Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/1-YwadlVaY-SYVgoT3ySX3I8nAjg.roa
File: 1-YwadlVaY-SYVgoT3ySX3I8nAjg.roa (raw, json)
Hash identifier: I1hfd1AFj4mHDt7h053XzLLGikRY3cVZBff4QZ7jpKo=
Subject key identifier: F9:8C:1A:76:55:5A:63:E4:98:56:0A:13:DF:24:97:DC:8F:27:02:38
Certificate issuer: /CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Certificate serial: 019572E62337D5D6B9EF74DD5711E2066709
Authority key identifier: 59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/1-YwadlVaY-SYVgoT3ySX3I8nAjg.roa
Signing time: Fri 07 Mar 2025 23:17:19 +0000
ROA not before: Fri 07 Mar 2025 23:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9186
IP address blocks: 185.31.156.0/22 maxlen: 22
185.31.156.0/24 maxlen: 24
185.31.157.0/24 maxlen: 24
185.31.158.0/24 maxlen: 24
185.204.111.0/24 maxlen: 24
185.248.35.0/24 maxlen: 24
194.39.124.0/22 maxlen: 22
194.39.125.0/24 maxlen: 24
194.39.126.0/24 maxlen: 24
194.39.127.0/24 maxlen: 24
2a00:bc20::/32 maxlen: 32
2a05:df40::/29 maxlen: 29
2a10:7b40::/29 maxlen: 29
2a10:a4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Mar 2025 11:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:72:e6:23:37:d5:d6:b9:ef:74:dd:57:11:e2:06:67:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Validity
Not Before: Mar 7 23:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f98c1a76555a63e498560a13df2497dc8f270238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4e:20:77:49:58:49:94:a0:f3:c6:5e:84:19:
f6:83:7f:d8:db:eb:ba:d8:78:fe:23:19:4c:6f:e1:
8a:bc:b7:ed:c4:01:78:07:e1:0d:62:b5:f0:fa:bd:
dc:a9:fb:28:1a:2b:93:a2:37:16:1f:f2:8b:da:4c:
9e:fb:21:bd:0d:43:94:2b:64:4e:b5:50:80:45:2c:
73:d8:54:ed:9b:e3:88:df:7b:76:75:f8:82:36:2f:
88:43:06:02:58:92:5d:20:7f:05:3a:63:74:da:01:
45:76:fd:e8:f3:3c:79:9d:73:d1:67:e8:58:11:62:
6c:0d:ec:81:23:f7:c0:6f:2e:b3:6c:72:e3:7e:a1:
14:5f:22:95:70:fc:27:cd:de:0d:5c:95:37:3d:e6:
b6:2c:f3:66:48:57:2f:2d:4b:02:6d:bb:69:09:12:
54:07:c1:d6:06:8d:39:f0:9e:46:35:33:6b:8f:b1:
71:3a:b7:bf:2c:72:c5:7f:3c:be:2f:72:39:4e:e1:
87:51:3e:03:36:ff:f1:c1:29:cb:48:ba:78:92:55:
0f:a1:92:aa:93:66:a5:41:e2:94:d8:6f:ee:34:58:
a7:d1:90:83:61:79:77:9f:63:83:5f:87:ef:be:14:
b9:86:42:7b:21:9b:96:ba:e7:f0:1e:1a:24:0b:72:
ed:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8C:1A:76:55:5A:63:E4:98:56:0A:13:DF:24:97:DC:8F:27:02:38
X509v3 Authority Key Identifier:
keyid:59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/1-YwadlVaY-SYVgoT3ySX3I8nAjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/WeTW-rd6x3n0m_b8irgeI61GdXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.156.0/22
185.204.111.0/24
185.248.35.0/24
194.39.124.0/22
IPv6:
2a00:bc20::/32
2a05:df40::/29
2a10:7b40::/29
2a10:a4c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:52:fc:ef:ee:8b:41:45:8a:c3:8f:40:9d:94:9d:4a:40:6b:
87:70:b9:47:1b:f8:2a:bd:10:00:8b:33:26:6f:4f:a7:ef:9b:
ab:13:dd:e8:34:64:53:08:c3:a2:49:9b:29:87:bb:4d:d7:79:
65:29:96:63:bd:9b:3a:d3:cd:15:8f:28:0e:9a:fe:c5:b3:64:
44:15:bb:ed:75:a0:92:01:55:75:4c:a7:16:ae:67:35:6f:56:
0c:77:e5:48:de:c1:57:21:e1:67:c1:4d:35:2f:9e:07:b0:2d:
b9:98:f2:aa:c0:06:b1:5f:0a:4a:b9:04:d9:41:90:f6:8f:ac:
22:8d:8d:f4:c2:bd:47:21:88:8b:26:5d:88:96:c3:88:84:4d:
81:de:ad:e1:58:a6:09:ef:7c:d1:1e:84:5d:f3:31:97:d3:f7:
d2:ad:28:41:95:d8:a8:be:82:7e:6d:a0:c0:5b:3f:e5:3b:53:
ce:5c:33:4b:e8:9f:67:c9:21:02:ef:6c:9d:04:d5:d4:67:25:
d9:cb:45:ec:1d:0a:c6:28:f8:d6:78:8a:89:9b:3b:75:69:89:
42:2c:8a:bf:79:5d:79:d5:76:76:12:76:af:8e:b3:a0:cf:a3:
9f:d8:58:bc:f6:1d:54:0e:b8:7f:6c:cb:4f:e2:c5:68:33:00:
7c:9e:46:30
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZVy5iM31da573TdVxHiBmcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZTRkNmZhYjc3YWM3NzlmNDliZjZmYzhhYjgxZTIzYWQ0
Njc1NzYwHhcNMjUwMzA3MjMxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThjMWE3NjU1NWE2M2U0OTg1NjBhMTNkZjI0OTdkYzhmMjcwMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U4gd0lYSZSg88ZehBn2g3/Y2+u6
2Hj+IxlMb+GKvLftxAF4B+ENYrXw+r3cqfsoGiuTojcWH/KL2kye+yG9DUOUK2RO
tVCARSxz2FTtm+OI33t2dfiCNi+IQwYCWJJdIH8FOmN02gFFdv3o8zx5nXPRZ+hY
EWJsDeyBI/fAby6zbHLjfqEUXyKVcPwnzd4NXJU3Pea2LPNmSFcvLUsCbbtpCRJU
B8HWBo058J5GNTNrj7FxOre/LHLFfzy+L3I5TuGHUT4DNv/xwSnLSLp4klUPoZKq
k2alQeKU2G/uNFin0ZCDYXl3n2ODX4fvvhS5hkJ7IZuWuufwHhokC3LtmwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFPmMGnZVWmPkmFYKE98kl9yPJwI4MB8GA1UdIwQY
MBaAFFnk1vq3esd59Jv2/Iq4HiOtRnV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEt
MjkzZmNhMmQ1MWVhLzEvMS1Zd2FkbFZhWS1TWVZnb1QzeVNYM0k4bkFqZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvNjc0MjI1LWFjNzctNDdhMC1hY2QxLTI5M2ZjYTJkNTFl
YS8xL1dlVFctcmQ2eDNuMG1fYjhpcmdlSTYxR2RYWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwHgQCAAEwGAMEArkfnAME
ALnMbwMEALn4IwMEAsInfDAiBAIAAjAcAwUAKgC8IAMFAyoF30ADBQMqEHtAAwUD
KhCkwDANBgkqhkiG9w0BAQsFAAOCAQEAbFL87+6LQUWKw49AnZSdSkBrh3C5Rxv4
Kr0QAIszJm9Pp++bqxPd6DRkUwjDokmbKYe7Tdd5ZSmWY72bOtPNFY8oDpr+xbNk
RBW77XWgkgFVdUynFq5nNW9WDHflSN7BVyHhZ8FNNS+eB7AtuZjyqsAGsV8KSrkE
2UGQ9o+sIo2N9MK9RyGIiyZdiJbDiIRNgd6t4VimCe980R6EXfMxl9P30q0oQZXY
qL6Cfm2gwFs/5TtTzlwzS+ifZ8khAu9snQTV1Gcl2ctF7B0Kxij41niKiZs7dWmJ
QiyKv3ldedV2dhJ2r46zoM+jn9hYvPYdVA64f2zLT+LFaDMAfJ5GMA==
-----END CERTIFICATE-----
Generated at Thu May 15 16:39:53 2025 by rpki-client