Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/YH2vXeXFSATJBU77lTraWZOobkI.roa
File: YH2vXeXFSATJBU77lTraWZOobkI.roa (raw, json)
Hash identifier: 3Rde0IgsWEHBVWB15AQuqpz+vasmoNOZ+JWVjrrdaJA=
Subject key identifier: 60:7D:AF:5D:E5:C5:48:04:C9:05:4E:FB:95:3A:DA:59:93:A8:6E:42
Certificate issuer: /CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Certificate serial: 019EA6F6268D88CB215FBBB60D0AC7D28736
Authority key identifier: 95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/YH2vXeXFSATJBU77lTraWZOobkI.roa
Signing time: Mon 08 Jun 2026 11:20:10 +0000
ROA not before: Mon 08 Jun 2026 11:20:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211270
IP address blocks: 189.74.112.0/24 maxlen: 24
189.74.113.0/24 maxlen: 24
189.74.119.0/24 maxlen: 24
189.74.122.0/24 maxlen: 24
189.74.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jun 2026 19:40:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:f6:26:8d:88:cb:21:5f:bb:b6:0d:0a:c7:d2:87:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Validity
Not Before: Jun 8 11:20:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=607daf5de5c54804c9054efb953ada5993a86e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:db:f6:9a:02:f3:ca:79:9c:69:e6:42:e7:
c6:b4:ba:fb:5f:c2:9c:35:cd:be:3c:e5:5d:97:70:
58:0a:07:26:1c:0f:0f:dc:c2:66:68:30:c0:1f:80:
a1:6e:f6:a4:8d:39:43:46:48:57:ad:b8:37:c1:29:
7a:65:0e:69:8f:83:11:f8:fd:ab:b3:e3:40:cf:04:
67:3d:f6:09:61:7d:eb:8b:59:2b:4e:13:e1:39:0d:
37:9a:70:c4:85:99:10:e8:a9:dc:c1:61:39:89:f3:
b2:63:ce:86:b6:e7:66:a2:b2:8b:5f:af:33:08:7a:
52:b6:8d:9c:9e:2c:a5:3f:47:c6:aa:82:ea:c1:cb:
2f:e1:2d:8c:3e:b1:ee:48:ec:37:d9:43:5e:49:67:
de:a0:b7:58:74:d1:1e:e6:07:c6:74:e9:ed:14:d2:
b2:25:ae:de:ca:d5:e0:01:21:a9:64:15:56:57:a7:
43:ef:b0:1a:3b:a5:84:54:8f:89:00:ff:e5:38:1a:
8d:ae:28:c7:d7:51:f3:b8:1f:9f:fe:fe:58:57:03:
34:7a:3f:e0:d8:5a:f8:02:b9:76:47:d5:1c:b3:d6:
cd:71:08:77:32:e2:05:af:c2:28:74:f3:ee:62:49:
53:a9:99:5b:a8:d0:53:75:1d:b8:6c:92:94:10:f6:
44:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7D:AF:5D:E5:C5:48:04:C9:05:4E:FB:95:3A:DA:59:93:A8:6E:42
X509v3 Authority Key Identifier:
keyid:95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/YH2vXeXFSATJBU77lTraWZOobkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.74.112.0/23
189.74.119.0/24
189.74.122.0/23
Signature Algorithm: sha256WithRSAEncryption
94:1a:d9:91:02:ee:81:b0:f1:f0:17:47:c8:bb:82:01:c5:c7:
e2:08:f8:9f:e8:cd:4b:25:27:29:c7:97:55:fa:35:5f:22:c9:
89:0a:16:57:fe:b5:be:aa:f1:89:7c:d2:a6:49:9d:df:2f:85:
34:cf:5c:26:90:41:10:de:2a:c4:14:eb:bb:25:be:6a:8a:25:
d3:a1:76:8c:3d:5e:76:cc:80:28:4c:9d:3f:4e:d8:93:cb:90:
08:a5:a7:3e:38:52:5b:47:8d:9d:c0:ac:d1:7a:20:a4:3f:86:
35:d7:d2:18:bc:21:f8:43:00:06:32:f7:04:17:b5:fc:2d:77:
ac:1d:ad:90:be:d2:eb:e7:f9:4f:61:61:42:0c:e3:5c:11:13:
c2:ae:d4:d1:c0:01:a4:27:58:b9:f7:72:50:18:e1:8c:80:45:
40:06:f3:ce:c9:97:c9:6a:78:06:c3:0d:0d:e8:82:6c:1d:d7:
45:9d:12:ca:84:19:7a:e4:ff:89:21:be:cf:51:90:9f:2d:53:
29:ab:08:85:62:4a:0e:52:d5:0e:93:65:4d:cd:32:7c:2a:af:
6a:b9:74:25:5e:07:2d:be:d5:f8:06:2a:d1:a1:f2:3c:fd:3b:
8c:ca:3c:a0:73:eb:eb:77:68:ee:12:f1:65:22:a2:b4:37:3d:
60:ef:a3:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6m9iaNiMshX7u2DQrH0oc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDEwOGYwZTg1ODY4YzJiYmU3ZGI2ZDczNzcwMzRjMTMx
ZWIyMjQwHhcNMjYwNjA4MTEyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDdkYWY1ZGU1YzU0ODA0YzkwNTRlZmI5NTNhZGE1OTkzYTg2ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbHb9poC88p5nGnmQufGtLr7X8Kc
Nc2+POVdl3BYCgcmHA8P3MJmaDDAH4ChbvakjTlDRkhXrbg3wSl6ZQ5pj4MR+P2r
s+NAzwRnPfYJYX3ri1krThPhOQ03mnDEhZkQ6KncwWE5ifOyY86GtudmorKLX68z
CHpSto2cniylP0fGqoLqwcsv4S2MPrHuSOw32UNeSWfeoLdYdNEe5gfGdOntFNKy
Ja7eytXgASGpZBVWV6dD77AaO6WEVI+JAP/lOBqNrijH11HzuB+f/v5YVwM0ej/g
2Fr4Arl2R9Ucs9bNcQh3MuIFr8IodPPuYklTqZlbqNBTdR24bJKUEPZEIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGB9r13lxUgEyQVO+5U62lmTqG5CMB8GA1UdIwQY
MBaAFJXRCPDoWGjCu+fbbXN3A0wTHrIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYt
NzJmYjk3ZDU5Y2U0LzEvWUgydlhlWEZTQVRKQlU3N2xUcmFXWk9vYmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYtNzJmYjk3ZDU5Y2U0
LzEvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBvUpwAwQA
vUp3AwQBvUp6MA0GCSqGSIb3DQEBCwUAA4IBAQCUGtmRAu6BsPHwF0fIu4IBxcfi
CPif6M1LJScpx5dV+jVfIsmJChZX/rW+qvGJfNKmSZ3fL4U0z1wmkEEQ3irEFOu7
Jb5qiiXToXaMPV52zIAoTJ0/TtiTy5AIpac+OFJbR42dwKzReiCkP4Y119IYvCH4
QwAGMvcEF7X8LXesHa2QvtLr5/lPYWFCDONcERPCrtTRwAGkJ1i593JQGOGMgEVA
BvPOyZfJangGww0N6IJsHddFnRLKhBl65P+JIb7PUZCfLVMpqwiFYkoOUtUOk2VN
zTJ8Kq9quXQlXgctvtX4BirRofI8/TuMyjygc+vrd2juEvFlIqK0Nz1g76Pk
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:17:33 2026 by rpki-client