
188.253.128.0/19
188.253.208.0-188.253.239.255
188.253.254.0/23
194.135.152.0/22
194.135.166.0-194.135.174.255
194.135.176.0/22
213.154.0.0/19
217.64.16.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:f0:1f:13:e4:73:7a:33:3a:22:b3:3b:48:2b:71:9f:14:df:
88:b5:b1:11:68:60:d8:06:6e:c7:d5:36:e6:61:0d:07:35:b9:
3e:a6:39:5d:73:ea:ee:c2:8e:de:77:13:7a:5d:27:f0:fe:33:
60:23:fb:e3:6d:84:f7:18:9f:45:ed:db:3c:f9:1f:73:e1:48:
ae:3b:dd:55:da:ec:22:68:ba:e6:ed:2d:b2:7f:c9:e4:00:98:
3a:5f:4b:bb:fc:6d:5c:61:0f:43:07:2e:e8:22:2c:9d:d1:1c:
60:fb:f3:89:48:fe:36:09:05:38:06:53:8b:bc:a7:64:22:a0:
62:bf:80:2c:ae:10:78:9e:1d:f9:39:8e:c2:47:c5:54:78:4e:
8b:5d:56:3f:e3:00:39:b9:9c:70:f1:28:fc:76:02:1c:5c:f9:
cf:ff:a6:83:8b:8e:7e:b1:ac:20:40:fd:08:cd:fe:21:57:72:
30:9c:53:6c:19:5b:45:1a:50:fe:15:b0:30:a6:b9:d9:cc:3e:
a4:7d:92:64:63:c1:b3:5b:c1:78:c6:db:7b:5f:ff:9f:6f:8b:
d9:ff:c6:9d:9b:90:18:cb:f5:b2:d6:f4:9d:e1:af:d5:b0:28:
65:cc:14:21:4a:c4:df:c8:ca:91:40:5f:44:d0:3f:19:57:93:
c0:88:a3:1a
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY7shuCJmi5IjuT10eQAftPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjQwNDE3MTQ0NzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDg0NjQ0YWRhYjYzNDAwYjUwYmEyYzAzZGM0Zjg0ZDA5OWQ4ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDJk2kTi1/MvQYY2NdshG/c3mdHR
9lytHMH9Yv1kovy3ipAXTZSpRoeUkpHbhSv2xdoCO2ZZCqUx47wMYgjg+nVx+S34
LQFkgf82eELCSi3kQNgtJvPkN5o5M/3r74HaCdURKVkfYrYPw26AJKAnQXpmT770
KlRJcw9ztYil80mjnNODkoFkxIliE//feByfAhdQy4xdrH4yh7jgjWrECjAzHx+v
hqm+iAmM22v4ePQg4Qr2qln9jlb5x0FKz4BeJPGnotdqQU6IcwZCyg28k+MMTpJz
jKW0U/pou7w1q+NF5E6fPswxnIjhSODLdYQiIg5eZ1dvlxBoj75cyxTV3wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFP2EZEratjQAtQuiwD3E+E0JnYhUMB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvX1lSa1N0cTJOQUMxQzZMQVBjVDRUUW1kaUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQHJT0AAwQE
URFQAwQCuR5YAwQFvP2AMAwDBAS8/dADBAS8/eADBAG8/f4DBALCh5gwDAMEAcKH
pgMEAMKHrgMEAsKHsAMEBdWaAAMEBNlAEDANBgkqhkiG9w0BAQsFAAOCAQEAm/Af
E+RzejM6IrM7SCtxnxTfiLWxEWhg2AZux9U25mENBzW5PqY5XXPq7sKO3ncTel0n
8P4zYCP7422E9xifRe3bPPkfc+FIrjvdVdrsImi65u0tsn/J5ACYOl9Lu/xtXGEP
Qwcu6CIsndEcYPvziUj+NgkFOAZTi7ynZCKgYr+ALK4QeJ4d+TmOwkfFVHhOi11W
P+MAObmccPEo/HYCHFz5z/+mg4uOfrGsIED9CM3+IVdyMJxTbBlbRRpQ/hWwMKa5
2cw+pH2SZGPBs1vBeMbbe1//n2+L2f/GnZuQGMv1stb0neGv1bAoZcwUIUrE38jK
kUBfRNA/GVeTwIijGg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:35:03 2025 by rpki-client