Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/pYrHGWO4fku3AIbcUBk9SYkxxoA.roa
File: pYrHGWO4fku3AIbcUBk9SYkxxoA.roa (raw, json)
Hash identifier: 3PUGuiFqlQC5yfrlELTgvvaNxmtGEpemP/DcioeW68w=
Subject key identifier: A5:8A:C7:19:63:B8:7E:4B:B7:00:86:DC:50:19:3D:49:89:31:C6:80
Certificate issuer: /CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Certificate serial: 0196A0B9C18A03813A3348EE34EEE296299B
Authority key identifier: 68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/pYrHGWO4fku3AIbcUBk9SYkxxoA.roa
Signing time: Mon 05 May 2025 13:54:10 +0000
ROA not before: Mon 05 May 2025 13:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211274
IP address blocks: 193.56.11.0/24 maxlen: 24
2a0b:4740::/30 maxlen: 30
2a0b:4744::/32 maxlen: 32
2a0b:4745::/32 maxlen: 32
2a0b:4746::/32 maxlen: 32
2a0b:4747::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 May 2025 14:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:b9:c1:8a:03:81:3a:33:48:ee:34:ee:e2:96:29:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Validity
Not Before: May 5 13:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a58ac71963b87e4bb70086dc50193d498931c680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:80:e9:16:47:69:fd:1c:95:1e:ea:56:70:
85:0b:70:cf:ba:f3:b6:10:42:74:00:d1:08:17:f7:
95:12:89:2d:41:88:bc:4f:bc:00:e1:95:24:fb:24:
22:8d:f7:76:be:ab:09:0a:20:97:75:e3:5f:34:59:
45:83:96:47:31:02:3d:22:71:5b:f1:40:a6:9f:de:
03:54:14:bf:4d:47:ad:2c:14:1d:23:c0:55:7d:db:
23:12:1a:39:ea:ad:c7:c9:ca:94:f3:92:ee:91:49:
1c:72:16:c8:6f:09:78:27:66:6c:0c:45:af:96:73:
54:b7:15:0c:29:cd:e2:4a:d8:96:e9:79:f7:9d:72:
20:87:8e:9e:e8:dc:81:72:07:f4:24:f0:e4:46:0b:
be:4c:e6:95:6a:58:b3:76:91:51:33:db:8f:53:f2:
01:35:15:6c:e8:76:5f:d4:3a:c3:58:c7:78:9c:de:
02:d9:ed:1e:8d:8e:21:2e:db:84:16:50:01:b0:18:
81:76:32:22:6d:3f:c0:52:d8:30:9d:e9:9c:51:92:
eb:83:db:5c:33:8a:e1:85:23:13:c2:d5:05:15:ed:
0b:62:16:0c:35:02:6f:09:9d:62:4d:88:55:7a:b8:
0b:53:63:12:7a:5c:00:d6:fe:38:5b:d6:6b:ab:3a:
9a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8A:C7:19:63:B8:7E:4B:B7:00:86:DC:50:19:3D:49:89:31:C6:80
X509v3 Authority Key Identifier:
keyid:68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/pYrHGWO4fku3AIbcUBk9SYkxxoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.11.0/24
IPv6:
2a0b:4740::/29
Signature Algorithm: sha256WithRSAEncryption
52:2a:f3:dc:27:e9:59:3e:dc:c5:3c:da:17:24:2c:94:56:9a:
4f:0e:50:d2:6b:39:be:1b:de:06:dc:37:2c:3c:11:b3:12:a6:
d5:fa:08:b2:95:84:9e:9b:22:d0:7d:fd:e6:28:a7:fb:ff:71:
b8:16:68:53:c7:25:3e:ac:9f:44:4a:62:5d:e6:aa:e7:bc:d3:
a7:0e:4f:04:07:b0:7d:72:2f:f0:74:b7:4b:55:c1:dd:9f:d5:
ad:6d:c2:5c:08:94:cb:51:b9:cb:ed:c7:be:b9:ea:ab:d9:2a:
09:40:d3:84:eb:51:61:f5:ab:79:28:90:28:54:6a:ec:5e:69:
6c:74:a6:0a:4f:2d:d5:dc:8b:63:c4:4a:14:d6:c5:21:77:67:
74:1e:b2:30:ff:4d:96:45:dc:55:73:17:db:68:28:27:81:72:
ce:68:6b:72:dd:d9:11:51:39:2f:2d:6f:47:f6:a3:f0:ee:86:
c0:5b:5f:b3:11:f3:89:6e:e1:46:27:54:d8:98:73:8c:04:51:
01:7e:a5:71:0a:9e:b4:28:e6:90:6d:67:92:ee:ae:62:46:28:
31:2a:41:00:8c:b5:01:49:60:4e:a9:19:f4:be:a8:53:4b:f1:
26:c9:d7:0a:dc:4c:52:62:fb:fe:33:86:86:f1:95:d7:c8:c8:
98:ac:b1:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZagucGKA4E6M0juNO7ilimbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDE3ZGE4YWE0ZmUwYjhjZmYxODg0MTJlZWRkYTYzY2Jk
Y2Y5OTYwHhcNMjUwNTA1MTM1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThhYzcxOTYzYjg3ZTRiYjcwMDg2ZGM1MDE5M2Q0OTg5MzFjNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreOA6RZHaf0clR7qVnCFC3DPuvO2
EEJ0ANEIF/eVEoktQYi8T7wA4ZUk+yQijfd2vqsJCiCXdeNfNFlFg5ZHMQI9InFb
8UCmn94DVBS/TUetLBQdI8BVfdsjEho56q3HycqU85LukUkcchbIbwl4J2ZsDEWv
lnNUtxUMKc3iStiW6Xn3nXIgh46e6NyBcgf0JPDkRgu+TOaValizdpFRM9uPU/IB
NRVs6HZf1DrDWMd4nN4C2e0ejY4hLtuEFlABsBiBdjIibT/AUtgwnemcUZLrg9tc
M4rhhSMTwtUFFe0LYhYMNQJvCZ1iTYhVergLU2MSelwA1v44W9ZrqzqaZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKWKxxljuH5LtwCG3FAZPUmJMcaAMB8GA1UdIwQY
MBaAFGhBfaiqT+C4z/GIQS7t2mPL3PmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYt
NGQ1MzdjZjAxODA5LzEvcFlySEdXTzRma3UzQUliY1VCazlTWWt4eG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYtNGQ1MzdjZjAxODA5
LzEvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTgLMA0E
AgACMAcDBQMqC0dAMA0GCSqGSIb3DQEBCwUAA4IBAQBSKvPcJ+lZPtzFPNoXJCyU
VppPDlDSazm+G94G3DcsPBGzEqbV+giylYSemyLQff3mKKf7/3G4FmhTxyU+rJ9E
SmJd5qrnvNOnDk8EB7B9ci/wdLdLVcHdn9WtbcJcCJTLUbnL7ce+ueqr2SoJQNOE
61Fh9at5KJAoVGrsXmlsdKYKTy3V3ItjxEoU1sUhd2d0HrIw/02WRdxVcxfbaCgn
gXLOaGty3dkRUTkvLW9H9qPw7obAW1+zEfOJbuFGJ1TYmHOMBFEBfqVxCp60KOaQ
bWeS7q5iRigxKkEAjLUBSWBOqRn0vqhTS/EmydcK3ExSYvv+M4aG8ZXXyMiYrLE2
-----END CERTIFICATE-----
Generated at Thu Jun 19 17:45:44 2025 by rpki-client