Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/LityQdCkjr5RzAqUHsY0D7D2sjY.roa
File: LityQdCkjr5RzAqUHsY0D7D2sjY.roa (raw, json)
Hash identifier: ttRkqfvIV44kfXMLwkyUOt7dgp6I7DvEyQ2LCf44q1o=
Subject key identifier: 2E:2B:72:41:D0:A4:8E:BE:51:CC:0A:94:1E:C6:34:0F:B0:F6:B2:36
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 0196C4426F18A94E9C7CEF082B219961CD3F
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/LityQdCkjr5RzAqUHsY0D7D2sjY.roa
Signing time: Mon 12 May 2025 11:30:10 +0000
ROA not before: Mon 12 May 2025 11:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213922
IP address blocks: 62.164.156.0/22 maxlen: 24
91.202.245.0/24 maxlen: 24
2a0c:6ec0:a01::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 May 2025 11:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:42:6f:18:a9:4e:9c:7c:ef:08:2b:21:99:61:cd:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: May 12 11:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e2b7241d0a48ebe51cc0a941ec6340fb0f6b236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:58:ec:58:85:ee:f0:cd:64:30:fa:31:21:b3:
6c:da:c4:e4:6e:c7:6c:01:4b:7c:99:d1:a4:26:2e:
d1:af:1a:cc:76:73:66:19:64:c0:17:40:08:60:08:
de:ca:34:af:67:f9:f1:27:1a:e8:9b:2c:86:d5:d9:
d0:86:14:2e:80:8a:ac:97:66:7d:93:41:34:2f:ad:
2c:88:3c:16:8c:9d:3b:c5:3b:50:a6:64:42:f2:3a:
bd:bc:0f:46:86:77:fc:c1:8c:4c:88:a9:87:f1:9b:
ad:f0:cc:92:7d:22:0a:c2:2a:3c:ff:75:f6:4b:b9:
75:df:da:4e:5c:e0:f5:84:f7:92:e7:c7:13:90:27:
b1:10:4c:b2:bd:e4:d7:bd:e9:b5:a1:61:b0:76:07:
73:31:b4:36:db:b0:3b:7b:73:eb:20:3c:99:69:06:
23:39:2a:e9:a0:38:8a:2d:3e:47:40:cf:cc:36:6e:
76:94:36:5f:ff:20:67:f5:ec:c0:11:72:0f:0e:8b:
ee:94:3c:f4:0e:4d:4f:bb:65:31:fa:91:4e:f1:39:
ae:14:e9:8d:22:14:69:5b:d6:f6:d3:6f:d9:62:45:
a5:73:72:5e:5e:fa:c7:96:6f:d1:92:b1:d9:5e:e6:
55:ce:99:df:5a:d2:e8:f3:13:4d:1d:84:16:49:a2:
fe:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2B:72:41:D0:A4:8E:BE:51:CC:0A:94:1E:C6:34:0F:B0:F6:B2:36
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/LityQdCkjr5RzAqUHsY0D7D2sjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.156.0/22
91.202.245.0/24
IPv6:
2a0c:6ec0:a01::/48
Signature Algorithm: sha256WithRSAEncryption
42:c4:11:99:08:3b:bf:48:30:9c:07:13:03:a7:db:e4:a1:6f:
bd:2a:5c:12:79:84:5d:e8:23:33:3c:7f:6b:00:76:c6:9a:66:
4c:10:92:cd:ec:f2:2f:53:6e:f9:5b:41:8b:1c:3f:00:23:83:
fd:8d:f2:1d:ec:62:89:3a:ac:83:09:3f:bc:08:cc:0e:5b:40:
fe:93:4d:28:d2:6c:aa:36:09:b2:92:a3:40:cd:e8:24:d4:e8:
98:fe:97:da:cb:0f:b6:3a:30:ee:4c:bf:fa:2d:b2:1b:7f:4f:
bc:22:3d:66:be:2e:7f:87:a9:4a:76:53:d1:79:5a:c7:f6:fb:
c1:01:82:45:ab:27:ff:62:f6:48:ce:9c:8e:67:f9:e3:84:11:
82:df:ca:9d:81:61:84:9c:8f:d9:da:7f:d8:5e:0f:1a:d7:f3:
93:a8:13:aa:3f:d1:f4:3b:59:5b:e8:cf:5b:bb:9b:e5:f5:d7:
31:b0:24:84:8b:a2:64:63:57:fb:cd:b2:cc:7d:49:45:9c:94:
8d:30:7c:6c:98:72:ee:e2:2d:1f:9f:0e:05:40:47:19:19:91:
18:00:3f:5f:ca:99:67:35:dd:f7:a5:cd:6f:72:c6:b1:a6:73:
a1:26:95:da:fd:e6:31:15:42:37:0c:13:7d:e5:6d:a7:25:a0:
56:ae:4c:25
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZbEQm8YqU6cfO8IKyGZYc0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjUwNTEyMTEzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTJiNzI0MWQwYTQ4ZWJlNTFjYzBhOTQxZWM2MzQwZmIwZjZiMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFjsWIXu8M1kMPoxIbNs2sTkbsds
AUt8mdGkJi7RrxrMdnNmGWTAF0AIYAjeyjSvZ/nxJxromyyG1dnQhhQugIqsl2Z9
k0E0L60siDwWjJ07xTtQpmRC8jq9vA9Ghnf8wYxMiKmH8Zut8MySfSIKwio8/3X2
S7l139pOXOD1hPeS58cTkCexEEyyveTXvem1oWGwdgdzMbQ227A7e3PrIDyZaQYj
OSrpoDiKLT5HQM/MNm52lDZf/yBn9ezAEXIPDovulDz0Dk1Pu2Ux+pFO8TmuFOmN
IhRpW9b202/ZYkWlc3JeXvrHlm/RkrHZXuZVzpnfWtLo8xNNHYQWSaL+iQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC4rckHQpI6+UcwKlB7GNA+w9rI2MB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvTGl0eVFkQ2tqcjVSekFxVUhzWTBEN0Qyc2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCPqScAwQA
W8r1MA8EAgACMAkDBwAqDG7ACgEwDQYJKoZIhvcNAQELBQADggEBAELEEZkIO79I
MJwHEwOn2+Shb70qXBJ5hF3oIzM8f2sAdsaaZkwQks3s8i9TbvlbQYscPwAjg/2N
8h3sYok6rIMJP7wIzA5bQP6TTSjSbKo2CbKSo0DN6CTU6Jj+l9rLD7Y6MO5Mv/ot
sht/T7wiPWa+Ln+HqUp2U9F5Wsf2+8EBgkWrJ/9i9kjOnI5n+eOEEYLfyp2BYYSc
j9naf9heDxrX85OoE6o/0fQ7WVvoz1u7m+X11zGwJISLomRjV/vNssx9SUWclI0w
fGyYcu7iLR+fDgVARxkZkRgAP1/KmWc13felzW9yxrGmc6Emldr95jEVQjcME33l
bacloFauTCU=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:17:58 2025 by rpki-client