Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DcstYlpeSGncGF1rfwWuG-Ld_yg.roa
File: DcstYlpeSGncGF1rfwWuG-Ld_yg.roa (raw, json)
Hash identifier: U6HZdiVFAjaL/77L2/5FIVvD2NrzgxfdVqr2JKMFD6M=
Subject key identifier: 0D:CB:2D:62:5A:5E:48:69:DC:18:5D:6B:7F:05:AE:1B:E2:DD:FF:28
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196D3B587C0E022B4BDAA705E5E2963BB6F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DcstYlpeSGncGF1rfwWuG-Ld_yg.roa
Signing time: Thu 15 May 2025 11:30:11 +0000
ROA not before: Thu 15 May 2025 11:30:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213539
IP address blocks: 93.88.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 May 2025 11:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:b5:87:c0:e0:22:b4:bd:aa:70:5e:5e:29:63:bb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 15 11:30:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dcb2d625a5e4869dc185d6b7f05ae1be2ddff28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:f8:a7:97:70:e7:46:9c:60:f3:ed:e3:d2:
a3:a5:e8:f1:8c:3e:f7:b6:7d:95:1f:f7:58:fa:dd:
08:5b:a1:24:26:a0:b8:f4:ba:b3:09:dd:d0:39:24:
61:76:84:3e:ab:a2:c8:05:f3:eb:aa:e2:46:b9:83:
88:f4:02:74:7d:b0:39:8c:d4:ba:53:ee:6b:2c:c6:
c2:bb:58:82:5a:be:ca:dd:dd:eb:68:f9:aa:91:1b:
9b:93:bb:77:d2:c6:f1:7b:a1:f8:4c:06:45:b3:20:
21:da:41:3a:69:db:86:19:c9:71:b9:c9:9c:34:3f:
fe:b8:89:38:da:c4:5f:5b:1b:b8:48:a9:b3:47:f3:
5b:a5:95:4e:7e:ed:23:89:b9:e8:28:4a:31:75:7c:
ee:5e:aa:21:09:99:a0:93:43:aa:d4:c8:07:6c:78:
a3:70:5d:03:18:d3:94:00:59:fa:2c:65:ca:a1:ff:
bc:05:79:04:8e:20:df:9b:c0:8d:ad:b6:e2:6e:c7:
cd:66:85:f5:1b:a1:6d:2d:36:62:28:b5:3f:7f:94:
1d:9b:a3:18:67:91:a8:1d:86:4c:45:db:6f:5d:cd:
d4:d9:06:e2:cb:f3:23:84:62:3f:b4:a2:7d:5e:a2:
97:c4:ed:83:2a:f9:9f:79:c2:c5:d6:84:de:2d:68:
f4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CB:2D:62:5A:5E:48:69:DC:18:5D:6B:7F:05:AE:1B:E2:DD:FF:28
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DcstYlpeSGncGF1rfwWuG-Ld_yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.202.0/24
Signature Algorithm: sha256WithRSAEncryption
65:d7:79:b0:10:fc:cd:08:2f:11:54:ba:15:0f:c8:7a:78:22:
ea:58:7f:7b:32:98:92:cb:29:d1:0e:24:c5:e2:a2:09:4a:2b:
a1:2d:99:36:2e:c9:70:43:0b:1b:61:86:fd:e2:81:39:af:b3:
3e:69:a9:8b:fb:ab:5d:3d:b7:4d:8b:73:90:19:86:2f:f5:92:
81:fb:39:f3:d8:d9:70:7b:16:95:2f:32:1a:ff:e4:22:6b:dd:
43:59:62:54:76:66:61:b6:f6:2e:d0:4f:51:04:32:3d:49:47:
42:6a:a9:7b:3c:96:78:64:d7:26:51:17:57:09:d0:94:e6:ce:
75:3e:10:68:ef:e3:da:39:4b:80:3d:dd:fd:d7:b1:a6:64:25:
62:66:00:b0:38:a3:a4:66:34:bb:d3:ec:65:d3:70:34:ad:a6:
54:03:2d:7a:62:7d:21:6d:c9:85:47:b6:21:a2:16:91:09:48:
46:b1:cb:f8:fa:b2:f1:dd:11:5e:8b:60:04:a6:31:be:ee:1c:
60:4a:5f:98:8d:df:5b:00:83:1b:31:69:02:a8:91:71:9d:e1:
e8:52:90:db:63:3e:6a:bb:b4:8c:20:cc:a5:5d:ce:28:36:60:
8c:fd:89:41:4e:4d:8d:ee:68:41:2a:56:dc:d3:44:95:ef:05:
79:a6:99:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbTtYfA4CK0vapwXl4pY7tvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTE1MTEzMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNiMmQ2MjVhNWU0ODY5ZGMxODVkNmI3ZjA1YWUxYmUyZGRmZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVv4p5dw50acYPPt49KjpejxjD73
tn2VH/dY+t0IW6EkJqC49LqzCd3QOSRhdoQ+q6LIBfPrquJGuYOI9AJ0fbA5jNS6
U+5rLMbCu1iCWr7K3d3raPmqkRubk7t30sbxe6H4TAZFsyAh2kE6aduGGclxucmc
ND/+uIk42sRfWxu4SKmzR/NbpZVOfu0jibnoKEoxdXzuXqohCZmgk0Oq1MgHbHij
cF0DGNOUAFn6LGXKof+8BXkEjiDfm8CNrbbibsfNZoX1G6FtLTZiKLU/f5Qdm6MY
Z5GoHYZMRdtvXc3U2Qbiy/MjhGI/tKJ9XqKXxO2DKvmfecLF1oTeLWj0UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3LLWJaXkhp3Bhda38Frhvi3f8oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRGNzdFlscGVTR25jR0YxcmZ3V3VHLUxkX3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXVjKMA0G
CSqGSIb3DQEBCwUAA4IBAQBl13mwEPzNCC8RVLoVD8h6eCLqWH97MpiSyynRDiTF
4qIJSiuhLZk2LslwQwsbYYb94oE5r7M+aamL+6tdPbdNi3OQGYYv9ZKB+znz2Nlw
exaVLzIa/+Qia91DWWJUdmZhtvYu0E9RBDI9SUdCaql7PJZ4ZNcmURdXCdCU5s51
PhBo7+PaOUuAPd3917GmZCViZgCwOKOkZjS70+xl03A0raZUAy16Yn0hbcmFR7Yh
ohaRCUhGscv4+rLx3RFei2AEpjG+7hxgSl+Yjd9bAIMbMWkCqJFxneHoUpDbYz5q
u7SMIMylXc4oNmCM/YlBTk2N7mhBKlbc00SV7wV5ppkC
-----END CERTIFICATE-----
Generated at Wed Jun 18 07:03:14 2025 by rpki-client