Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/SUcz041BRK7k5pelzacmyuvs_bE.roa
File: SUcz041BRK7k5pelzacmyuvs_bE.roa (raw, json)
Hash identifier: 9+PbYwCb4skjZB2KzAnuhUX4RqSLWJT5+7zf4eGzbd8=
Subject key identifier: 49:47:33:D3:8D:41:44:AE:E4:E6:97:A5:CD:A7:26:CA:EB:EC:FD:B1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01973A28BE053331064EC135AD306EA00302
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/SUcz041BRK7k5pelzacmyuvs_bE.roa
Signing time: Wed 04 Jun 2025 08:57:18 +0000
ROA not before: Wed 04 Jun 2025 08:57:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 217.60.36.0/22 maxlen: 24
217.60.239.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 08:55:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:28:be:05:33:31:06:4e:c1:35:ad:30:6e:a0:03:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 4 08:57:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=494733d38d4144aee4e697a5cda726caebecfdb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:04:83:a9:fe:80:a0:34:2a:2e:4c:ab:cd:17:
83:06:34:8b:0d:0c:f6:bc:71:d1:27:6e:78:42:cd:
ca:1f:6f:2e:2a:fd:ca:b8:6c:4c:e5:cd:7f:99:01:
57:84:29:43:4c:6a:c3:e9:7b:a7:7b:07:13:d9:45:
79:81:f4:7b:b8:26:c5:50:cc:e8:88:5b:d5:d8:c4:
6a:fd:fd:49:01:e7:02:89:42:0a:11:82:09:17:5a:
30:a3:63:92:ea:32:20:21:91:2e:1c:39:d5:e4:a8:
57:ca:35:d7:08:76:46:b9:3f:8d:cd:51:8e:57:90:
9a:43:11:9c:4d:ce:e7:a6:06:57:09:10:d1:1d:64:
83:72:89:65:33:27:8a:45:7c:5d:6e:3c:c6:62:a1:
f9:02:f3:97:cf:bf:60:fa:cf:b5:45:5d:93:6c:9e:
1e:0b:7f:44:8f:05:f6:35:db:5a:5a:d4:fb:a1:88:
0e:18:26:1e:f6:40:5a:aa:de:99:df:f9:84:c1:d0:
fc:c4:13:43:67:fe:1b:ad:cc:0e:f5:9d:56:1a:e4:
07:c3:44:c9:59:15:c0:ce:f9:47:f3:d5:01:70:23:
4e:e4:de:f9:85:9e:13:18:8f:d9:21:e3:2d:7c:d7:
47:b4:bf:f6:fa:5d:5c:23:60:2e:0a:a3:0e:62:82:
07:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:47:33:D3:8D:41:44:AE:E4:E6:97:A5:CD:A7:26:CA:EB:EC:FD:B1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/SUcz041BRK7k5pelzacmyuvs_bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.36.0/22
217.60.239.0/24
217.60.242.0/24
217.60.246.0-217.60.249.255
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
51:a7:e9:3f:5b:7d:10:03:a2:a5:20:73:55:d1:f9:37:00:f9:
25:30:a9:65:e3:4e:38:ec:92:fe:b3:65:5d:5c:39:f8:29:16:
95:03:15:28:6e:1e:4c:82:16:4c:ec:f8:90:89:e2:47:14:ed:
80:78:f0:5a:73:a5:42:21:cb:97:58:fb:6d:d3:51:d1:20:64:
0f:2a:50:22:cb:57:e9:a3:2e:02:b3:5f:86:1b:00:8f:51:e6:
5d:9b:83:3e:8a:f8:69:18:5d:d4:96:34:dc:55:2c:e2:b4:85:
ef:c7:3b:fd:7f:3a:f2:46:87:4b:b7:ad:bb:a5:61:4f:63:b0:
10:c6:14:3a:87:4a:89:ab:bf:bd:8a:f5:ce:5c:3e:f4:88:f6:
63:a8:d5:3d:84:f5:b5:c8:55:01:0f:b5:f8:b1:16:38:4d:2d:
61:7a:dc:a5:ce:88:a7:8a:f0:10:24:a6:25:4a:02:5d:0a:56:
2a:0c:1f:c9:07:9a:79:ad:cd:cc:ea:c6:f8:a7:eb:ca:89:d6:
c7:6e:6a:1c:50:1c:7a:a9:ec:6b:04:a7:52:5a:ce:5b:2e:b6:
c4:fc:4b:00:e8:e1:69:e5:14:7a:cd:98:38:73:79:a7:94:6c:
9c:90:77:ad:6d:f3:5b:57:3d:c5:86:c9:9c:14:a1:38:be:f1:
42:60:5c:9c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZc6KL4FMzEGTsE1rTBuoAMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjA0MDg1NzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQ3MzNkMzhkNDE0NGFlZTRlNjk3YTVjZGE3MjZjYWViZWNmZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgSDqf6AoDQqLkyrzReDBjSLDQz2
vHHRJ254Qs3KH28uKv3KuGxM5c1/mQFXhClDTGrD6XunewcT2UV5gfR7uCbFUMzo
iFvV2MRq/f1JAecCiUIKEYIJF1owo2OS6jIgIZEuHDnV5KhXyjXXCHZGuT+NzVGO
V5CaQxGcTc7npgZXCRDRHWSDcollMyeKRXxdbjzGYqH5AvOXz79g+s+1RV2TbJ4e
C39EjwX2NdtaWtT7oYgOGCYe9kBaqt6Z3/mEwdD8xBNDZ/4brcwO9Z1WGuQHw0TJ
WRXAzvlH89UBcCNO5N75hZ4TGI/ZIeMtfNdHtL/2+l1cI2AuCqMOYoIHOQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFElHM9ONQUSu5OaXpc2nJsrr7P2xMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvU1VjejA0MUJSSzdrNXBlbHphY215dXZzX2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQC2TwkAwQA
2TzvAwQA2TzyMAwDBAHZPPYDBAHZPPgDBADZPPwwDQYJKoZIhvcNAQELBQADggEB
AFGn6T9bfRADoqUgc1XR+TcA+SUwqWXjTjjskv6zZV1cOfgpFpUDFShuHkyCFkzs
+JCJ4kcU7YB48FpzpUIhy5dY+23TUdEgZA8qUCLLV+mjLgKzX4YbAI9R5l2bgz6K
+GkYXdSWNNxVLOK0he/HO/1/OvJGh0u3rbulYU9jsBDGFDqHSomrv72K9c5cPvSI
9mOo1T2E9bXIVQEPtfixFjhNLWF63KXOiKeK8BAkpiVKAl0KVioMH8kHmnmtzczq
xvin68qJ1sduahxQHHqp7GsEp1JazlsutsT8SwDo4WnlFHrNmDhzeaeUbJyQd61t
81tXPcWGyZwUoTi+8UJgXJw=
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:07:24 2025 by rpki-client