Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/76556e-a1d8-4e0a-8468-2214f18eb329/1/YLnAKtNc17g_VG_xixRMBXgJz2s.roa
File: YLnAKtNc17g_VG_xixRMBXgJz2s.roa (raw, json)
Hash identifier: vAdl76sKwJzMSNRNz/8UeMlDhmncBPi5drTBv6dvbMw=
Subject key identifier: 60:B9:C0:2A:D3:5C:D7:B8:3F:54:6F:F1:8B:14:4C:05:78:09:CF:6B
Certificate issuer: /CN=d0aa4a1a7a3ad23faae2aeae9fa6194f02128129
Certificate serial: 01944AC12449D816065C8FFED1B611C941FF
Authority key identifier: D0:AA:4A:1A:7A:3A:D2:3F:AA:E2:AE:AE:9F:A6:19:4F:02:12:81:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KpKGno60j-q4q6un6YZTwISgSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/76556e-a1d8-4e0a-8468-2214f18eb329/1/YLnAKtNc17g_VG_xixRMBXgJz2s.roa
Signing time: Thu 09 Jan 2025 11:09:19 +0000
ROA not before: Thu 09 Jan 2025 11:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1273
IP address blocks: 193.195.0.0/17 maxlen: 17
193.195.128.0/21 maxlen: 21
193.195.136.0/23 maxlen: 23
193.195.139.0/24 maxlen: 24
193.195.140.0/24 maxlen: 24
193.195.142.0/23 maxlen: 23
193.195.144.0/20 maxlen: 20
193.195.160.0/19 maxlen: 19
193.195.192.0/18 maxlen: 18
194.70.0.0/23 maxlen: 23
194.70.2.0/24 maxlen: 24
194.70.4.0/22 maxlen: 22
194.70.8.0/21 maxlen: 21
194.70.16.0/20 maxlen: 20
194.70.32.0/22 maxlen: 22
194.70.37.0/24 maxlen: 24
194.70.38.0/23 maxlen: 23
194.70.40.0/21 maxlen: 21
194.70.48.0/20 maxlen: 20
194.70.64.0/20 maxlen: 20
194.70.80.0/21 maxlen: 21
194.70.88.0/22 maxlen: 22
194.70.92.0/23 maxlen: 23
194.70.95.0/24 maxlen: 24
194.70.96.0/19 maxlen: 19
194.70.128.0/18 maxlen: 18
194.70.192.0/19 maxlen: 19
194.70.224.0/21 maxlen: 21
194.70.232.0/23 maxlen: 23
194.70.235.0/24 maxlen: 24
194.70.236.0/22 maxlen: 22
194.70.240.0/20 maxlen: 20
194.159.0.0/16 maxlen: 16
194.217.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Thu 09 Jan 2025 11:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:c1:24:49:d8:16:06:5c:8f:fe:d1:b6:11:c9:41:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0aa4a1a7a3ad23faae2aeae9fa6194f02128129
Validity
Not Before: Jan 9 11:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60b9c02ad35cd7b83f546ff18b144c057809cf6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fe:64:2f:ac:13:87:7e:e0:fe:d6:52:2f:41:
68:75:49:77:ab:cd:c8:f4:b0:2e:2e:53:8c:e0:6e:
56:cb:cd:cf:c6:4a:1d:88:91:48:ae:29:30:a2:30:
1a:4e:b4:65:53:c5:c4:99:39:d4:89:00:30:9d:f9:
f3:74:49:10:9e:d2:2e:93:25:49:29:ab:d3:50:7e:
b0:e8:4d:13:ea:14:3a:d5:a0:40:b2:74:b1:fd:54:
94:72:59:1e:8e:b4:ad:9f:73:75:a8:c7:4a:59:6a:
ae:3a:63:63:79:de:e2:50:5e:9a:b9:c6:ab:62:3f:
b5:b6:fa:10:85:54:12:05:2a:15:19:ed:2b:53:00:
3f:0d:a9:78:58:6c:81:1b:c9:14:0e:a5:fc:df:8b:
f2:f8:40:59:25:18:7d:16:cf:1b:36:0a:44:8b:bf:
3c:4d:f4:87:00:07:49:b1:84:39:36:5c:d8:6c:2f:
75:16:56:6c:10:3c:38:94:de:29:31:ba:f7:5d:d4:
3a:d8:f8:1b:21:28:51:ce:b2:94:5f:a3:96:c3:d4:
d7:52:d7:66:bc:84:dd:6a:e1:b0:d8:85:a1:d7:c5:
cc:cb:2d:f3:0e:3c:2c:7f:8c:44:1d:2c:95:30:11:
c5:4d:58:7e:bb:d2:f7:03:c0:a7:77:9b:87:ff:be:
ca:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B9:C0:2A:D3:5C:D7:B8:3F:54:6F:F1:8B:14:4C:05:78:09:CF:6B
X509v3 Authority Key Identifier:
keyid:D0:AA:4A:1A:7A:3A:D2:3F:AA:E2:AE:AE:9F:A6:19:4F:02:12:81:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KpKGno60j-q4q6un6YZTwISgSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/76556e-a1d8-4e0a-8468-2214f18eb329/1/YLnAKtNc17g_VG_xixRMBXgJz2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/76556e-a1d8-4e0a-8468-2214f18eb329/1/0KpKGno60j-q4q6un6YZTwISgSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.195.0.0-193.195.137.255
193.195.139.0-193.195.140.255
193.195.142.0-193.195.255.255
194.70.0.0-194.70.2.255
194.70.4.0-194.70.35.255
194.70.37.0-194.70.93.255
194.70.95.0-194.70.233.255
194.70.235.0-194.70.255.255
194.159.0.0/16
194.217.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:d9:6c:96:45:a1:da:4d:c9:1d:ea:10:bb:3b:aa:df:81:0c:
87:92:93:c3:5b:4f:f6:c5:83:1e:67:6d:40:c8:04:b4:da:c4:
8a:d6:cf:5a:c7:32:fa:99:6e:b4:6c:62:2c:11:0d:69:fe:73:
b2:15:a8:d4:6d:a5:f4:15:c6:c4:65:ac:6f:8f:f4:c8:00:50:
19:ff:82:1d:66:d4:d0:58:2a:6f:3f:44:da:d9:58:90:cb:8d:
55:ee:58:db:7b:61:4c:5b:6b:0d:31:d1:b4:4f:ff:84:08:8a:
22:59:98:da:95:9e:44:2d:6f:0d:26:94:68:74:c4:96:fa:14:
3c:25:d4:a1:da:27:d2:d3:1c:0f:41:c7:a2:54:b3:6c:01:6f:
63:1f:b1:fa:4f:dc:2a:f8:f3:6d:3d:a2:59:bc:da:31:d8:c5:
ea:c7:68:a1:ac:b0:a6:29:a8:d1:e9:b1:f5:0c:e7:9c:d1:f9:
dd:f5:91:91:85:9b:c5:7b:e2:52:ab:32:b1:f3:fc:f1:8b:26:
e9:b0:16:00:d7:66:14:af:7d:2d:e4:37:21:b9:f4:1e:ed:71:
b9:a3:e2:ad:c2:5f:c3:22:45:ec:dc:2a:77:00:d3:e2:85:c0:
00:bd:a6:d7:0e:4a:27:8c:b4:c6:0b:45:9b:a0:11:3a:d3:26:
3e:8b:51:78
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZRKwSRJ2BYGXI/+0bYRyUH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYWE0YTFhN2EzYWQyM2ZhYWUyYWVhZTlmYTYxOTRmMDIx
MjgxMjkwHhcNMjUwMTA5MTEwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI5YzAyYWQzNWNkN2I4M2Y1NDZmZjE4YjE0NGMwNTc4MDljZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf5kL6wTh37g/tZSL0FodUl3q83I
9LAuLlOM4G5Wy83PxkodiJFIrikwojAaTrRlU8XEmTnUiQAwnfnzdEkQntIukyVJ
KavTUH6w6E0T6hQ61aBAsnSx/VSUclkejrStn3N1qMdKWWquOmNjed7iUF6aucar
Yj+1tvoQhVQSBSoVGe0rUwA/Dal4WGyBG8kUDqX834vy+EBZJRh9Fs8bNgpEi788
TfSHAAdJsYQ5NlzYbC91FlZsEDw4lN4pMbr3XdQ62PgbIShRzrKUX6OWw9TXUtdm
vITdauGw2IWh18XMyy3zDjwsf4xEHSyVMBHFTVh+u9L3A8Cnd5uH/77KWQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFGC5wCrTXNe4P1Rv8YsUTAV4Cc9rMB8GA1UdIwQY
MBaAFNCqShp6OtI/quKurp+mGU8CEoEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtwS0dubzYwai1xNHE2dW42WVpUd0lTZ1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83NjU1NmUtYTFkOC00ZTBhLTg0Njgt
MjIxNGYxOGViMzI5LzEvWUxuQUt0TmMxN2dfVkdfeGl4Uk1CWGdKejJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83NjU1NmUtYTFkOC00ZTBhLTg0NjgtMjIxNGYxOGViMzI5
LzEvMEtwS0dubzYwai1xNHE2dW42WVpUd0lTZ1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYwCwMDAMHD
AwQBwcOIMAwDBADBw4sDBADBw4wwCwMEAcHDjgMDAsHAMAsDAwHCRgMEAMJGAjAM
AwQCwkYEAwQCwkYgMAwDBADCRiUDBAHCRlwwDAMEAMJGXwMEAcJG6DALAwQAwkbr
AwMAwkYDAwDCnwMDAMLZMA0GCSqGSIb3DQEBCwUAA4IBAQAD2WyWRaHaTckd6hC7
O6rfgQyHkpPDW0/2xYMeZ21AyAS02sSK1s9axzL6mW60bGIsEQ1p/nOyFajUbaX0
FcbEZaxvj/TIAFAZ/4IdZtTQWCpvP0Ta2ViQy41V7ljbe2FMW2sNMdG0T/+ECIoi
WZjalZ5ELW8NJpRodMSW+hQ8JdSh2ifS0xwPQceiVLNsAW9jH7H6T9wq+PNtPaJZ
vNox2MXqx2ihrLCmKajR6bH1DOec0fnd9ZGRhZvFe+JSqzKx8/zxiybpsBYA12YU
r30t5DchufQe7XG5o+Ktwl/DIkXs3Cp3ANPihcAAvabXDkonjLTGC0WboBE60yY+
i1F4
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:36:11 2025 by rpki-client