Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/YqHJUxUUG8fre71M8Y8AvNul0X0.roa
File: YqHJUxUUG8fre71M8Y8AvNul0X0.roa (raw, json)
Hash identifier: mE9Jo9xmfgn8ZL5dis4MgVJIJQl7QOaHA7l1qfZimwA=
Subject key identifier: 62:A1:C9:53:15:14:1B:C7:EB:7B:BD:4C:F1:8F:00:BC:DB:A5:D1:7D
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 01946FAF9A846C76577F2AD34BFD98340491
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/YqHJUxUUG8fre71M8Y8AvNul0X0.roa
Signing time: Thu 16 Jan 2025 15:16:06 +0000
ROA not before: Thu 16 Jan 2025 15:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62371
IP address blocks: 109.224.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:af:9a:84:6c:76:57:7f:2a:d3:4b:fd:98:34:04:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: Jan 16 15:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62a1c95315141bc7eb7bbd4cf18f00bcdba5d17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:b3:94:09:1f:d4:0c:55:31:3a:66:1f:f8:
a8:54:45:6a:a7:b7:71:46:4f:fa:d7:c8:69:80:e8:
b5:9c:78:77:43:f8:bf:cc:ba:72:2b:71:63:2a:51:
d0:f1:ac:6a:1d:ff:cc:dc:37:29:27:f6:67:ad:92:
33:6c:4c:a7:db:19:6b:9a:3b:e5:b8:69:76:6f:a8:
b9:62:12:5e:2f:7d:fd:85:43:68:51:4a:5c:a9:ec:
a5:53:e9:4a:36:84:0f:5a:76:6b:67:b8:07:f7:11:
cf:72:dc:71:f3:6f:b2:d0:00:00:38:4b:93:0b:10:
3a:ee:66:d4:93:bd:ee:19:50:4c:df:5e:73:d4:16:
f2:df:5b:1b:c2:77:a7:0c:6d:f9:4f:11:c8:76:e1:
e0:48:48:c1:7e:9a:3d:23:b2:d6:fd:98:cf:93:32:
65:62:30:52:aa:92:6a:f3:8e:68:40:09:dc:63:cc:
05:e1:e8:7e:c1:4f:ce:34:b7:fb:86:ec:5a:93:a3:
1d:23:e6:9d:91:3b:c4:97:e1:53:7d:0f:21:8a:d7:
72:0d:a3:77:e5:79:83:16:9d:b5:02:e6:66:d3:69:
3a:b3:c3:b7:4b:8f:ee:af:7d:2b:7f:76:cc:1e:77:
0b:91:51:77:b5:0f:ce:29:bf:42:d6:ee:84:84:26:
ec:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A1:C9:53:15:14:1B:C7:EB:7B:BD:4C:F1:8F:00:BC:DB:A5:D1:7D
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/YqHJUxUUG8fre71M8Y8AvNul0X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.244.0/24
Signature Algorithm: sha256WithRSAEncryption
24:a1:63:b1:5b:bb:e2:b0:a1:8e:c2:96:60:89:96:78:24:90:
e3:2a:3d:1b:c3:ee:28:3f:a5:d4:1c:48:3f:11:4f:00:2c:e3:
ca:1b:24:b9:d6:03:0e:88:be:a8:93:0b:d4:b8:90:80:5d:da:
03:14:48:56:49:90:a9:0a:30:4d:fb:79:37:58:63:ed:c2:44:
72:98:da:1c:81:39:2f:05:99:ca:ca:b1:7e:a4:f6:d7:75:b9:
18:3e:7d:d3:43:24:97:34:7d:7d:0f:e3:07:1b:6c:74:48:b1:
68:df:0e:c6:20:6e:2e:e4:27:1d:2b:fd:60:ae:27:e0:ef:d0:
51:97:e8:68:bf:c5:5c:39:4e:65:62:2a:3d:97:84:40:3a:a4:
79:99:c0:cd:af:9f:50:0f:4d:07:83:87:f9:2c:52:0e:cd:f9:
e6:98:64:67:0d:3e:59:43:ec:db:e5:c2:df:2d:2d:be:1e:8c:
50:5f:15:07:77:ca:01:77:25:77:62:49:7b:76:21:b0:f3:f2:
9d:a9:d9:38:d8:91:63:6b:54:83:72:5f:e6:42:59:a5:50:5e:
2f:d1:cc:f9:96:ae:4e:ca:ee:f9:e3:4d:5f:42:d3:12:9b:06:
59:22:d6:20:b0:ca:72:b6:99:67:d0:ef:4f:6f:61:82:e7:83:
41:e2:b0:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRvr5qEbHZXfyrTS/2YNASRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjUwMTE2MTUxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmExYzk1MzE1MTQxYmM3ZWI3YmJkNGNmMThmMDBiY2RiYTVkMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxyzlAkf1AxVMTpmH/ioVEVqp7dx
Rk/618hpgOi1nHh3Q/i/zLpyK3FjKlHQ8axqHf/M3DcpJ/ZnrZIzbEyn2xlrmjvl
uGl2b6i5YhJeL339hUNoUUpcqeylU+lKNoQPWnZrZ7gH9xHPctxx82+y0AAAOEuT
CxA67mbUk73uGVBM315z1Bby31sbwnenDG35TxHIduHgSEjBfpo9I7LW/ZjPkzJl
YjBSqpJq845oQAncY8wF4eh+wU/ONLf7huxak6MdI+adkTvEl+FTfQ8hitdyDaN3
5XmDFp21AuZm02k6s8O3S4/ur30rf3bMHncLkVF3tQ/OKb9C1u6EhCbs7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKhyVMVFBvH63u9TPGPALzbpdF9MB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEvWXFISlV4VVVHOGZyZTcxTThZOEF2TnVsMFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbeD0MA0G
CSqGSIb3DQEBCwUAA4IBAQAkoWOxW7visKGOwpZgiZZ4JJDjKj0bw+4oP6XUHEg/
EU8ALOPKGyS51gMOiL6okwvUuJCAXdoDFEhWSZCpCjBN+3k3WGPtwkRymNocgTkv
BZnKyrF+pPbXdbkYPn3TQySXNH19D+MHG2x0SLFo3w7GIG4u5CcdK/1grifg79BR
l+hov8VcOU5lYio9l4RAOqR5mcDNr59QD00Hg4f5LFIOzfnmmGRnDT5ZQ+zb5cLf
LS2+HoxQXxUHd8oBdyV3Ykl7diGw8/Kdqdk42JFja1SDcl/mQlmlUF4v0cz5lq5O
yu75401fQtMSmwZZItYgsMpytpln0O9Pb2GC54NB4rCR
-----END CERTIFICATE-----
Generated at Mon Jan 20 19:38:50 2025 by rpki-client on console.sobornost.net