Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rcnV-Ckudqws8tfQmBbhT3xKTeU.roa
File: rcnV-Ckudqws8tfQmBbhT3xKTeU.roa (raw, json)
Hash identifier: 50UpI3DLwDX2BJSBuHyaveSGFS8vwrwmf/J4kTjj8RY=
Subject key identifier: AD:C9:D5:F8:29:2E:76:AC:2C:F2:D7:D0:98:16:E1:4F:7C:4A:4D:E5
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01973213A66BFE2039701D77F562D27A064F
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rcnV-Ckudqws8tfQmBbhT3xKTeU.roa
Signing time: Mon 02 Jun 2025 19:17:17 +0000
ROA not before: Mon 02 Jun 2025 19:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 66.56.83.0/24 maxlen: 24
124.198.133.0/24 maxlen: 24
124.198.134.0/24 maxlen: 24
155.2.193.0/24 maxlen: 24
155.2.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 18:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:32:13:a6:6b:fe:20:39:70:1d:77:f5:62:d2:7a:06:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 2 19:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adc9d5f8292e76ac2cf2d7d09816e14f7c4a4de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:40:22:4c:0b:a2:f4:51:b6:4f:8b:f5:ae:
35:56:4c:65:3b:2d:7f:1e:fb:8a:12:c6:4f:ca:4b:
b5:f7:b3:68:e1:0b:2b:f2:94:d8:52:24:c4:29:31:
de:3f:0f:03:fb:fa:08:e5:6e:b6:28:66:0f:49:5d:
cf:24:bb:34:6c:c8:52:d5:05:a4:50:78:b3:a1:08:
9b:e5:1c:67:cf:ad:f7:3f:14:18:27:f4:b5:19:b0:
54:d8:e9:ec:f6:7b:ac:4d:97:97:da:5a:9e:e8:74:
c2:11:ad:d4:b8:df:d0:a2:c9:3f:59:a0:d8:7e:39:
10:51:95:09:0f:a1:7e:0a:dc:98:1d:4d:b9:7b:15:
9c:04:66:61:57:17:8b:de:30:c3:a9:98:9b:ed:05:
8b:be:59:75:dc:df:d8:a3:cd:91:74:6b:ef:ae:65:
cb:a6:bf:c8:f4:d1:a5:f4:ff:56:89:d6:c4:5c:5f:
75:6e:af:ec:f3:18:1b:5f:40:08:dc:d1:3a:c7:2f:
a9:d6:03:c3:53:19:97:aa:a1:d7:57:3b:52:27:49:
17:1b:f2:69:ec:4f:fc:a9:6a:18:ca:b1:ce:c9:f1:
96:62:a3:52:e3:52:61:3c:e7:12:f3:49:7e:10:82:
c1:5c:f5:7a:38:e4:15:da:94:8d:65:bf:6c:9f:7d:
33:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C9:D5:F8:29:2E:76:AC:2C:F2:D7:D0:98:16:E1:4F:7C:4A:4D:E5
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rcnV-Ckudqws8tfQmBbhT3xKTeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.56.83.0/24
124.198.133.0-124.198.134.255
155.2.193.0/24
155.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
08:bb:78:d2:a5:59:89:67:44:78:65:64:bf:21:ee:f9:ee:f0:
b1:75:7c:74:11:5e:04:d4:6d:62:6b:7d:8a:92:da:eb:28:54:
1a:36:9b:05:d2:72:68:45:42:12:aa:f6:c9:4a:25:eb:39:ab:
ec:f2:c0:db:29:d0:51:e4:06:34:50:8d:f2:cb:39:64:ca:d7:
f0:f9:e0:d4:09:60:63:53:59:a4:6f:1c:96:ed:7f:16:6f:d3:
89:de:a2:51:44:ef:30:87:11:ad:cc:f0:d5:6c:18:96:c6:66:
c9:e3:f4:46:6e:59:70:54:af:c0:18:9d:05:19:08:9e:b0:f5:
9f:0d:84:dc:25:a9:c9:fc:a0:ce:c1:18:b6:02:bb:2d:e3:87:
ff:9c:92:ec:d3:4e:de:51:d7:5b:2d:1f:09:7f:32:12:3e:1c:
25:67:aa:0e:2d:43:9e:54:b8:b5:29:b9:4c:4b:45:42:ba:61:
be:82:a0:47:ee:c6:53:a3:77:4f:ea:ee:d3:16:ae:ca:a2:b8:
95:2e:3c:6b:50:e3:06:42:3d:57:27:d4:60:9e:ee:5c:56:d4:
14:6f:b9:e3:ef:f8:04:6b:15:6e:d3:af:59:c3:5a:58:85:0e:
38:3a:54:a7:d9:b4:af:f5:2b:9a:31:00:b7:3c:74:09:fe:a4:
92:23:72:3a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZcyE6Zr/iA5cB139WLSegZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjAyMTkxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM5ZDVmODI5MmU3NmFjMmNmMmQ3ZDA5ODE2ZTE0ZjdjNGE0ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4ZAIkwLovRRtk+L9a41VkxlOy1/
HvuKEsZPyku197No4Qsr8pTYUiTEKTHePw8D+/oI5W62KGYPSV3PJLs0bMhS1QWk
UHizoQib5Rxnz633PxQYJ/S1GbBU2Ons9nusTZeX2lqe6HTCEa3UuN/Qosk/WaDY
fjkQUZUJD6F+CtyYHU25exWcBGZhVxeL3jDDqZib7QWLvll13N/Yo82RdGvvrmXL
pr/I9NGl9P9WidbEXF91bq/s8xgbX0AI3NE6xy+p1gPDUxmXqqHXVztSJ0kXG/Jp
7E/8qWoYyrHOyfGWYqNS41JhPOcS80l+EILBXPV6OOQV2pSNZb9sn30zVQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK3J1fgpLnasLPLX0JgW4U98Sk3lMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvcmNuVi1Da3VkcXdzOHRmUW1CYmhUM3hLVGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAQjhTMAwD
BAB8xoUDBAB8xoYDBACbAsEDBACbAtwwDQYJKoZIhvcNAQELBQADggEBAAi7eNKl
WYlnRHhlZL8h7vnu8LF1fHQRXgTUbWJrfYqS2usoVBo2mwXScmhFQhKq9slKJes5
q+zywNsp0FHkBjRQjfLLOWTK1/D54NQJYGNTWaRvHJbtfxZv04neolFE7zCHEa3M
8NVsGJbGZsnj9EZuWXBUr8AYnQUZCJ6w9Z8NhNwlqcn8oM7BGLYCuy3jh/+ckuzT
Tt5R11stHwl/MhI+HCVnqg4tQ55UuLUpuUxLRUK6Yb6CoEfuxlOjd0/q7tMWrsqi
uJUuPGtQ4wZCPVcn1GCe7lxW1BRvuePv+ARrFW7Tr1nDWliFDjg6VKfZtK/1K5ox
ALc8dAn+pJIjcjo=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:31:19 2025 by rpki-client