Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/pYYLXGedWSyxLe8yB-PFENMyHYA.roa
File: pYYLXGedWSyxLe8yB-PFENMyHYA.roa (raw, json)
Hash identifier: /gGa+xvQFLPBaxIhkXzLCJ+QuFjF31Cuyw1cxE9Oq2E=
Subject key identifier: A5:86:0B:5C:67:9D:59:2C:B1:2D:EF:32:07:E3:C5:10:D3:32:1D:80
Certificate issuer: /CN=64757185472f16d53eeb68a140e3513fa31c31d8
Certificate serial: 0195235539250466B83074FE03A028B3E195
Authority key identifier: 64:75:71:85:47:2F:16:D5:3E:EB:68:A1:40:E3:51:3F:A3:1C:31:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHVxhUcvFtU-62ihQONRP6McMdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/pYYLXGedWSyxLe8yB-PFENMyHYA.roa
Signing time: Thu 20 Feb 2025 12:29:02 +0000
ROA not before: Thu 20 Feb 2025 12:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208923
IP address blocks: 185.70.224.0/24 maxlen: 24
185.70.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 12:38:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:55:39:25:04:66:b8:30:74:fe:03:a0:28:b3:e1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64757185472f16d53eeb68a140e3513fa31c31d8
Validity
Not Before: Feb 20 12:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5860b5c679d592cb12def3207e3c510d3321d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8f:1a:66:03:a8:30:33:24:3e:ac:46:12:f9:
a7:a0:03:4f:81:8a:45:27:04:b8:6e:96:e5:3d:b3:
c3:28:c8:8f:8b:0b:84:8a:15:2d:d6:13:3f:be:b2:
37:32:88:6d:80:2f:b8:42:dc:f5:61:e8:c0:4d:fc:
9d:ef:aa:bc:31:fe:f0:f1:22:2f:6b:79:92:e5:ab:
64:3c:58:d6:ad:3d:ce:73:ae:5e:2a:44:a9:9b:c8:
a4:2f:cd:61:e9:41:8b:1a:3d:93:00:fa:79:6e:c2:
5f:fb:c3:71:21:d1:ee:a4:56:ea:5f:f4:ab:c3:69:
9e:c8:fc:d3:82:aa:33:10:cf:da:4a:4d:0d:e5:73:
21:ca:1c:05:14:26:ba:61:64:65:e7:84:5a:06:c3:
97:2a:a8:ca:f5:3e:e7:02:e1:e1:df:16:4b:bd:fa:
03:ec:54:56:bb:1f:bc:ac:7c:f7:b1:03:cf:7d:90:
d4:ea:36:19:42:03:77:81:61:2b:c3:6d:66:05:ea:
fe:27:a2:f6:86:11:23:31:6a:d2:59:00:94:7e:cd:
d5:e5:a1:36:d8:75:b0:0e:b4:81:ec:74:76:f0:37:
fc:25:4f:8e:ca:f8:be:e9:b6:09:06:fe:42:2e:8d:
2c:09:7d:88:0a:89:00:c9:fa:d7:ed:87:6d:d4:80:
c9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:86:0B:5C:67:9D:59:2C:B1:2D:EF:32:07:E3:C5:10:D3:32:1D:80
X509v3 Authority Key Identifier:
keyid:64:75:71:85:47:2F:16:D5:3E:EB:68:A1:40:E3:51:3F:A3:1C:31:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHVxhUcvFtU-62ihQONRP6McMdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/pYYLXGedWSyxLe8yB-PFENMyHYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/ZHVxhUcvFtU-62ihQONRP6McMdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.224.0/24
185.70.227.0/24
Signature Algorithm: sha256WithRSAEncryption
54:13:e8:40:1c:fa:62:15:72:3c:af:06:83:d2:a1:8b:7c:f8:
3e:ad:4e:d0:21:05:2f:38:2b:0d:d1:a7:f7:9d:8a:98:99:3c:
3f:e5:64:b4:a7:6e:10:40:9f:cb:c9:87:95:64:69:94:4d:f3:
8a:9a:29:3e:c3:d6:c9:72:60:54:36:6d:7e:7e:86:6d:89:e1:
20:8d:0d:21:8e:4b:eb:54:1c:77:1b:35:6e:12:9d:ed:2d:ff:
3a:06:d8:46:23:10:43:3d:61:75:86:6d:b4:c9:92:f0:1c:1a:
84:06:32:a5:82:7f:82:e8:54:c6:2e:17:4d:f6:1a:82:6f:7f:
78:44:e7:73:00:a7:14:13:64:b6:37:eb:7a:81:3f:17:42:3e:
34:6e:b1:8b:f9:8c:dc:c5:f0:4e:03:58:7f:8a:94:57:3a:45:
3d:32:0b:dc:2f:33:b6:af:b9:5a:7e:f2:54:09:eb:15:3e:79:
a1:ea:f3:86:81:4d:c6:44:4d:f2:e6:00:f2:e2:ae:ea:28:37:
95:fc:a9:ac:58:a2:82:7b:a1:74:98:96:aa:08:02:de:ac:e6:
5f:31:b1:6e:81:43:76:f1:27:77:db:2e:6c:ec:ef:d3:78:ef:
13:5c:7b:d5:8a:9e:2c:66:bd:f1:b6:e3:26:b5:3d:56:a1:92:
70:c1:c2:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUjVTklBGa4MHT+A6Aos+GVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NzU3MTg1NDcyZjE2ZDUzZWViNjhhMTQwZTM1MTNmYTMx
YzMxZDgwHhcNMjUwMjIwMTIyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg2MGI1YzY3OWQ1OTJjYjEyZGVmMzIwN2UzYzUxMGQzMzIxZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro8aZgOoMDMkPqxGEvmnoANPgYpF
JwS4bpblPbPDKMiPiwuEihUt1hM/vrI3MohtgC+4Qtz1YejATfyd76q8Mf7w8SIv
a3mS5atkPFjWrT3Oc65eKkSpm8ikL81h6UGLGj2TAPp5bsJf+8NxIdHupFbqX/Sr
w2meyPzTgqozEM/aSk0N5XMhyhwFFCa6YWRl54RaBsOXKqjK9T7nAuHh3xZLvfoD
7FRWux+8rHz3sQPPfZDU6jYZQgN3gWErw21mBer+J6L2hhEjMWrSWQCUfs3V5aE2
2HWwDrSB7HR28Df8JU+Oyvi+6bYJBv5CLo0sCX2ICokAyfrX7Ydt1IDJ0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKWGC1xnnVkssS3vMgfjxRDTMh2AMB8GA1UdIwQY
MBaAFGR1cYVHLxbVPutooUDjUT+jHDHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkhWeGhVY3ZGdFUtNjJpaFFPTlJQNk1jTWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xMjE0NDctZDJjOC00Y2E4LTk2Yzct
ODFkMTAwNzNkZWU0LzEvcFlZTFhHZWRXU3l4TGU4eUItUEZFTk15SFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xMjE0NDctZDJjOC00Y2E4LTk2YzctODFkMTAwNzNkZWU0
LzEvWkhWeGhVY3ZGdFUtNjJpaFFPTlJQNk1jTWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUbgAwQA
uUbjMA0GCSqGSIb3DQEBCwUAA4IBAQBUE+hAHPpiFXI8rwaD0qGLfPg+rU7QIQUv
OCsN0af3nYqYmTw/5WS0p24QQJ/LyYeVZGmUTfOKmik+w9bJcmBUNm1+foZtieEg
jQ0hjkvrVBx3GzVuEp3tLf86BthGIxBDPWF1hm20yZLwHBqEBjKlgn+C6FTGLhdN
9hqCb394ROdzAKcUE2S2N+t6gT8XQj40brGL+YzcxfBOA1h/ipRXOkU9MgvcLzO2
r7lafvJUCesVPnmh6vOGgU3GRE3y5gDy4q7qKDeV/KmsWKKCe6F0mJaqCALerOZf
MbFugUN28Sd32y5s7O/TeO8TXHvVip4sZr3xtuMmtT1WoZJwwcID
-----END CERTIFICATE-----
Generated at Thu May 8 01:35:48 2025 by rpki-client