Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/y9VW04y99MGKwtVO_G6jkOWtRHY.roa
File: y9VW04y99MGKwtVO_G6jkOWtRHY.roa (raw, json)
Hash identifier: Ymm2b7l6HqCmPBek6zuCJemwLCiEE4l2XbSJBqiy4NE=
Subject key identifier: CB:D5:56:D3:8C:BD:F4:C1:8A:C2:D5:4E:FC:6E:A3:90:E5:AD:44:76
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0196BDEE5280C48946AD00331605C7051D3D
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/y9VW04y99MGKwtVO_G6jkOWtRHY.roa
Signing time: Sun 11 May 2025 06:00:34 +0000
ROA not before: Sun 11 May 2025 06:00:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.221.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 03:36:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:ee:52:80:c4:89:46:ad:00:33:16:05:c7:05:1d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: May 11 06:00:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbd556d38cbdf4c18ac2d54efc6ea390e5ad4476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:2e:f8:69:0e:bc:da:4e:63:5e:dc:a3:10:2d:
7a:f6:af:0a:99:2a:56:3d:0b:da:fb:70:bb:b1:61:
c3:ec:66:7c:f7:d6:78:03:a1:51:d7:21:ac:fe:d6:
b2:a1:56:a8:78:74:41:a3:07:f2:d7:60:4e:4c:30:
c6:1a:93:34:df:9d:76:26:de:1d:8a:cb:ec:35:c3:
5c:d1:2b:ee:80:6f:bc:53:f4:c2:d3:67:e6:ec:0c:
ec:26:20:45:07:50:7b:b0:4d:04:7c:a0:00:47:a3:
08:a6:3a:0b:65:7a:39:42:13:09:f0:73:4d:4b:b9:
06:1d:8c:ec:99:a3:1a:37:00:39:f1:4e:93:77:81:
70:2b:cd:4a:32:7e:44:fa:4b:c0:04:28:fb:c6:25:
4c:be:1b:05:25:14:3a:75:79:a7:05:44:02:53:56:
8b:5b:dc:42:ee:8c:ae:c6:02:b8:d0:c1:22:c5:3a:
64:55:ad:95:87:60:b8:1d:c9:42:4a:94:a3:76:03:
07:af:fe:33:b7:0d:35:c8:de:ba:76:39:c9:e4:91:
e8:e7:12:9a:dd:97:70:de:be:93:9d:a7:3e:06:79:
52:67:ee:d0:46:5f:13:74:0b:f0:eb:35:c3:ca:2b:
79:b3:53:a8:89:66:28:b5:df:8d:35:30:32:dc:f2:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D5:56:D3:8C:BD:F4:C1:8A:C2:D5:4E:FC:6E:A3:90:E5:AD:44:76
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/y9VW04y99MGKwtVO_G6jkOWtRHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ef:10:a2:1a:22:9b:0e:6a:f8:6d:87:ea:9b:b7:f5:5d:ec:
e4:ae:78:36:b9:bb:20:cf:3b:83:19:a8:ff:d6:21:8f:73:24:
7c:4a:44:16:b0:7b:0b:98:1e:79:5c:b9:92:fd:04:01:aa:30:
f8:b5:04:c7:f8:7c:0d:86:e5:20:2f:a0:f4:00:7c:03:86:bc:
14:f6:8c:35:01:e9:0f:1f:b4:2b:e7:df:86:35:ee:bf:9a:b4:
09:29:3e:da:00:a9:df:ef:f9:73:c9:ca:5a:07:41:36:f2:0d:
81:b2:8a:5d:3b:c5:2a:3a:97:78:ce:46:80:21:18:c9:00:dd:
f1:44:30:42:59:eb:75:20:b7:42:61:23:50:a2:97:e3:72:78:
37:91:8e:6a:3d:0f:b2:61:cc:5b:29:2a:41:1d:be:c8:91:f2:
20:c5:42:b9:1f:a3:a7:64:8a:1f:96:7f:e6:2b:0b:8e:49:72:
b9:ae:d3:c8:12:0e:c8:20:6e:ef:94:b0:48:71:59:ce:07:77:
86:1a:82:8c:1b:c6:0b:b8:5d:82:67:ed:d5:02:68:cf:53:ce:
f8:76:2a:95:d3:0e:d3:71:6a:1b:60:7b:33:00:0c:62:35:92:
53:8e:05:f8:c3:85:d4:20:dc:e4:f6:2c:25:4e:a9:e0:15:1f:
0b:1b:b7:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZa97lKAxIlGrQAzFgXHBR09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwNTExMDYwMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ1NTZkMzhjYmRmNGMxOGFjMmQ1NGVmYzZlYTM5MGU1YWQ0NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7i74aQ682k5jXtyjEC169q8KmSpW
PQva+3C7sWHD7GZ899Z4A6FR1yGs/tayoVaoeHRBowfy12BOTDDGGpM03512Jt4d
isvsNcNc0SvugG+8U/TC02fm7AzsJiBFB1B7sE0EfKAAR6MIpjoLZXo5QhMJ8HNN
S7kGHYzsmaMaNwA58U6Td4FwK81KMn5E+kvABCj7xiVMvhsFJRQ6dXmnBUQCU1aL
W9xC7oyuxgK40MEixTpkVa2Vh2C4HclCSpSjdgMHr/4ztw01yN66djnJ5JHo5xKa
3Zdw3r6Tnac+BnlSZ+7QRl8TdAvw6zXDyit5s1OoiWYotd+NNTAy3PJClwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvVVtOMvfTBisLVTvxuo5DlrUR2MB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEveTlWVzA0eTk5TUdLd3RWT19HNmprT1d0UkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW910MA0G
CSqGSIb3DQEBCwUAA4IBAQB77xCiGiKbDmr4bYfqm7f1Xezkrng2ubsgzzuDGaj/
1iGPcyR8SkQWsHsLmB55XLmS/QQBqjD4tQTH+HwNhuUgL6D0AHwDhrwU9ow1AekP
H7Qr59+GNe6/mrQJKT7aAKnf7/lzycpaB0E28g2BsopdO8UqOpd4zkaAIRjJAN3x
RDBCWet1ILdCYSNQopfjcng3kY5qPQ+yYcxbKSpBHb7IkfIgxUK5H6OnZIofln/m
KwuOSXK5rtPIEg7IIG7vlLBIcVnOB3eGGoKMG8YLuF2CZ+3VAmjPU874diqV0w7T
cWobYHszAAxiNZJTjgX4w4XUINzk9iwlTqngFR8LG7dp
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:03:22 2025 by rpki-client