Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YS6zpV_qIlc_wSnamFae9x1_Q5M.roa
File: YS6zpV_qIlc_wSnamFae9x1_Q5M.roa (raw, json)
Hash identifier: gfvW5QisEcuxzpuOoelu8ybg2RurauBL2J5CohH4HBc=
Subject key identifier: 61:2E:B3:A5:5F:EA:22:57:3F:C1:29:DA:98:56:9E:F7:1D:7F:43:93
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CB208411C390049415FEB15356D86
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YS6zpV_qIlc_wSnamFae9x1_Q5M.roa
Signing time: Wed 01 Jan 2025 01:48:21 +0000
ROA not before: Wed 01 Jan 2025 01:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197077
IP address blocks: 45.13.202.0/23 maxlen: 23
217.198.192.0/20 maxlen: 24
2a04:a450::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 16 Jan 2025 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:b2:08:41:1c:39:00:49:41:5f:eb:15:35:6d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=612eb3a55fea22573fc129da98569ef71d7f4393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:43:b4:77:8e:6e:c2:55:e4:cb:f8:67:0d:55:
4a:8b:44:a3:c3:76:79:66:60:b8:e8:15:f0:34:13:
9f:60:60:52:ee:89:37:95:85:85:db:8e:72:e2:54:
1b:75:64:6a:73:90:46:5d:26:81:63:fc:ab:d6:6a:
82:4b:cc:93:06:54:e5:42:7e:5c:9e:f0:ba:19:52:
78:4e:44:fd:7d:59:35:d7:f9:59:7b:57:1f:b0:3c:
85:e4:82:86:7d:4b:8e:df:ff:0c:dd:44:cc:4e:45:
ef:7a:8b:8a:93:41:33:ec:16:44:3b:79:2a:19:d7:
6e:5d:3b:c3:2a:94:79:0f:a3:a3:fa:39:12:33:dd:
4f:3a:e7:b6:6b:57:8c:dd:96:67:fc:5f:19:bc:c8:
bb:4e:e7:fc:64:28:b3:e6:28:0b:03:94:13:3d:44:
7f:69:01:d2:47:80:bf:04:11:40:70:b9:5e:ef:11:
7a:35:82:36:d8:fc:d8:e5:49:ae:cc:96:66:34:6e:
dd:f6:05:25:1c:9f:36:77:03:b9:1e:89:3b:50:d9:
d6:47:0c:39:17:8d:a9:cf:11:1b:e5:52:3b:f3:9e:
bf:0f:64:f2:01:bb:b9:13:2a:ce:38:18:12:59:db:
da:e7:04:82:59:9c:7a:43:a5:87:86:17:fd:7d:86:
60:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2E:B3:A5:5F:EA:22:57:3F:C1:29:DA:98:56:9E:F7:1D:7F:43:93
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YS6zpV_qIlc_wSnamFae9x1_Q5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.202.0/23
217.198.192.0/20
IPv6:
2a04:a450::/31
Signature Algorithm: sha256WithRSAEncryption
3a:90:31:ef:10:8b:f6:89:58:bf:a4:fa:e2:72:72:d9:f0:a1:
b4:27:f8:9d:40:d5:eb:e3:45:78:86:ed:4e:b4:94:e5:c7:65:
14:3b:c7:92:26:80:ed:f9:f4:06:13:ff:11:91:1a:ad:f4:9c:
7f:d2:f1:91:b7:32:e5:04:84:b6:c3:a8:b6:d0:7c:93:3a:b2:
1e:6a:0b:7e:2c:54:51:99:75:a9:4c:d5:19:56:64:4d:db:5a:
ac:e9:e9:67:81:9b:e3:3c:2d:ba:ef:b0:eb:06:62:ee:48:5b:
53:6a:5a:d2:6f:bd:16:71:92:26:c1:4a:32:3e:aa:48:79:39:
79:87:bf:7e:6d:fe:97:49:86:1f:ef:0e:d3:dd:7b:fa:85:94:
42:1c:1e:a6:e6:3b:fd:7e:49:b4:d5:55:04:ec:74:59:a5:4f:
9e:a1:c1:0d:1e:00:3b:cf:33:76:41:6c:28:7f:0f:e5:3f:c5:
ac:67:fa:73:e5:b4:4a:f8:95:51:c3:4a:d7:ed:6c:98:db:ba:
56:8a:90:ce:04:f7:5e:46:67:58:9c:a0:46:9d:84:87:38:c1:
12:66:a5:df:a1:2c:5a:d8:80:56:87:31:a2:ff:79:2d:b0:75:
6f:96:51:85:07:5e:19:24:b2:d8:95:c5:bc:f6:86:bb:11:32:
89:e0:f7:7e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjLIIQRw5AElBX+sVNW2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTJlYjNhNTVmZWEyMjU3M2ZjMTI5ZGE5ODU2OWVmNzFkN2Y0MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UO0d45uwlXky/hnDVVKi0Sjw3Z5
ZmC46BXwNBOfYGBS7ok3lYWF245y4lQbdWRqc5BGXSaBY/yr1mqCS8yTBlTlQn5c
nvC6GVJ4TkT9fVk11/lZe1cfsDyF5IKGfUuO3/8M3UTMTkXveouKk0Ez7BZEO3kq
GdduXTvDKpR5D6Oj+jkSM91POue2a1eM3ZZn/F8ZvMi7Tuf8ZCiz5igLA5QTPUR/
aQHSR4C/BBFAcLle7xF6NYI22PzY5UmuzJZmNG7d9gUlHJ82dwO5Hok7UNnWRww5
F42pzxEb5VI7856/D2TyAbu5EyrOOBgSWdva5wSCWZx6Q6WHhhf9fYZgswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGEus6Vf6iJXP8Ep2phWnvcdf0OTMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWVM2enBWX3FJbGNfd1NuYW1GYWU5eDFfUTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLQ3KAwQE
2cbAMA0EAgACMAcDBQEqBKRQMA0GCSqGSIb3DQEBCwUAA4IBAQA6kDHvEIv2iVi/
pPricnLZ8KG0J/idQNXr40V4hu1OtJTlx2UUO8eSJoDt+fQGE/8RkRqt9Jx/0vGR
tzLlBIS2w6i20HyTOrIeagt+LFRRmXWpTNUZVmRN21qs6elngZvjPC2677DrBmLu
SFtTalrSb70WcZImwUoyPqpIeTl5h79+bf6XSYYf7w7T3Xv6hZRCHB6m5jv9fkm0
1VUE7HRZpU+eocENHgA7zzN2QWwofw/lP8WsZ/pz5bRK+JVRw0rX7WyY27pWipDO
BPdeRmdYnKBGnYSHOMESZqXfoSxa2IBWhzGi/3ktsHVvllGFB14ZJLLYlcW89oa7
ETKJ4Pd+
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:37:38 2025 by rpki-client