Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YbJAbrKin62iEaFskFd1xnZtAsY.roa
File: YbJAbrKin62iEaFskFd1xnZtAsY.roa (raw, json)
Hash identifier: Z7BQ8mR3vrZUW2hBOgq+FhqpdNLsgMbaaasWTrLSMwA=
Subject key identifier: 61:B2:40:6E:B2:A2:9F:AD:A2:11:A1:6C:90:57:75:C6:76:6D:02:C6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01913784F0EAA5711D6DBEFB558A50575D8B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YbJAbrKin62iEaFskFd1xnZtAsY.roa
Signing time: Fri 09 Aug 2024 14:22:24 +0000
ROA not before: Fri 09 Aug 2024 14:22:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 82.153.224.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.105.0/24 maxlen: 24
89.213.217.0/24 maxlen: 24
89.213.220.0/24 maxlen: 24
89.213.222.0/24 maxlen: 24
89.213.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 09:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:84:f0:ea:a5:71:1d:6d:be:fb:55:8a:50:57:5d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 9 14:22:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61b2406eb2a29fada211a16c905775c6766d02c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:39:2f:17:d1:16:54:8f:0c:8c:b0:4e:b2:
6f:a8:85:cc:77:d0:74:5c:c0:7f:11:66:58:bd:6d:
98:e2:95:f6:0e:97:61:98:0b:a5:97:46:40:92:c8:
63:5e:2e:52:dc:7a:85:a5:4b:bc:15:eb:69:f9:67:
fb:56:7c:07:fe:06:a0:ba:03:23:09:5e:ff:72:f3:
6d:b8:db:3c:29:a2:a3:8a:d1:5e:fe:7c:10:42:32:
9f:ee:f6:d2:1e:ed:ee:63:f1:58:0b:a5:8d:75:e1:
1f:4e:4c:7f:1c:6b:c2:23:e1:ed:63:89:3a:27:dc:
c7:49:2a:ac:61:82:bf:66:1d:d5:4c:30:13:a4:1d:
11:04:83:bb:49:cc:5d:ca:af:93:79:02:bf:d7:0d:
44:40:56:cb:2d:9c:7e:05:cb:63:12:4b:1f:e6:7b:
54:38:3b:e1:a3:6a:d4:86:f4:9b:49:2b:7f:ce:a1:
7e:48:56:74:0c:0b:1e:e2:97:5f:71:bb:9f:fc:5d:
28:bb:17:97:ed:91:0a:fd:78:cc:40:96:3a:88:19:
72:ab:26:87:35:d2:e7:0d:ad:28:17:46:7e:60:01:
76:da:bc:8c:9c:8b:45:74:99:2d:86:d8:ff:63:36:
cc:16:b2:80:03:38:9d:6d:b5:d9:5f:e3:98:6d:22:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B2:40:6E:B2:A2:9F:AD:A2:11:A1:6C:90:57:75:C6:76:6D:02:C6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YbJAbrKin62iEaFskFd1xnZtAsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.224.0/24
89.213.104.0/23
89.213.217.0/24
89.213.220.0/24
89.213.222.0/24
89.213.226.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f1:9e:34:c5:a6:79:71:63:b9:21:a4:a8:68:4a:6d:d0:81:
93:a7:45:e5:7d:62:30:94:02:5e:1a:40:18:91:65:9e:ab:99:
82:99:b1:68:e7:19:cb:6a:a9:eb:69:d2:b0:5a:2a:d0:04:c1:
bc:74:90:ae:f8:e5:19:fd:5e:32:78:6f:ff:80:ad:b4:5a:85:
f6:72:de:8a:d5:79:89:d1:90:b7:0a:3f:78:7a:b4:46:b4:de:
2a:1b:ea:6b:51:48:5c:78:fd:2d:ca:61:ba:22:f5:5b:ce:33:
96:7f:20:9c:87:d8:84:d0:a8:64:67:b1:23:71:f5:dd:db:49:
b1:97:ca:84:c0:c7:f0:a4:7c:a8:9a:b7:93:d0:40:fb:b7:df:
81:f0:5f:2e:4b:10:bf:8c:b4:87:22:34:d2:1c:49:56:a1:e1:
91:19:39:55:45:fe:b8:4b:b6:e6:7f:14:97:de:b7:f2:70:ac:
3e:dd:5f:2d:10:b6:4e:a6:af:c2:6a:af:e3:29:2f:28:a8:0b:
d5:d5:ce:20:a4:57:6b:fa:5c:29:27:75:d6:28:0d:79:6e:75:
e6:be:c8:76:a5:58:35:d5:08:35:05:08:b3:13:e6:61:bb:7b:
dc:88:1f:a0:97:7c:90:f3:de:b0:ff:af:1c:60:1c:7b:27:bd:
76:0b:ca:67
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZE3hPDqpXEdbb77VYpQV12LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODA5MTQyMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWIyNDA2ZWIyYTI5ZmFkYTIxMWExNmM5MDU3NzVjNjc2NmQwMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuk5LxfRFlSPDIywTrJvqIXMd9B0
XMB/EWZYvW2Y4pX2DpdhmAull0ZAkshjXi5S3HqFpUu8Fetp+Wf7VnwH/gagugMj
CV7/cvNtuNs8KaKjitFe/nwQQjKf7vbSHu3uY/FYC6WNdeEfTkx/HGvCI+HtY4k6
J9zHSSqsYYK/Zh3VTDATpB0RBIO7Scxdyq+TeQK/1w1EQFbLLZx+BctjEksf5ntU
ODvho2rUhvSbSSt/zqF+SFZ0DAse4pdfcbuf/F0ouxeX7ZEK/XjMQJY6iBlyqyaH
NdLnDa0oF0Z+YAF22ryMnItFdJkthtj/YzbMFrKAAzidbbXZX+OYbSLlXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGGyQG6yop+tohGhbJBXdcZ2bQLGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWWJKQWJyS2luNjJpRWFGc2tGZDF4blp0QXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpngAwQB
WdVoAwQAWdXZAwQAWdXcAwQAWdXeAwQAWdXiMA0GCSqGSIb3DQEBCwUAA4IBAQAm
8Z40xaZ5cWO5IaSoaEpt0IGTp0XlfWIwlAJeGkAYkWWeq5mCmbFo5xnLaqnradKw
WirQBMG8dJCu+OUZ/V4yeG//gK20WoX2ct6K1XmJ0ZC3Cj94erRGtN4qG+prUUhc
eP0tymG6IvVbzjOWfyCch9iE0KhkZ7EjcfXd20mxl8qEwMfwpHyomreT0ED7t9+B
8F8uSxC/jLSHIjTSHElWoeGRGTlVRf64S7bmfxSX3rfycKw+3V8tELZOpq/Caq/j
KS8oqAvV1c4gpFdr+lwpJ3XWKA15bnXmvsh2pVg11Qg1BQizE+Zhu3vciB+gl3yQ
896w/68cYBx7J712C8pn
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:00:02 2025 by rpki-client