Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y55yKt5VK_usfn2gzgFs1N4jMbI.roa
File: Y55yKt5VK_usfn2gzgFs1N4jMbI.roa (raw, json)
Hash identifier: Q6wG7pPedh2pYSBtVKocXV4i6FxrmXtv253Wm52MxpM=
Subject key identifier: 63:9E:72:2A:DE:55:2B:FB:AC:7E:7D:A0:CE:01:6C:D4:DE:23:31:B2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01975A54D4B53F87021AFC8FF852DB5F438C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y55yKt5VK_usfn2gzgFs1N4jMbI.roa
Signing time: Tue 10 Jun 2025 14:53:18 +0000
ROA not before: Tue 10 Jun 2025 14:53:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 89.213.127.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 06:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:54:d4:b5:3f:87:02:1a:fc:8f:f8:52:db:5f:43:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 10 14:53:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=639e722ade552bfbac7e7da0ce016cd4de2331b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d5:02:38:76:77:e5:a8:0d:8a:62:de:c5:34:
a1:a3:67:8c:ad:c0:39:f2:39:c9:ba:3c:d9:7a:ae:
b0:30:12:dd:73:7b:d5:61:df:3e:c5:9c:5a:31:1f:
d1:ac:9a:6a:9a:4f:21:77:b1:e7:22:6c:8f:58:1d:
89:71:61:53:4e:76:e3:47:39:ae:56:10:f2:ff:e9:
95:74:d5:78:56:66:d8:22:4b:82:a0:0d:54:72:79:
94:d4:fb:ef:51:69:a7:83:3d:25:e8:0b:5f:14:6a:
7c:02:a2:22:43:8f:1c:c9:07:8f:2f:85:d5:01:b6:
34:39:00:3b:69:7a:45:71:a4:b3:86:c3:69:47:bc:
58:53:6e:64:16:15:ae:4a:98:02:65:53:8c:21:24:
6c:f1:04:82:9d:a2:c7:e9:19:17:08:38:d8:22:9a:
6a:1c:5e:3e:30:49:ef:7e:e7:01:f6:cb:f0:ad:2e:
d2:30:28:67:6f:6b:12:29:29:a9:77:ca:95:a6:ff:
0e:d0:aa:78:2e:a5:7d:30:f2:7c:f1:70:c4:d7:0d:
87:e5:10:55:df:c6:48:95:73:eb:04:78:88:f4:1c:
ec:2b:02:81:0e:b4:5c:60:a4:95:24:e0:01:04:87:
23:1f:3c:06:a1:67:df:73:9b:de:f8:18:9e:a0:3a:
2b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9E:72:2A:DE:55:2B:FB:AC:7E:7D:A0:CE:01:6C:D4:DE:23:31:B2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y55yKt5VK_usfn2gzgFs1N4jMbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.127.0/24
89.213.167.0/24
89.213.212.0/24
89.213.224.0/24
213.218.215.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c6:07:e0:53:53:6c:9e:da:9e:c3:02:e5:8b:62:1c:a7:e9:
6e:f1:d3:3c:e7:12:db:a5:23:c8:57:aa:42:d8:61:88:28:63:
db:3e:d5:0b:a5:bc:f1:a0:68:22:b3:81:7d:96:7d:2c:fa:9a:
00:18:e9:80:24:0c:71:13:66:40:40:77:fa:63:ec:2a:2b:eb:
40:fc:d4:e7:92:77:bd:fe:5d:c5:8b:ea:c5:25:89:28:68:1d:
fe:f9:9a:a5:13:ff:3d:da:8a:c7:f9:65:31:b5:ee:48:09:ed:
06:39:a2:92:2b:36:bf:0d:21:27:6f:7e:46:d8:ad:a8:73:f5:
1b:36:5a:94:37:51:12:88:f5:02:b5:3d:fa:65:08:19:1c:87:
96:c5:85:14:ac:59:e4:28:1c:ea:8b:e8:70:5d:12:b2:5e:b6:
54:7c:6a:bc:98:b8:94:62:47:01:48:87:26:33:ce:9e:fb:77:
22:67:c9:58:4c:35:73:39:21:b8:93:0a:a7:ac:92:7c:2b:fe:
e2:1e:92:2d:e6:bc:5e:8d:ee:b3:52:3a:f7:45:d1:90:96:c6:
ac:1c:53:07:9f:7d:8d:5f:92:52:60:af:b9:2f:78:7b:9e:c8:
2b:cd:e5:29:bf:f4:91:be:74:b9:f9:56:77:af:eb:3e:f6:8b:
82:af:10:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdaVNS1P4cCGvyP+FLbX0OMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjEwMTQ1MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzllNzIyYWRlNTUyYmZiYWM3ZTdkYTBjZTAxNmNkNGRlMjMzMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdUCOHZ35agNimLexTSho2eMrcA5
8jnJujzZeq6wMBLdc3vVYd8+xZxaMR/RrJpqmk8hd7HnImyPWB2JcWFTTnbjRzmu
VhDy/+mVdNV4VmbYIkuCoA1UcnmU1PvvUWmngz0l6AtfFGp8AqIiQ48cyQePL4XV
AbY0OQA7aXpFcaSzhsNpR7xYU25kFhWuSpgCZVOMISRs8QSCnaLH6RkXCDjYIppq
HF4+MEnvfucB9svwrS7SMChnb2sSKSmpd8qVpv8O0Kp4LqV9MPJ88XDE1w2H5RBV
38ZIlXPrBHiI9BzsKwKBDrRcYKSVJOABBIcjHzwGoWffc5ve+BieoDorCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGOecireVSv7rH59oM4BbNTeIzGyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWTU1eUt0NVZLX3VzZm4yZ3pnRnMxTjRqTWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWdV/AwQA
WdWnAwQAWdXUAwQAWdXgAwQA1drXMA0GCSqGSIb3DQEBCwUAA4IBAQAFxgfgU1Ns
ntqewwLli2Icp+lu8dM85xLbpSPIV6pC2GGIKGPbPtULpbzxoGgis4F9ln0s+poA
GOmAJAxxE2ZAQHf6Y+wqK+tA/NTnkne9/l3Fi+rFJYkoaB3++ZqlE/892orH+WUx
te5ICe0GOaKSKza/DSEnb35G2K2oc/UbNlqUN1ESiPUCtT36ZQgZHIeWxYUUrFnk
KBzqi+hwXRKyXrZUfGq8mLiUYkcBSIcmM86e+3ciZ8lYTDVzOSG4kwqnrJJ8K/7i
HpIt5rxeje6zUjr3RdGQlsasHFMHn32NX5JSYK+5L3h7nsgrzeUpv/SRvnS5+VZ3
r+s+9ouCrxAB
-----END CERTIFICATE-----
Generated at Tue Jun 17 18:08:20 2025 by rpki-client