Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yavrDiJszlcI8nIcifuGhqHBdiI.roa
File: yavrDiJszlcI8nIcifuGhqHBdiI.roa (raw, json)
Hash identifier: Pf/AFP5T5dcE/BX6CaXGNAhQWa7JPXR2nHWXv3v+SKI=
Subject key identifier: C9:AB:EB:0E:22:6C:CE:57:08:F2:72:1C:89:FB:86:86:A1:C1:76:22
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194F034D10BE049D1B7F4971D4AA2F9BE86
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yavrDiJszlcI8nIcifuGhqHBdiI.roa
Signing time: Mon 10 Feb 2025 14:13:00 +0000
ROA not before: Mon 10 Feb 2025 14:13:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208946
IP address blocks: 93.170.242.0/23 maxlen: 24
93.171.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 16:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:34:d1:0b:e0:49:d1:b7:f4:97:1d:4a:a2:f9:be:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 10 14:13:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9abeb0e226cce5708f2721c89fb8686a1c17622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ad:d4:0f:07:f8:14:62:72:4f:b0:1a:69:6d:
40:7a:10:b8:5b:f4:88:1c:ee:97:75:a6:15:bc:66:
ed:77:29:6c:21:8f:a7:37:20:01:80:3f:59:b1:db:
30:e5:60:f6:95:67:b5:39:be:36:d4:33:97:5a:b8:
1d:1f:24:53:26:1c:8f:7a:95:26:bd:42:5f:5c:f5:
92:58:21:18:a0:6a:6d:c5:a3:41:14:b8:df:36:52:
3e:29:66:02:4c:1c:23:25:72:8c:34:c0:35:1d:8a:
fd:f3:97:26:b2:58:fb:54:59:d6:4b:56:08:60:54:
66:b8:3e:3f:ed:a1:57:36:cf:98:e4:92:f7:1a:c8:
20:ed:48:04:40:85:48:ab:76:9c:f3:11:58:d2:55:
df:b0:f5:72:36:87:c8:1e:ab:48:0e:25:f2:ea:a3:
0f:f1:08:37:13:99:04:82:f5:bf:93:34:74:c1:ab:
5c:6d:b5:6a:e5:28:7d:1d:1a:1e:a7:4d:5b:5a:40:
84:42:fe:1a:f4:1b:7d:71:74:a5:18:1d:07:c0:08:
bd:51:5f:69:31:eb:24:d4:c3:d0:7f:d8:66:33:95:
a5:55:30:fc:20:51:45:fc:0b:d7:af:88:5b:56:d3:
c4:09:07:e6:89:02:62:7a:ac:fa:90:2e:01:af:00:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AB:EB:0E:22:6C:CE:57:08:F2:72:1C:89:FB:86:86:A1:C1:76:22
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yavrDiJszlcI8nIcifuGhqHBdiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.242.0/23
93.171.158.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:1b:c0:ca:0e:6b:d6:cd:1f:88:1f:01:82:16:13:8d:a3:aa:
c4:ad:a3:b4:ef:5e:00:36:74:e6:66:54:35:c5:64:96:d4:72:
41:de:33:35:9f:ad:53:ee:3c:b6:6e:a7:b2:6a:6d:94:c7:c9:
de:a0:76:2f:c2:6c:3a:2f:c6:3a:2e:44:6b:73:de:2d:60:f5:
9c:7c:33:85:d3:a5:7d:c2:68:eb:a1:bf:a2:80:14:1c:6c:a3:
ba:75:96:96:d4:7f:8d:ff:9b:1c:8c:f8:70:e7:b2:e4:e4:dd:
5d:d4:59:eb:bc:2c:73:73:32:b9:22:e4:87:4c:98:1b:00:ad:
67:e8:15:b9:79:c3:e2:be:9a:76:53:72:51:67:c1:c6:1d:ff:
92:96:4e:9e:d8:88:3a:14:02:1a:99:70:3c:e2:0a:21:89:60:
95:c3:f3:87:64:cb:16:e6:88:82:73:9e:09:60:7b:b2:c3:37:
14:50:27:d6:59:92:45:99:b9:18:fc:92:40:ec:cf:1d:c5:00:
3c:8d:ab:53:27:8e:d6:3c:42:93:e1:c8:47:e9:fc:0e:b2:f9:
a1:bf:cc:2e:51:5f:95:58:d7:68:22:b2:ee:94:1b:7a:f6:2f:
64:be:39:77:98:a1:df:f6:45:bb:66:df:bf:fb:ac:3c:ba:57:
c0:12:7e:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTwNNEL4EnRt/SXHUqi+b6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMjEwMTQxMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFiZWIwZTIyNmNjZTU3MDhmMjcyMWM4OWZiODY4NmExYzE3NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA663UDwf4FGJyT7AaaW1AehC4W/SI
HO6XdaYVvGbtdylsIY+nNyABgD9Zsdsw5WD2lWe1Ob421DOXWrgdHyRTJhyPepUm
vUJfXPWSWCEYoGptxaNBFLjfNlI+KWYCTBwjJXKMNMA1HYr985cmslj7VFnWS1YI
YFRmuD4/7aFXNs+Y5JL3Gsgg7UgEQIVIq3ac8xFY0lXfsPVyNofIHqtIDiXy6qMP
8Qg3E5kEgvW/kzR0watcbbVq5Sh9HRoep01bWkCEQv4a9Bt9cXSlGB0HwAi9UV9p
Mesk1MPQf9hmM5WlVTD8IFFF/AvXr4hbVtPECQfmiQJieqz6kC4BrwAyMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmr6w4ibM5XCPJyHIn7hoahwXYiMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveWF2ckRpSnN6bGNJOG5JY2lmdUdocUhCZGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXaryAwQB
XaueMA0GCSqGSIb3DQEBCwUAA4IBAQAuG8DKDmvWzR+IHwGCFhONo6rEraO0714A
NnTmZlQ1xWSW1HJB3jM1n61T7jy2bqeyam2Ux8neoHYvwmw6L8Y6LkRrc94tYPWc
fDOF06V9wmjrob+igBQcbKO6dZaW1H+N/5scjPhw57Lk5N1d1FnrvCxzczK5IuSH
TJgbAK1n6BW5ecPivpp2U3JRZ8HGHf+Slk6e2Ig6FAIamXA84gohiWCVw/OHZMsW
5oiCc54JYHuywzcUUCfWWZJFmbkY/JJA7M8dxQA8jatTJ47WPEKT4chH6fwOsvmh
v8wuUV+VWNdoIrLulBt69i9kvjl3mKHf9kW7Zt+/+6w8ulfAEn4E
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:47:15 2025 by rpki-client