Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ux3QLkWYa8vLdtUU41G2peAtx4I.roa
File: Ux3QLkWYa8vLdtUU41G2peAtx4I.roa (raw, json)
Hash identifier: +xsCOeD850VyLsbuo3GCSsyUgDK21raT0hvDClhB5lY=
Subject key identifier: 53:1D:D0:2E:45:98:6B:CB:CB:76:D5:14:E3:51:B6:A5:E0:2D:C7:82
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195FADA5EE357AF16E08ADCC017150D237B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ux3QLkWYa8vLdtUU41G2peAtx4I.roa
Signing time: Thu 03 Apr 2025 08:52:49 +0000
ROA not before: Thu 03 Apr 2025 08:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 03 Apr 2025 10:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:da:5e:e3:57:af:16:e0:8a:dc:c0:17:15:0d:23:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 3 08:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=531dd02e45986bcbcb76d514e351b6a5e02dc782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:20:20:4d:8e:54:b6:83:a7:a0:1c:68:2d:33:
01:0c:5b:8b:49:1a:5e:aa:92:56:16:ce:7e:fb:17:
7f:ff:f7:36:f6:ab:b7:16:2c:1e:87:8f:c3:14:62:
d0:f0:d4:68:f0:56:f8:a6:a2:27:d8:37:0f:1e:40:
4f:04:6f:70:d3:69:d4:86:e8:65:50:05:80:7c:ca:
2f:c1:2a:c7:56:e6:f0:9c:7b:51:e0:83:49:0a:61:
38:60:b9:a6:ed:38:07:8b:f9:cf:94:75:f6:bc:6e:
89:40:57:67:a5:7e:49:06:2e:30:41:fe:97:19:f4:
66:2a:63:61:d4:43:14:7e:b5:85:cf:3b:c2:4f:a2:
0e:f8:1d:6c:e0:56:46:a7:4b:80:93:ec:d4:fd:d0:
59:59:46:2d:73:a0:46:01:01:df:f9:8b:20:41:75:
52:a5:fe:cf:6e:39:2f:ca:0a:7b:95:96:1b:43:14:
b5:b3:cb:49:d0:ea:67:79:ec:1c:8a:dd:6e:4e:ef:
7c:76:23:d0:32:ca:b4:07:14:b7:3d:7d:ea:aa:24:
8e:d7:6c:15:f5:00:b2:8f:e0:cc:7e:73:56:47:25:
42:98:b1:8a:84:12:e7:cb:bf:07:67:fc:1a:9e:b7:
ad:84:2d:bf:b1:b9:d6:05:98:a8:c9:07:8d:af:53:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1D:D0:2E:45:98:6B:CB:CB:76:D5:14:E3:51:B6:A5:E0:2D:C7:82
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ux3QLkWYa8vLdtUU41G2peAtx4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.196.0/23
217.60.244.0/23
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
3c:a6:ac:10:f9:c4:71:79:03:5e:b0:b0:ac:a2:2e:1c:46:9b:
ec:8b:5d:5e:21:24:d7:a5:d6:46:cc:90:39:a6:ca:0b:4e:b4:
54:e9:5f:98:d8:4d:42:aa:0d:c3:f4:de:f1:b2:94:83:e4:c8:
f0:4d:88:af:f2:f8:3a:c3:db:33:6a:33:ca:6c:4e:98:87:22:
5b:33:60:d3:7f:16:48:87:2b:63:ba:04:5d:2e:ec:ef:9f:12:
57:03:2a:a9:92:0d:09:d3:a9:14:cf:75:ca:7e:9e:c9:13:34:
c0:c9:ac:56:14:47:9e:c2:bc:ba:c1:9e:37:06:bd:fa:39:ba:
1d:9a:17:48:f5:21:0e:a1:08:54:61:3b:97:87:52:50:a4:01:
b4:b3:1b:77:a6:80:c8:12:73:e9:e7:d4:df:bb:9f:6c:bf:91:
16:fd:a2:40:23:f9:a8:2e:59:bc:16:9d:9b:f9:5d:6e:4a:77:
8c:b9:0c:ba:e7:4e:8c:d4:77:c2:ac:b2:00:a4:7e:58:c1:ed:
9b:56:f1:60:96:86:0a:05:49:bc:8a:0f:f1:23:19:f0:fe:74:
5a:79:8f:12:82:e2:0b:03:4d:96:8e:da:ca:ae:5b:c7:a8:49:
f7:58:79:91:44:15:8a:aa:8a:6e:50:0f:37:52:4e:54:48:d6:
9b:ca:11:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZX62l7jV68W4IrcwBcVDSN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDAzMDg1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFkZDAyZTQ1OTg2YmNiY2I3NmQ1MTRlMzUxYjZhNWUwMmRjNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCAgTY5UtoOnoBxoLTMBDFuLSRpe
qpJWFs5++xd///c29qu3Fiweh4/DFGLQ8NRo8Fb4pqIn2DcPHkBPBG9w02nUhuhl
UAWAfMovwSrHVubwnHtR4INJCmE4YLmm7TgHi/nPlHX2vG6JQFdnpX5JBi4wQf6X
GfRmKmNh1EMUfrWFzzvCT6IO+B1s4FZGp0uAk+zU/dBZWUYtc6BGAQHf+YsgQXVS
pf7Pbjkvygp7lZYbQxS1s8tJ0Opneewcit1uTu98diPQMsq0BxS3PX3qqiSO12wV
9QCyj+DMfnNWRyVCmLGKhBLny78HZ/wanrethC2/sbnWBZioyQeNr1MO7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFMd0C5FmGvLy3bVFONRtqXgLceCMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVXgzUUxrV1lhOHZMZHRVVTQxRzJwZUF0eDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQB2TzEAwQB
2Tz0MA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQA8pqwQ+cRxeQNe
sLCsoi4cRpvsi11eISTXpdZGzJA5psoLTrRU6V+Y2E1Cqg3D9N7xspSD5MjwTYiv
8vg6w9szajPKbE6YhyJbM2DTfxZIhytjugRdLuzvnxJXAyqpkg0J06kUz3XKfp7J
EzTAyaxWFEeewry6wZ43Br36ObodmhdI9SEOoQhUYTuXh1JQpAG0sxt3poDIEnPp
59Tfu59sv5EW/aJAI/moLlm8Fp2b+V1uSneMuQy6506M1HfCrLIApH5Ywe2bVvFg
loYKBUm8ig/xIxnw/nRaeY8SguILA02WjtrKrlvHqEn3WHmRRBWKqopuUA83Uk5U
SNabyhGA
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:42:16 2025 by rpki-client