Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/y8nMs4IvdTKAUfi7Vqc3Eke9ziU.roa
File: y8nMs4IvdTKAUfi7Vqc3Eke9ziU.roa (raw, json)
Hash identifier: Ftd5MOtzMsLYraz9doVlhQ1aR0m2CaJmpIzYSpWABp4=
Subject key identifier: CB:C9:CC:B3:82:2F:75:32:80:51:F8:BB:56:A7:37:12:47:BD:CE:25
Certificate issuer: /CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Certificate serial: 0196808E96369B0E8445B72B6BB803D550E9
Authority key identifier: 68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/y8nMs4IvdTKAUfi7Vqc3Eke9ziU.roa
Signing time: Tue 29 Apr 2025 07:59:10 +0000
ROA not before: Tue 29 Apr 2025 07:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211274
IP address blocks: 193.56.11.0/24 maxlen: 24
2a0b:4740::/29 maxlen: 29
2a0b:4740::/30 maxlen: 30
2a0b:4744::/32 maxlen: 32
2a0b:4745::/32 maxlen: 32
2a0b:4746::/32 maxlen: 32
2a0b:4747::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 May 2025 13:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:8e:96:36:9b:0e:84:45:b7:2b:6b:b8:03:d5:50:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Validity
Not Before: Apr 29 07:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbc9ccb3822f75328051f8bb56a7371247bdce25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:40:01:23:4b:dc:58:e8:be:ea:a0:21:b1:62:
58:0a:e4:7a:e4:0d:20:3c:51:87:25:7a:2e:d5:f0:
cd:82:3e:92:35:4e:bf:d5:33:e3:a6:6d:ea:68:9c:
16:0e:ca:29:f1:6c:65:08:f8:21:a8:9a:d4:98:79:
5e:1a:19:65:f8:b9:e1:77:a1:15:29:06:8d:90:ac:
95:cf:21:7d:59:99:bd:ed:9c:10:5d:bb:e3:c6:3f:
33:46:6c:c4:7e:37:95:5f:f5:f9:ef:35:01:cd:03:
15:f0:2c:ae:21:e7:77:2a:16:df:a6:0e:55:44:67:
0e:bf:00:43:07:e7:a9:f4:73:f0:05:5c:00:6c:1a:
88:be:55:35:36:d2:a7:e4:f6:44:bd:99:b7:91:5a:
8c:74:43:29:6c:c0:5c:6a:e8:c4:71:8d:c2:35:24:
d1:e5:f0:67:fc:f6:44:19:83:f4:86:29:77:88:38:
89:17:58:c2:3b:d3:38:04:e3:ce:4c:4c:fe:ae:9e:
ff:47:e8:f1:99:c0:14:8e:b5:7c:3e:64:ac:bc:19:
d4:93:04:19:17:e9:c9:1f:94:3a:a6:0f:32:61:a8:
ed:5d:ab:f8:e0:7e:a3:47:a2:05:d5:8c:5a:39:98:
5e:81:d5:58:f1:57:a6:32:fb:42:8b:91:21:b1:f1:
dd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C9:CC:B3:82:2F:75:32:80:51:F8:BB:56:A7:37:12:47:BD:CE:25
X509v3 Authority Key Identifier:
keyid:68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/y8nMs4IvdTKAUfi7Vqc3Eke9ziU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.11.0/24
IPv6:
2a0b:4740::/29
Signature Algorithm: sha256WithRSAEncryption
2c:bf:86:a2:d2:08:a4:2c:8c:22:bb:e7:04:35:df:6c:52:64:
89:61:4c:2b:7e:74:f1:a3:56:ce:bc:9b:d4:83:4a:8e:5c:d7:
49:4c:04:63:dc:ac:b1:66:35:7f:39:f7:f7:c1:b2:4a:4a:9a:
e7:ce:4c:7c:74:2f:c5:84:51:3e:40:ac:78:9a:f1:ea:6f:31:
b0:c3:18:0a:31:34:a2:0c:e5:61:59:88:a0:7a:4a:bc:02:3a:
7e:ab:3d:47:11:04:52:de:cb:84:f5:7b:77:19:ca:a9:8f:09:
ce:7f:42:13:21:1b:6c:47:aa:c1:de:1c:35:30:b4:99:3c:fa:
8d:65:78:e8:1f:30:b2:a9:42:e7:9e:b7:93:3f:8b:9e:cb:b3:
ad:62:33:a9:19:ae:da:42:6a:a6:df:26:d2:27:71:e1:ca:b3:
b8:d7:c2:2f:78:0a:da:9c:db:97:1a:e5:24:14:c5:f7:52:eb:
7f:20:16:80:41:a4:72:3b:e2:f9:8d:6d:fe:eb:ca:ef:64:a9:
98:1d:31:07:6f:02:4f:68:c1:3c:d8:dc:e9:57:1f:a6:53:13:
b4:54:28:53:8f:e4:a8:12:72:9a:11:42:d8:9f:33:2f:8a:31:
43:93:e7:9a:78:17:b6:27:18:5d:cc:f7:4e:1d:52:19:88:57:
38:b5:67:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZaAjpY2mw6ERbcra7gD1VDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDE3ZGE4YWE0ZmUwYjhjZmYxODg0MTJlZWRkYTYzY2Jk
Y2Y5OTYwHhcNMjUwNDI5MDc1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM5Y2NiMzgyMmY3NTMyODA1MWY4YmI1NmE3MzcxMjQ3YmRjZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUABI0vcWOi+6qAhsWJYCuR65A0g
PFGHJXou1fDNgj6SNU6/1TPjpm3qaJwWDsop8WxlCPghqJrUmHleGhll+Lnhd6EV
KQaNkKyVzyF9WZm97ZwQXbvjxj8zRmzEfjeVX/X57zUBzQMV8CyuIed3Khbfpg5V
RGcOvwBDB+ep9HPwBVwAbBqIvlU1NtKn5PZEvZm3kVqMdEMpbMBcaujEcY3CNSTR
5fBn/PZEGYP0hil3iDiJF1jCO9M4BOPOTEz+rp7/R+jxmcAUjrV8PmSsvBnUkwQZ
F+nJH5Q6pg8yYajtXav44H6jR6IF1YxaOZhegdVY8VemMvtCi5EhsfHd2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvJzLOCL3UygFH4u1anNxJHvc4lMB8GA1UdIwQY
MBaAFGhBfaiqT+C4z/GIQS7t2mPL3PmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYt
NGQ1MzdjZjAxODA5LzEveThuTXM0SXZkVEtBVWZpN1ZxYzNFa2U5emlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYtNGQ1MzdjZjAxODA5
LzEvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTgLMA0E
AgACMAcDBQMqC0dAMA0GCSqGSIb3DQEBCwUAA4IBAQAsv4ai0gikLIwiu+cENd9s
UmSJYUwrfnTxo1bOvJvUg0qOXNdJTARj3KyxZjV/Off3wbJKSprnzkx8dC/FhFE+
QKx4mvHqbzGwwxgKMTSiDOVhWYigekq8Ajp+qz1HEQRS3suE9Xt3GcqpjwnOf0IT
IRtsR6rB3hw1MLSZPPqNZXjoHzCyqULnnreTP4uey7OtYjOpGa7aQmqm3ybSJ3Hh
yrO418IveAranNuXGuUkFMX3Uut/IBaAQaRyO+L5jW3+68rvZKmYHTEHbwJPaME8
2NzpVx+mUxO0VChTj+SoEnKaEULYnzMvijFDk+eaeBe2JxhdzPdOHVIZiFc4tWf8
-----END CERTIFICATE-----
Generated at Sun May 11 01:05:40 2025 by rpki-client