Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/YlxZcJ6YSl8ewhAREg97IWGXwvM.roa
File: YlxZcJ6YSl8ewhAREg97IWGXwvM.roa (raw, json)
Hash identifier: M6X1osAUHTL+2/3nk8yhGoqJSWvZ/0EcDce/tljwOGo=
Subject key identifier: 62:5C:59:70:9E:98:4A:5F:1E:C2:10:11:12:0F:7B:21:61:97:C2:F3
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01945A483DF9736F0DFD0C14A3A8CB0AFE86
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/YlxZcJ6YSl8ewhAREg97IWGXwvM.roa
Signing time: Sun 12 Jan 2025 11:31:11 +0000
ROA not before: Sun 12 Jan 2025 11:31:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.70.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.177.128/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
194.170.165.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
2001:8f8:0:15::/64 maxlen: 64
2001:8f8:0:121::/64 maxlen: 64
2001:8f8:0:122::/64 maxlen: 64
2001:8f8:0:124::/64 maxlen: 64
2001:8f8:0:125::/64 maxlen: 64
2001:8f8:0:126::/64 maxlen: 64
2001:8f8:0:127::/64 maxlen: 64
Validation: Failed, certificate revoked on Sun 12 Jan 2025 11:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:48:3d:f9:73:6f:0d:fd:0c:14:a3:a8:cb:0a:fe:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 12 11:31:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=625c59709e984a5f1ec21011120f7b216197c2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d9:05:5e:d1:3b:09:20:ac:46:6c:70:97:72:
77:de:52:34:16:35:56:85:08:92:ea:30:1b:3d:05:
aa:9d:e4:f9:08:31:92:1b:4f:44:d3:db:e9:16:82:
c8:f9:9f:19:86:40:de:1f:d2:c8:33:6e:cf:1d:ed:
c1:bc:32:6e:5b:3a:f2:01:82:cf:f2:19:c8:60:dd:
a7:11:e1:80:35:ff:3d:cd:5e:28:d7:20:1b:09:e1:
1b:66:6c:1e:ee:5b:5c:04:d0:7b:a5:8a:50:31:c1:
01:d5:d3:18:5c:35:9b:2a:15:37:f9:f2:50:6a:28:
ab:2b:ec:c2:8d:d5:50:75:13:18:60:63:4f:3d:ea:
66:5d:77:5f:e4:64:6b:60:2e:73:0f:f7:59:25:d9:
06:f6:d3:d8:f0:ff:7e:08:62:c4:39:91:27:de:83:
5c:15:89:cb:e8:aa:3b:a6:7d:6d:cc:bb:6b:7b:a5:
13:1d:ec:04:48:6a:33:e1:57:d0:90:23:d3:c7:56:
78:55:18:41:89:ef:9d:6b:ae:60:c0:25:3d:e6:e4:
84:e6:6d:3a:ab:f6:c2:05:05:b8:fb:0d:b5:64:18:
61:d3:03:7b:1b:49:8e:f0:36:b1:6d:71:73:a1:ad:
93:62:0a:df:54:11:e7:ff:d9:70:d2:f9:a8:ec:a0:
df:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5C:59:70:9E:98:4A:5F:1E:C2:10:11:12:0F:7B:21:61:97:C2:F3
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/YlxZcJ6YSl8ewhAREg97IWGXwvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.70.0/24
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.165.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
89:f7:49:f7:fc:8c:3d:a2:22:1c:ec:3f:6e:50:ca:db:71:0c:
09:fa:a5:0e:3f:7d:b8:a6:64:02:20:ea:38:db:da:ce:e5:99:
40:d7:b5:30:a2:bb:6d:0e:20:1b:f0:07:c1:c9:b0:1b:c4:6f:
41:06:42:82:b8:da:16:b8:99:02:a4:7d:4c:5d:48:13:54:09:
7d:85:12:b3:2a:cd:88:79:6e:20:b3:05:7a:69:30:4a:55:fc:
51:30:a2:41:7f:0d:24:af:41:a9:ff:fc:50:1a:d5:2e:19:10:
03:08:32:d6:e4:98:4a:6e:1a:07:68:7e:12:7a:33:20:be:cc:
9b:e4:34:0f:ec:6c:be:a1:48:25:2a:ac:65:73:07:69:8c:77:
0e:48:53:3f:6d:37:2a:4c:91:93:ef:b0:9c:7d:55:36:11:fd:
f5:58:e4:55:04:85:c7:11:89:fc:7d:48:1d:33:7a:82:ac:ec:
85:fa:86:49:03:98:2f:71:b9:4f:92:8c:5f:e1:35:27:07:2c:
78:0f:da:1b:3c:c9:d8:38:fe:f7:6e:eb:1f:c8:61:22:f6:ff:
4c:7e:2e:be:1b:10:e3:fd:b3:da:1b:78:65:0f:8e:ca:03:16:
1b:0a:96:ca:05:67:5e:52:93:c9:b4:6a:c2:36:93:f4:fb:10:
5e:1f:06:37
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZRaSD35c28N/QwUo6jLCv6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTEyMTEzMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjVjNTk3MDllOTg0YTVmMWVjMjEwMTExMjBmN2IyMTYxOTdjMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dkFXtE7CSCsRmxwl3J33lI0FjVW
hQiS6jAbPQWqneT5CDGSG09E09vpFoLI+Z8ZhkDeH9LIM27PHe3BvDJuWzryAYLP
8hnIYN2nEeGANf89zV4o1yAbCeEbZmwe7ltcBNB7pYpQMcEB1dMYXDWbKhU3+fJQ
aiirK+zCjdVQdRMYYGNPPepmXXdf5GRrYC5zD/dZJdkG9tPY8P9+CGLEOZEn3oNc
FYnL6Ko7pn1tzLtre6UTHewESGoz4VfQkCPTx1Z4VRhBie+da65gwCU95uSE5m06
q/bCBQW4+w21ZBhh0wN7G0mO8DaxbXFzoa2TYgrfVBHn/9lw0vmo7KDf1QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFGJcWXCemEpfHsIQERIPeyFhl8LzMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvWWx4WmNKNllTbDhld2hBUkVnOTdJV0dYd3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQABcNGAwQB
BcOmAwQCBcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqqUD
BADCqroDBAXD5QADBADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQAD
ggEBAIn3Sff8jD2iIhzsP25QyttxDAn6pQ4/fbimZAIg6jjb2s7lmUDXtTCiu20O
IBvwB8HJsBvEb0EGQoK42ha4mQKkfUxdSBNUCX2FErMqzYh5biCzBXppMEpV/FEw
okF/DSSvQan//FAa1S4ZEAMIMtbkmEpuGgdofhJ6MyC+zJvkNA/sbL6hSCUqrGVz
B2mMdw5IUz9tNypMkZPvsJx9VTYR/fVY5FUEhccRifx9SB0zeoKs7IX6hkkDmC9x
uU+SjF/hNScHLHgP2hs8ydg4/vdu6x/IYSL2/0x+Lr4bEOP9s9obeGUPjsoDFhsK
lsoFZ15Sk8m0asI2k/T7EF4fBjc=
-----END CERTIFICATE-----
Generated at Thu May 8 02:37:24 2025 by rpki-client