Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/YrD26j1HeXLV-M_PMXNb8N2UDd8.roa
File: YrD26j1HeXLV-M_PMXNb8N2UDd8.roa (raw, json)
Hash identifier: 6d3i5AF0L4VN3uHpDfNbnPcagPUjtDQfK44Fk5ePExo=
Subject key identifier: 62:B0:F6:EA:3D:47:79:72:D5:F8:CF:CF:31:73:5B:F0:DD:94:0D:DF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0194E5A1994B74727892BFEEE28EAB25F2DD
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/YrD26j1HeXLV-M_PMXNb8N2UDd8.roa
Signing time: Sat 08 Feb 2025 12:56:00 +0000
ROA not before: Sat 08 Feb 2025 12:56:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 931
IP address blocks: 45.139.6.0/23 maxlen: 24
178.173.236.0/22 maxlen: 24
178.173.242.0/23 maxlen: 24
178.173.244.0/22 maxlen: 24
188.253.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 01:06:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e5:a1:99:4b:74:72:78:92:bf:ee:e2:8e:ab:25:f2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 8 12:56:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62b0f6ea3d477972d5f8cfcf31735bf0dd940ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3a:31:c6:9c:b0:50:4a:49:df:1e:98:3b:3e:
2b:64:a8:14:76:b4:df:13:95:80:23:fa:3a:c3:b7:
3b:53:9e:8d:21:77:0e:ad:3a:76:36:53:aa:74:a0:
f7:89:e7:d5:cb:99:0d:8b:7f:f8:28:87:5c:44:95:
4b:0c:3d:75:f7:c7:bc:9b:b8:08:30:6f:57:07:39:
cd:49:c7:57:6b:af:23:6b:9b:a4:91:a0:52:bc:aa:
ac:87:33:c3:4f:de:79:b1:b6:2a:a6:ee:db:88:2b:
c3:fc:02:fe:d6:5b:7c:d9:e0:bb:13:9e:db:f4:c6:
8e:59:32:7f:4e:30:a5:41:1c:b4:ac:07:d2:65:70:
c6:b4:ea:fb:f6:fc:c9:f5:3c:4e:8a:80:6c:06:29:
b0:c2:a0:d7:8d:54:40:31:2b:c2:df:a6:9b:da:c8:
fa:63:da:81:21:fd:da:96:60:4c:09:55:f2:03:07:
3b:c7:a2:9b:ed:7e:6c:38:65:80:d5:bd:04:03:bd:
57:0c:06:c8:30:9b:59:7a:16:41:fc:77:b2:aa:06:
dd:cd:24:b5:7b:4b:5b:69:57:db:41:a7:c5:66:93:
f4:eb:10:91:df:1c:0a:08:a9:34:9b:8f:c0:75:71:
4d:b3:12:09:7a:de:40:67:da:2a:7b:e4:6a:57:5b:
5f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B0:F6:EA:3D:47:79:72:D5:F8:CF:CF:31:73:5B:F0:DD:94:0D:DF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/YrD26j1HeXLV-M_PMXNb8N2UDd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
178.173.236.0/22
178.173.242.0-178.173.247.255
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
37:1c:b6:cf:8e:d4:03:c4:24:c9:46:42:8d:fd:33:2c:aa:55:
b9:a6:3f:d0:19:17:0b:86:1f:92:7a:db:ba:b8:44:f3:ec:c3:
c5:fe:ec:19:1d:13:22:50:bf:5f:3d:ac:6e:08:9f:d2:5e:91:
e5:e6:32:3c:77:6d:5b:e7:26:3e:62:d4:b9:4c:92:8d:d2:89:
37:d3:18:7d:c6:02:20:42:3c:db:a7:ed:38:20:f4:91:35:3f:
00:92:f3:70:32:4b:63:44:9a:c3:5e:7c:f9:41:2f:6b:0e:06:
44:7a:4e:dc:07:8f:8d:05:c5:db:cc:ba:07:4a:e2:94:29:83:
83:62:0a:8e:66:a5:11:ec:5a:71:7f:96:d8:0c:e5:df:a6:ee:
d0:95:17:e3:61:e2:f0:3f:0e:75:2f:a2:08:b7:fd:8e:e7:46:
75:35:ab:83:ad:48:35:cb:e3:33:e7:75:a7:bc:d6:be:21:c6:
c8:10:7d:f4:9c:c0:ea:35:44:86:92:9a:43:27:6b:32:e8:f3:
96:42:da:ae:ee:4a:3a:ad:a2:47:df:e7:ec:28:25:a9:de:81:
2a:13:d3:c2:e1:93:06:5a:a7:6e:c9:2c:ba:e0:60:a6:d1:f5:
cf:80:33:2c:03:67:b1:9b:ca:50:1a:b6:ef:c7:1f:ff:5b:68:
76:12:d7:e4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZTloZlLdHJ4kr/u4o6rJfLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMjA4MTI1NjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIwZjZlYTNkNDc3OTcyZDVmOGNmY2YzMTczNWJmMGRkOTQwZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzoxxpywUEpJ3x6YOz4rZKgUdrTf
E5WAI/o6w7c7U56NIXcOrTp2NlOqdKD3iefVy5kNi3/4KIdcRJVLDD1198e8m7gI
MG9XBznNScdXa68ja5ukkaBSvKqshzPDT955sbYqpu7biCvD/AL+1lt82eC7E57b
9MaOWTJ/TjClQRy0rAfSZXDGtOr79vzJ9TxOioBsBimwwqDXjVRAMSvC36ab2sj6
Y9qBIf3almBMCVXyAwc7x6Kb7X5sOGWA1b0EA71XDAbIMJtZehZB/HeyqgbdzSS1
e0tbaVfbQafFZpP06xCR3xwKCKk0m4/AdXFNsxIJet5AZ9oqe+RqV1tfuQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGKw9uo9R3ly1fjPzzFzW/DdlA3fMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWXJEMjZqMUhlWExWLU1fUE1YTmI4TjJVRGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLYsGAwQC
sq3sMAwDBAGyrfIDBAOyrfADBAK8/RwwDQYJKoZIhvcNAQELBQADggEBADccts+O
1APEJMlGQo39MyyqVbmmP9AZFwuGH5J627q4RPPsw8X+7BkdEyJQv189rG4In9Je
keXmMjx3bVvnJj5i1LlMko3SiTfTGH3GAiBCPNun7Tgg9JE1PwCS83AyS2NEmsNe
fPlBL2sOBkR6TtwHj40FxdvMugdK4pQpg4NiCo5mpRHsWnF/ltgM5d+m7tCVF+Nh
4vA/DnUvogi3/Y7nRnU1q4OtSDXL4zPndae81r4hxsgQffScwOo1RIaSmkMnazLo
85ZC2q7uSjqtokff5+woJanegSoT08LhkwZap27JLLrgYKbR9c+AMywDZ7GbylAa
tu/HH/9baHYS1+Q=
-----END CERTIFICATE-----
Generated at Fri May 2 16:14:54 2025 by rpki-client