Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/ym-Fbbl1wtcobqnpPyZ7KFldRzg.roa
File: ym-Fbbl1wtcobqnpPyZ7KFldRzg.roa (raw, json)
Hash identifier: Zg2chckUzYvoQ4VVl+PF8UkNalrIrkbhRybwaahD5Bo=
Subject key identifier: CA:6F:85:6D:B9:75:C2:D7:28:6E:A9:E9:3F:26:7B:28:59:5D:47:38
Certificate issuer: /CN=22877298dae5d5a3beabca16e92d1a141e948627
Certificate serial: 019666B7E8A6D7B531B1173BB4676077C143
Authority key identifier: 22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/ym-Fbbl1wtcobqnpPyZ7KFldRzg.roa
Signing time: Thu 24 Apr 2025 07:34:10 +0000
ROA not before: Thu 24 Apr 2025 07:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62597
IP address blocks: 163.114.192.0/24 maxlen: 24
185.103.32.0/22 maxlen: 24
185.103.32.0/24 maxlen: 24
185.103.33.0/24 maxlen: 24
185.103.34.0/24 maxlen: 24
185.103.35.0/24 maxlen: 24
2a00:edc0::/32 maxlen: 32
2a00:edc0:100::/44 maxlen: 48
2a00:edc0:107::/48 maxlen: 48
2a00:edc0:10f::/48 maxlen: 48
2a00:edc0:136::/48 maxlen: 48
2a00:edc0:137::/48 maxlen: 48
2a00:edc0:1f0::/44 maxlen: 48
2a00:edc0:469::/48 maxlen: 48
2a00:edc0:1000::/48 maxlen: 48
2a00:edc0:1001::/48 maxlen: 48
2a00:edc0:1002::/48 maxlen: 48
2a00:edc0:1003::/48 maxlen: 48
2a00:edc0:1004::/48 maxlen: 48
2a00:edc0:1005::/48 maxlen: 48
2a00:edc0:1010::/48 maxlen: 48
2a00:edc0:6000::/48 maxlen: 48
2a00:edc0:6259::/48 maxlen: 48
2a00:edc0:7ffe::/48 maxlen: 48
2a00:edc0:7fff::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 25 Apr 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:b7:e8:a6:d7:b5:31:b1:17:3b:b4:67:60:77:c1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22877298dae5d5a3beabca16e92d1a141e948627
Validity
Not Before: Apr 24 07:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca6f856db975c2d7286ea9e93f267b28595d4738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:df:69:fe:05:43:e8:f2:78:6b:12:1a:21:83:
9b:ab:4e:7a:03:9e:78:13:ab:0a:f9:68:8c:bc:79:
e4:10:1e:c0:e7:64:a5:a7:76:ed:3d:5e:52:99:5b:
9b:e9:fb:22:0a:fb:a2:a1:cc:c4:5a:3b:b4:ee:6b:
4c:0e:cf:32:50:d7:9e:b5:a5:b0:97:4f:6d:5d:09:
34:8e:91:fc:d9:39:d6:50:0d:c3:be:91:22:a9:6b:
68:39:6a:58:45:4f:fb:cf:40:4a:ba:da:b8:69:bc:
be:59:77:6b:2a:8a:1a:09:7d:28:7b:6c:8a:d8:5e:
79:7e:89:40:a2:2f:32:b6:2b:b0:dd:83:bc:8b:5f:
dc:04:26:2a:9a:60:d0:13:4b:f8:95:94:97:68:89:
82:0b:08:d4:3d:2a:ad:23:a4:a2:74:da:0a:f8:f9:
10:24:4e:ba:c1:1e:d9:97:ec:64:48:a9:d8:5d:01:
1f:83:2d:70:bc:90:ab:20:f3:8f:fc:11:c7:c5:55:
d5:f7:1d:27:34:d0:ef:03:c0:6e:b4:c2:77:da:7e:
4d:f8:2c:7d:ed:b4:d9:4e:3a:f5:12:10:6e:16:39:
20:65:e5:4b:89:91:71:d2:f5:f6:4a:6d:fd:f0:5f:
d8:87:2b:cb:bf:84:b4:0c:28:87:07:cf:03:c0:83:
d8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6F:85:6D:B9:75:C2:D7:28:6E:A9:E9:3F:26:7B:28:59:5D:47:38
X509v3 Authority Key Identifier:
keyid:22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/ym-Fbbl1wtcobqnpPyZ7KFldRzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.114.192.0/24
185.103.32.0/22
IPv6:
2a00:edc0::/32
Signature Algorithm: sha256WithRSAEncryption
92:8a:96:b9:32:6a:59:17:77:bc:a2:da:03:eb:c0:6a:36:0e:
e2:91:46:6c:c9:da:66:03:88:08:24:f6:86:70:81:80:3d:d8:
61:8b:7a:c9:92:3c:3c:9e:8a:1d:63:a0:4f:29:04:f5:d2:99:
a2:5d:e7:eb:07:21:9f:24:3a:41:dc:a6:6a:21:42:df:8d:c1:
79:37:b8:ad:a5:90:93:45:26:d3:da:e9:a5:fe:2c:52:ff:7f:
12:36:6f:fe:a7:2a:9f:aa:08:96:98:50:da:da:b4:ae:7c:a4:
61:9e:31:2c:5b:0d:0a:8d:55:82:c0:f9:9e:c2:aa:98:d9:df:
6e:79:7a:c2:44:72:0a:01:27:de:1d:e4:0d:7c:44:9c:de:69:
c6:95:f7:60:a7:64:47:eb:94:51:fa:d9:9f:45:59:a1:a6:5d:
b7:7b:79:49:de:bc:01:9c:29:77:60:74:7d:29:56:6e:6f:6f:
77:44:ed:52:51:58:bf:a7:44:26:b0:95:3d:d7:dc:d8:20:eb:
75:55:d0:13:c6:df:70:89:1f:07:66:05:c0:30:50:47:39:0e:
b6:47:30:1b:1c:d4:53:ba:ea:78:37:1c:15:35:93:e8:0c:d5:
07:54:6c:6a:1d:20:13:09:6a:20:f1:c7:e1:33:f6:23:fd:a2:
05:0f:3b:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZZmt+im17UxsRc7tGdgd8FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODc3Mjk4ZGFlNWQ1YTNiZWFiY2ExNmU5MmQxYTE0MWU5
NDg2MjcwHhcNMjUwNDI0MDczNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTZmODU2ZGI5NzVjMmQ3Mjg2ZWE5ZTkzZjI2N2IyODU5NWQ0NzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd9p/gVD6PJ4axIaIYObq056A554
E6sK+WiMvHnkEB7A52Slp3btPV5SmVub6fsiCvuioczEWju07mtMDs8yUNeetaWw
l09tXQk0jpH82TnWUA3DvpEiqWtoOWpYRU/7z0BKutq4aby+WXdrKooaCX0oe2yK
2F55folAoi8ytiuw3YO8i1/cBCYqmmDQE0v4lZSXaImCCwjUPSqtI6SidNoK+PkQ
JE66wR7Zl+xkSKnYXQEfgy1wvJCrIPOP/BHHxVXV9x0nNNDvA8ButMJ32n5N+Cx9
7bTZTjr1EhBuFjkgZeVLiZFx0vX2Sm398F/YhyvLv4S0DCiHB88DwIPYBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMpvhW25dcLXKG6p6T8meyhZXUc4MB8GA1UdIwQY
MBaAFCKHcpja5dWjvqvKFuktGhQelIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYt
NTkzM2EwOWY3MmQxLzEveW0tRmJibDF3dGNvYnFucFB5WjdLRmxkUnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYtNTkzM2EwOWY3MmQx
LzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAo3LAAwQC
uWcgMA0EAgACMAcDBQAqAO3AMA0GCSqGSIb3DQEBCwUAA4IBAQCSipa5MmpZF3e8
otoD68BqNg7ikUZsydpmA4gIJPaGcIGAPdhhi3rJkjw8noodY6BPKQT10pmiXefr
ByGfJDpB3KZqIULfjcF5N7itpZCTRSbT2uml/ixS/38SNm/+pyqfqgiWmFDa2rSu
fKRhnjEsWw0KjVWCwPmewqqY2d9ueXrCRHIKASfeHeQNfESc3mnGlfdgp2RH65RR
+tmfRVmhpl23e3lJ3rwBnCl3YHR9KVZub293RO1SUVi/p0QmsJU919zYIOt1VdAT
xt9wiR8HZgXAMFBHOQ62RzAbHNRTuup4NxwVNZPoDNUHVGxqHSATCWog8cfhM/Yj
/aIFDzuu
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:35:53 2025 by rpki-client