Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/Y_7lqrTvhwIWjFV3yhB3sgiaCbA.roa
File: Y_7lqrTvhwIWjFV3yhB3sgiaCbA.roa (raw, json)
Hash identifier: n03EvuwR8gGtxanUtghsTYpcEV0p5r7f8uFyt5t8fCc=
Subject key identifier: 63:FE:E5:AA:B4:EF:87:02:16:8C:55:77:CA:10:77:B2:08:9A:09:B0
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 0194CBD5FDEC0C21A60A9B1891E074F2D533
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/Y_7lqrTvhwIWjFV3yhB3sgiaCbA.roa
Signing time: Mon 03 Feb 2025 12:43:06 +0000
ROA not before: Mon 03 Feb 2025 12:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57664
IP address blocks: 37.16.96.0/20 maxlen: 23
37.16.112.0/20 maxlen: 24
178.213.232.0/21 maxlen: 21
178.213.239.0/24 maxlen: 24
2a00:4cc0::/32 maxlen: 32
2a00:4cc1:2501::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 04 Feb 2025 04:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:d5:fd:ec:0c:21:a6:0a:9b:18:91:e0:74:f2:d5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Feb 3 12:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63fee5aab4ef8702168c5577ca1077b2089a09b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:73:79:b2:01:f3:93:14:a1:67:a8:82:13:f4:
dd:94:63:b2:10:c5:8e:51:d3:65:3f:26:24:4e:b2:
69:25:28:dd:12:8f:ea:67:0d:2f:ad:ae:5f:4f:f5:
54:4c:1f:63:dc:67:26:e0:c3:12:38:9e:67:14:9f:
9b:49:ff:ec:ed:64:5d:94:38:38:ef:79:d9:62:7a:
b5:3d:dc:17:97:4a:47:69:b1:f0:38:db:5f:51:79:
09:b6:98:79:f5:7e:a9:bb:46:47:2c:54:6c:09:a6:
45:1f:a1:97:25:a1:df:1b:d0:6d:c9:4e:a9:33:4a:
e4:96:6a:2a:5b:66:9b:f6:92:4a:35:d7:cd:f7:9a:
f6:79:fd:1f:4d:6a:d2:8a:03:9d:08:07:f7:a1:35:
ec:2e:0a:24:60:a7:7f:24:49:e2:0f:c4:30:6c:60:
d3:2c:5e:b0:c0:f8:2e:79:f3:50:a9:6f:60:fb:7f:
04:ff:e3:4c:49:a3:b6:10:fc:66:73:d9:1d:56:27:
0f:fb:e5:3a:8a:f2:cd:7f:06:22:cc:7f:0d:cb:02:
c8:fb:be:d7:cc:6d:ef:d4:66:9b:e5:0a:9f:29:9b:
68:00:74:d9:b8:7e:6e:37:80:84:a8:9a:b1:75:09:
8b:15:4f:43:01:45:33:3d:71:fc:9f:fd:df:e8:f9:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FE:E5:AA:B4:EF:87:02:16:8C:55:77:CA:10:77:B2:08:9A:09:B0
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/Y_7lqrTvhwIWjFV3yhB3sgiaCbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc0::/32
2a00:4cc1:2501::/64
Signature Algorithm: sha256WithRSAEncryption
89:ba:b4:37:53:de:da:d7:6f:23:f7:21:60:df:56:ca:c6:16:
fb:fc:5b:35:0d:9f:a5:6a:19:3d:95:2e:e4:ba:60:22:82:c7:
28:3f:6f:53:d6:f2:7b:92:04:4b:42:8b:30:42:8f:55:39:2e:
95:4a:48:67:02:89:e0:50:55:ba:42:ee:4e:34:85:9f:cf:30:
88:f8:c3:29:fd:69:26:06:95:84:b7:9e:8f:95:71:67:1a:f3:
32:57:d6:49:d1:2b:5a:6a:f6:ef:13:4d:e9:31:02:33:04:9c:
84:f3:bd:0e:e8:5b:8b:24:32:78:05:0f:0a:2f:ca:d3:dc:68:
13:b3:30:54:45:4b:12:65:f1:64:1b:93:e1:fd:d3:74:9e:24:
a2:8d:c0:eb:96:59:d1:37:c8:df:84:c7:81:d6:a7:c4:71:6c:
9f:3a:00:d1:dc:bd:99:3a:b0:6c:c5:80:fd:69:70:dc:84:1b:
d1:1b:2d:d4:9b:a6:b6:dc:89:14:48:28:1f:0f:5b:20:14:6d:
d7:a6:45:80:0c:ea:bd:f9:73:52:46:f8:3e:a9:c3:52:b3:36:
f9:09:35:4d:21:01:ea:90:1e:3d:78:42:ca:52:f5:eb:79:4b:
f4:b2:ce:99:d0:0f:6b:1d:9e:f6:66:2a:4c:b9:3b:0e:f9:58:
19:06:38:bd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZTL1f3sDCGmCpsYkeB08tUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjUwMjAzMTI0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2ZlZTVhYWI0ZWY4NzAyMTY4YzU1NzdjYTEwNzdiMjA4OWEwOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3N5sgHzkxShZ6iCE/TdlGOyEMWO
UdNlPyYkTrJpJSjdEo/qZw0vra5fT/VUTB9j3Gcm4MMSOJ5nFJ+bSf/s7WRdlDg4
73nZYnq1PdwXl0pHabHwONtfUXkJtph59X6pu0ZHLFRsCaZFH6GXJaHfG9BtyU6p
M0rklmoqW2ab9pJKNdfN95r2ef0fTWrSigOdCAf3oTXsLgokYKd/JEniD8QwbGDT
LF6wwPguefNQqW9g+38E/+NMSaO2EPxmc9kdVicP++U6ivLNfwYizH8NywLI+77X
zG3v1Gab5QqfKZtoAHTZuH5uN4CEqJqxdQmLFU9DAUUzPXH8n/3f6PnZmQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGP+5aq074cCFoxVd8oQd7IImgmwMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvWV83bHFyVHZod0lXakZWM3loQjNzZ2lhQ2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQFJRBgAwQD
stXoMBgEAgACMBIDBQAqAEzAAwkAKgBMwSUBAAAwDQYJKoZIhvcNAQELBQADggEB
AIm6tDdT3trXbyP3IWDfVsrGFvv8WzUNn6VqGT2VLuS6YCKCxyg/b1PW8nuSBEtC
izBCj1U5LpVKSGcCieBQVbpC7k40hZ/PMIj4wyn9aSYGlYS3no+VcWca8zJX1knR
K1pq9u8TTekxAjMEnITzvQ7oW4skMngFDwovytPcaBOzMFRFSxJl8WQbk+H903Se
JKKNwOuWWdE3yN+Ex4HWp8RxbJ86ANHcvZk6sGzFgP1pcNyEG9EbLdSbprbciRRI
KB8PWyAUbdemRYAM6r35c1JG+D6pw1KzNvkJNU0hAeqQHj14QspS9et5S/SyzpnQ
D2sdnvZmKky5Ow75WBkGOL0=
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:54:25 2025 by rpki-client