Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/Uv0dHrMBe64KF75a7-7ySzEO8uU.roa
File: Uv0dHrMBe64KF75a7-7ySzEO8uU.roa (raw, json)
Hash identifier: XlFO0mLMyywwdUS7mZcoLlVJMatANTr6ytqCZsTlcU8=
Subject key identifier: 52:FD:1D:1E:B3:01:7B:AE:0A:17:BE:5A:EF:EE:F2:4B:31:0E:F2:E5
Certificate issuer: /CN=22877298dae5d5a3beabca16e92d1a141e948627
Certificate serial: 019666B3538C681EC1F288B456D4B727D3BA
Authority key identifier: 22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/Uv0dHrMBe64KF75a7-7ySzEO8uU.roa
Signing time: Thu 24 Apr 2025 07:29:10 +0000
ROA not before: Thu 24 Apr 2025 07:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136468
IP address blocks: 163.114.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 06:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:b3:53:8c:68:1e:c1:f2:88:b4:56:d4:b7:27:d3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22877298dae5d5a3beabca16e92d1a141e948627
Validity
Not Before: Apr 24 07:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52fd1d1eb3017bae0a17be5aefeef24b310ef2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ce:52:79:af:fa:7a:8b:ac:58:66:31:bb:e4:
ad:ba:f5:ae:b5:a4:f2:6f:16:a2:71:13:b8:d3:a0:
5d:b1:fe:2e:bf:d3:07:9f:74:60:5a:5d:cf:70:db:
b5:2f:9c:47:01:f7:90:50:ec:1a:26:36:78:b7:7c:
1a:77:f1:42:a5:75:eb:74:3b:27:f3:e6:09:54:bc:
1c:87:e5:2a:84:ce:79:b7:1f:68:1c:17:21:b6:65:
9b:03:42:ab:65:1a:78:88:36:8e:28:27:0a:dc:d9:
fd:28:07:44:4a:69:f6:96:11:77:f2:94:b1:3e:0f:
07:c5:aa:0f:48:0e:2c:4b:81:35:2a:13:ae:e0:5a:
25:65:87:37:58:15:23:d1:a6:cd:86:df:32:d1:f6:
06:2d:3e:75:1f:01:88:0c:98:ea:3b:3d:89:4d:01:
71:15:4f:19:60:3f:fb:37:ab:dd:bd:bb:8f:37:d7:
10:6c:9b:22:03:9f:0a:ed:8a:cf:42:60:03:28:ce:
6c:f0:92:ad:1f:d9:dd:76:34:a6:16:05:4a:61:6d:
b0:05:7f:7a:f4:0c:4a:a0:fe:ec:dc:d9:02:c7:ed:
4f:3b:88:b1:8a:fe:b5:bb:66:7a:34:dd:91:23:de:
34:c8:dd:3f:2f:2b:6e:15:1a:f1:78:4f:96:75:3b:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FD:1D:1E:B3:01:7B:AE:0A:17:BE:5A:EF:EE:F2:4B:31:0E:F2:E5
X509v3 Authority Key Identifier:
keyid:22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/Uv0dHrMBe64KF75a7-7ySzEO8uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.114.204.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:f8:ef:76:f4:aa:eb:31:0b:98:69:a8:c6:2a:ca:07:18:44:
14:26:c6:a1:97:46:83:ed:a3:0a:fc:c5:58:8a:0e:de:91:2e:
73:4e:44:68:ac:27:11:2a:4a:42:84:2b:0a:47:e9:8d:26:e0:
49:9f:f8:94:e8:02:6d:f7:16:6f:4f:62:24:9b:b7:77:11:6b:
1f:15:67:f1:6e:a2:a4:6a:a4:b6:93:28:74:dc:7c:51:ef:56:
d6:20:fb:c1:df:2c:34:6f:cd:3b:47:59:13:51:a4:b5:96:66:
92:13:87:fd:11:46:7d:84:7a:3b:0f:20:db:10:b7:28:1e:b4:
f0:fc:21:82:b5:1b:95:0e:cf:70:25:48:ae:12:c0:79:f4:6e:
92:89:de:9f:2b:97:f0:63:4c:7c:2d:f9:b2:15:bc:67:a0:4d:
c3:4c:c3:86:aa:86:3d:f4:ab:4c:7d:55:4b:ae:ea:96:e5:75:
45:90:07:27:a9:c6:68:23:c0:72:45:44:b4:85:59:40:c8:47:
1f:d2:74:75:97:c6:34:df:bd:d1:56:51:a0:28:1f:e0:71:13:
db:7e:a2:4c:37:3b:2f:0a:98:50:f5:26:f3:8c:a8:9b:2f:f3:
70:06:1a:3c:62:5e:0a:3e:41:38:73:f0:b8:a8:66:31:dd:82:
93:c5:8f:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZms1OMaB7B8oi0VtS3J9O6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODc3Mjk4ZGFlNWQ1YTNiZWFiY2ExNmU5MmQxYTE0MWU5
NDg2MjcwHhcNMjUwNDI0MDcyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZkMWQxZWIzMDE3YmFlMGExN2JlNWFlZmVlZjI0YjMxMGVmMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM5Sea/6eousWGYxu+StuvWutaTy
bxaicRO406Bdsf4uv9MHn3RgWl3PcNu1L5xHAfeQUOwaJjZ4t3wad/FCpXXrdDsn
8+YJVLwch+UqhM55tx9oHBchtmWbA0KrZRp4iDaOKCcK3Nn9KAdESmn2lhF38pSx
Pg8HxaoPSA4sS4E1KhOu4FolZYc3WBUj0abNht8y0fYGLT51HwGIDJjqOz2JTQFx
FU8ZYD/7N6vdvbuPN9cQbJsiA58K7YrPQmADKM5s8JKtH9nddjSmFgVKYW2wBX96
9AxKoP7s3NkCx+1PO4ixiv61u2Z6NN2RI940yN0/LytuFRrxeE+WdTspswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFL9HR6zAXuuChe+Wu/u8ksxDvLlMB8GA1UdIwQY
MBaAFCKHcpja5dWjvqvKFuktGhQelIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYt
NTkzM2EwOWY3MmQxLzEvVXYwZEhyTUJlNjRLRjc1YTctN3lTekVPOHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYtNTkzM2EwOWY3MmQx
LzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo3LMMA0G
CSqGSIb3DQEBCwUAA4IBAQBt+O929KrrMQuYaajGKsoHGEQUJsahl0aD7aMK/MVY
ig7ekS5zTkRorCcRKkpChCsKR+mNJuBJn/iU6AJt9xZvT2Ikm7d3EWsfFWfxbqKk
aqS2kyh03HxR71bWIPvB3yw0b807R1kTUaS1lmaSE4f9EUZ9hHo7DyDbELcoHrTw
/CGCtRuVDs9wJUiuEsB59G6Sid6fK5fwY0x8LfmyFbxnoE3DTMOGqoY99KtMfVVL
ruqW5XVFkAcnqcZoI8ByRUS0hVlAyEcf0nR1l8Y0373RVlGgKB/gcRPbfqJMNzsv
CphQ9SbzjKibL/NwBho8Yl4KPkE4c/C4qGYx3YKTxY+d
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:03:20 2025 by rpki-client