Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Yv6JGQch3iqRNkz4R9czL07Uv-Q.roa
File: Yv6JGQch3iqRNkz4R9czL07Uv-Q.roa (raw, json)
Hash identifier: PLTnJYQ8szPWRImB17+iR4489Prx93H1TYT6z6GRwkI=
Subject key identifier: 62:FE:89:19:07:21:DE:2A:91:36:4C:F8:47:D7:33:2F:4E:D4:BF:E4
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 01941F8C52115E5306FCB1C6726144C48AC2
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Yv6JGQch3iqRNkz4R9czL07Uv-Q.roa
Signing time: Wed 01 Jan 2025 01:47:57 +0000
ROA not before: Wed 01 Jan 2025 01:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 188.72.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 08:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:52:11:5e:53:06:fc:b1:c6:72:61:44:c4:8a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 1 01:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62fe89190721de2a91364cf847d7332f4ed4bfe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e6:57:6b:76:fc:bb:87:7c:bb:d8:62:2f:66:
c1:1f:24:8e:ac:11:1f:9b:fe:60:c9:14:bc:3f:53:
d3:f0:5c:05:4f:3c:89:ea:4d:47:38:34:22:44:f1:
c1:2d:0a:c7:6a:a6:ad:81:91:f7:9b:48:26:9c:91:
e2:8d:e3:ab:31:88:da:2e:12:16:bc:7a:80:01:3a:
26:90:80:36:e3:1e:c0:8e:65:27:01:4d:9c:8b:49:
a6:b3:b5:db:f8:f7:20:49:05:7c:4a:73:97:7e:2b:
31:75:0a:1a:c0:0e:5a:29:2a:a1:a0:b3:70:60:32:
b8:97:9e:2e:b7:84:30:2a:98:82:35:e6:6d:c8:63:
24:22:43:3b:64:a3:a8:b4:26:5a:07:55:3a:ac:81:
30:f0:12:b5:0d:2f:5a:ac:26:3f:2a:2f:31:6a:d8:
95:15:fc:ac:9d:8b:68:ca:a9:1e:03:21:ce:8e:57:
c1:33:f9:e8:3d:9c:da:3c:fd:73:b5:f3:2d:24:f9:
0c:93:04:18:23:d6:ed:90:9b:66:07:64:6d:7d:e8:
f8:48:65:55:38:1d:ad:e1:56:0f:91:56:95:12:aa:
77:f1:80:1f:18:0f:5a:c6:a3:47:ea:be:85:04:9e:
6b:46:f9:ca:8d:47:3f:77:d5:27:3a:c6:dc:65:71:
b1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FE:89:19:07:21:DE:2A:91:36:4C:F8:47:D7:33:2F:4E:D4:BF:E4
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Yv6JGQch3iqRNkz4R9czL07Uv-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.17.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a6:d5:f8:5a:e1:fa:01:c9:c0:dd:7b:f2:23:1b:2e:91:8c:
64:af:fc:11:7c:58:8a:26:76:75:5a:1e:3c:2e:9a:89:d9:fe:
3a:06:ad:45:13:c2:2d:da:47:e0:46:5e:5a:40:74:34:c2:6a:
ff:70:89:d7:96:32:db:2e:5c:68:4f:77:e8:1a:e5:7a:ff:4e:
47:a8:3b:44:33:11:eb:98:7d:57:a5:0b:bd:90:29:c0:5d:67:
e8:f7:1d:75:3e:94:77:64:5a:c6:49:1c:06:18:72:4f:c4:98:
e2:43:47:5e:36:9d:e5:27:e4:4d:fb:1d:ee:b5:6e:6b:10:91:
93:98:24:88:02:31:19:d8:2f:b1:7a:39:14:87:73:64:da:0d:
0a:a5:99:da:44:5a:3d:bf:b3:e9:0a:e0:77:6d:92:0c:0a:ba:
a7:2e:65:0b:af:b0:3b:c9:66:46:dd:3e:98:2e:2c:57:ce:fd:
b1:5e:a1:9f:eb:fd:f2:54:30:46:fe:ba:65:a5:99:ed:79:74:
e1:ae:e5:28:ee:d8:63:05:67:35:24:94:8e:f4:db:21:1f:b4:
64:8a:4f:5c:5f:07:67:e0:03:86:68:9b:11:cf:a9:e6:38:de:
95:c0:3c:d2:ef:f1:3b:a6:8a:bf:87:06:b2:ee:82:95:52:85:
c7:d1:49:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjFIRXlMG/LHGcmFExIrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjUwMTAxMDE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZlODkxOTA3MjFkZTJhOTEzNjRjZjg0N2Q3MzMyZjRlZDRiZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+ZXa3b8u4d8u9hiL2bBHySOrBEf
m/5gyRS8P1PT8FwFTzyJ6k1HODQiRPHBLQrHaqatgZH3m0gmnJHijeOrMYjaLhIW
vHqAATomkIA24x7AjmUnAU2ci0mms7Xb+PcgSQV8SnOXfisxdQoawA5aKSqhoLNw
YDK4l54ut4QwKpiCNeZtyGMkIkM7ZKOotCZaB1U6rIEw8BK1DS9arCY/Ki8xatiV
FfysnYtoyqkeAyHOjlfBM/noPZzaPP1ztfMtJPkMkwQYI9btkJtmB2Rtfej4SGVV
OB2t4VYPkVaVEqp38YAfGA9axqNH6r6FBJ5rRvnKjUc/d9UnOsbcZXGx3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL+iRkHId4qkTZM+EfXMy9O1L/kMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvWXY2SkdRY2gzaXFSTmt6NFI5Y3pMMDdVdi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEgRMA0G
CSqGSIb3DQEBCwUAA4IBAQBpptX4WuH6AcnA3XvyIxsukYxkr/wRfFiKJnZ1Wh48
LpqJ2f46Bq1FE8It2kfgRl5aQHQ0wmr/cInXljLbLlxoT3foGuV6/05HqDtEMxHr
mH1XpQu9kCnAXWfo9x11PpR3ZFrGSRwGGHJPxJjiQ0deNp3lJ+RN+x3utW5rEJGT
mCSIAjEZ2C+xejkUh3Nk2g0KpZnaRFo9v7PpCuB3bZIMCrqnLmULr7A7yWZG3T6Y
LixXzv2xXqGf6/3yVDBG/rplpZnteXThruUo7thjBWc1JJSO9NshH7Rkik9cXwdn
4AOGaJsRz6nmON6VwDzS7/E7poq/hway7oKVUoXH0UlM
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:44:44 2025 by rpki-client