Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YvBJvzS4rupHw5wLMVjzMx4Neeg.roa
File: YvBJvzS4rupHw5wLMVjzMx4Neeg.roa (raw, json)
Hash identifier: 31Qc3emcjFgXwmDI559uNhbRW2sJXj56AzEwSU3bgbY=
Subject key identifier: 62:F0:49:BF:34:B8:AE:EA:47:C3:9C:0B:31:58:F3:33:1E:0D:79:E8
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0195296B74ABE538DE144B3ACBB12D78BF46
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YvBJvzS4rupHw5wLMVjzMx4Neeg.roa
Signing time: Fri 21 Feb 2025 16:51:02 +0000
ROA not before: Fri 21 Feb 2025 16:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 87.229.80.0/23 maxlen: 24
87.229.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 12:10:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:6b:74:ab:e5:38:de:14:4b:3a:cb:b1:2d:78:bf:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 21 16:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62f049bf34b8aeea47c39c0b3158f3331e0d79e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ae:bc:91:eb:96:52:3b:fa:d7:de:5d:19:c5:
7e:43:84:bc:d7:8e:cc:bb:29:49:10:49:39:12:97:
42:36:70:71:89:35:ec:23:05:81:bd:c9:6f:18:9a:
69:f1:42:e3:c6:d0:cd:2b:ad:57:14:25:14:37:d4:
f5:e6:42:3c:1a:32:dc:25:51:31:c6:55:4a:f1:d0:
39:36:5c:92:50:60:42:ed:ed:29:6a:3f:f2:fe:93:
7b:47:be:85:0a:a9:5f:8f:91:21:99:ad:3f:6c:6f:
c6:51:ad:71:9d:d2:1c:d1:4a:07:8d:95:78:0f:d4:
25:54:a6:40:71:1b:ca:32:71:06:66:0c:ab:07:fc:
19:cb:3d:67:79:c1:0a:e6:d6:46:58:e4:4c:bd:e2:
9e:f3:35:fe:d8:74:6b:a2:25:a8:5a:b8:03:b4:c4:
10:f2:4d:3f:ad:74:c6:1f:95:80:bb:0a:02:c8:15:
71:78:94:fe:84:0a:e6:e1:4f:74:07:67:5c:12:33:
d3:b9:f3:64:dd:96:db:14:e8:94:eb:27:af:7a:31:
de:80:28:59:a6:c4:b1:ec:16:32:be:b8:f7:59:ad:
48:fb:45:c9:24:9d:79:fb:c3:e6:a4:44:27:7b:de:
84:3a:63:09:37:d9:da:66:46:37:bd:47:a4:6e:e9:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F0:49:BF:34:B8:AE:EA:47:C3:9C:0B:31:58:F3:33:1E:0D:79:E8
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YvBJvzS4rupHw5wLMVjzMx4Neeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.80.0/23
87.229.110.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c1:61:17:3f:2c:97:5a:9d:24:4e:73:28:c0:18:74:34:0c:
9d:db:a9:84:d4:53:58:15:f3:df:ce:37:89:81:21:c8:78:9c:
35:f6:e3:af:a8:c0:f2:02:0c:0c:7b:41:9b:6e:5d:75:82:24:
c3:b7:f8:9b:2d:55:64:17:bb:fa:1a:a6:df:5a:db:8b:97:35:
7f:15:4e:74:e0:e5:a2:95:cf:03:12:67:41:ae:51:66:1b:a0:
0e:11:46:17:fe:29:6b:dd:80:d6:1e:af:cc:92:e1:72:de:f0:
46:49:94:47:ee:20:40:25:3b:30:a8:7f:ba:5d:ce:08:bf:59:
80:80:f2:fa:b4:3a:ce:16:8d:24:7e:db:79:99:7e:5b:88:58:
4b:cb:c7:9a:72:c9:41:37:ca:de:a1:79:e6:45:88:35:16:d0:
a3:a8:1b:b3:08:d6:df:b6:50:92:c5:5a:13:23:ff:97:13:71:
75:1f:5b:55:4f:46:1f:94:e1:67:f0:1b:2b:dc:69:4f:b6:93:
d1:26:26:d9:33:36:4d:33:7d:24:b7:6c:69:49:82:24:78:39:
ca:f7:e4:fa:2c:fe:a6:e4:bd:1c:e4:b2:bd:b9:82:07:55:18:
6d:8c:b8:7d:57:e4:ca:84:43:2b:99:90:39:41:19:17:10:f1:
d9:f0:f4:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUpa3Sr5TjeFEs6y7EteL9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMjIxMTY1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYwNDliZjM0YjhhZWVhNDdjMzljMGIzMTU4ZjMzMzFlMGQ3OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq68keuWUjv6195dGcV+Q4S8147M
uylJEEk5EpdCNnBxiTXsIwWBvclvGJpp8ULjxtDNK61XFCUUN9T15kI8GjLcJVEx
xlVK8dA5NlySUGBC7e0paj/y/pN7R76FCqlfj5Ehma0/bG/GUa1xndIc0UoHjZV4
D9QlVKZAcRvKMnEGZgyrB/wZyz1necEK5tZGWORMveKe8zX+2HRroiWoWrgDtMQQ
8k0/rXTGH5WAuwoCyBVxeJT+hArm4U90B2dcEjPTufNk3ZbbFOiU6yevejHegChZ
psSx7BYyvrj3Wa1I+0XJJJ15+8PmpEQne96EOmMJN9naZkY3vUekbukq2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGLwSb80uK7qR8OcCzFY8zMeDXnoMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWXZCSnZ6UzRydXBIdzV3TE1WanpNeDROZWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV+VQAwQA
V+VuMA0GCSqGSIb3DQEBCwUAA4IBAQCdwWEXPyyXWp0kTnMowBh0NAyd26mE1FNY
FfPfzjeJgSHIeJw19uOvqMDyAgwMe0Gbbl11giTDt/ibLVVkF7v6GqbfWtuLlzV/
FU504OWilc8DEmdBrlFmG6AOEUYX/ilr3YDWHq/MkuFy3vBGSZRH7iBAJTswqH+6
Xc4Iv1mAgPL6tDrOFo0kftt5mX5biFhLy8eacslBN8reoXnmRYg1FtCjqBuzCNbf
tlCSxVoTI/+XE3F1H1tVT0YflOFn8Bsr3GlPtpPRJibZMzZNM30kt2xpSYIkeDnK
9+T6LP6m5L0c5LK9uYIHVRhtjLh9V+TKhEMrmZA5QRkXEPHZ8PQj
-----END CERTIFICATE-----
Generated at Sun May 11 12:27:12 2025 by rpki-client