Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/aUbYV_QoG2p8YpNT6ycV_-19Xt0.roa
File: aUbYV_QoG2p8YpNT6ycV_-19Xt0.roa (raw, json)
Hash identifier: sV/gCHAeTwqc8NU5r0vHGh9YwlA0BhGU9gB5FFfyOeg=
Subject key identifier: 69:46:D8:57:F4:28:1B:6A:7C:62:93:53:EB:27:15:FF:ED:7D:5E:DD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01969A2AB106604B37F92F44666B46FB817B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/aUbYV_QoG2p8YpNT6ycV_-19Xt0.roa
Signing time: Sun 04 May 2025 07:20:11 +0000
ROA not before: Sun 04 May 2025 07:20:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.36.0/22 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 May 2025 07:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:2a:b1:06:60:4b:37:f9:2f:44:66:6b:46:fb:81:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 4 07:20:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6946d857f4281b6a7c629353eb2715ffed7d5edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:33:f9:a0:38:8b:63:2d:e6:1f:90:33:28:ff:
2c:67:40:2a:e5:b0:f9:fd:a0:ce:f3:33:fe:ec:de:
3d:b8:f4:ae:de:e7:29:45:a1:e7:47:60:e5:0a:ea:
43:49:7b:7b:b7:ae:87:db:52:29:09:4d:c3:a3:66:
5a:68:f2:e8:aa:05:31:56:06:f7:d8:f7:d4:82:2d:
de:85:f6:f0:99:0a:a3:81:9d:a6:9e:19:71:78:15:
27:5b:e3:be:e6:d9:9e:a7:a4:fb:af:b6:3a:f3:3b:
d9:e1:0e:ee:20:3c:b1:6d:8a:f4:1b:09:8d:73:d8:
ec:e5:05:1d:94:04:7a:c8:7d:e7:45:5a:7f:dd:09:
0e:4e:da:3b:a6:d8:c3:7c:cb:f8:51:c8:e1:45:4b:
fd:d2:63:6a:a8:f1:e7:02:e9:51:48:cc:ff:2c:a8:
70:0a:b9:81:dd:9b:79:fc:83:84:a4:d7:1b:60:64:
29:a9:dd:ca:39:62:1f:08:ab:e7:2a:2c:a0:54:a6:
7f:c4:d9:40:01:35:ef:2f:d0:d3:a2:57:7d:d7:19:
db:59:18:0c:e0:c9:37:8c:70:ac:b3:c7:83:c3:49:
21:b7:c8:ca:96:07:c8:76:5e:07:d6:72:8d:b9:37:
07:a6:f3:70:38:e9:52:5b:da:ee:4e:8e:9f:65:40:
4d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:46:D8:57:F4:28:1B:6A:7C:62:93:53:EB:27:15:FF:ED:7D:5E:DD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/aUbYV_QoG2p8YpNT6ycV_-19Xt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.36.0/22
217.60.44.0/22
217.60.56.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:8a:6c:ca:cf:73:64:67:24:9e:75:37:a5:26:04:6e:47:3b:
2a:c8:8d:90:11:f4:b6:ac:1e:68:ba:d0:42:56:3d:52:eb:f2:
4a:f7:17:1b:5e:ed:6a:65:13:8c:fc:c9:a0:69:8c:c2:9b:c1:
9c:13:bf:09:8b:41:f7:95:43:00:0a:4d:04:ea:8c:02:84:2b:
64:b8:20:ea:3f:7b:0b:b1:09:9c:15:4c:7c:59:b2:63:bd:f0:
0b:a9:cb:75:bb:03:5a:e5:42:a9:e8:05:17:c3:18:79:75:36:
17:7c:18:0a:18:4a:55:4c:27:1b:e5:ce:0a:b4:9c:61:b7:76:
40:ce:21:c9:f1:b3:a9:5e:07:f3:81:ff:93:37:d9:ef:ae:0f:
e5:72:c8:83:08:2c:12:51:cf:00:b6:08:23:4b:9b:4a:bc:ee:
e6:57:94:5a:fa:f7:dc:c1:c0:7d:5a:92:e3:00:f6:66:28:9a:
d8:d8:61:45:16:38:d0:87:09:e7:34:57:9a:dd:6a:1a:94:0a:
a0:03:ea:60:e1:20:90:ef:6b:8a:fd:55:0a:93:86:4f:ed:72:
58:ff:4e:cd:2a:1b:1c:e3:a3:05:70:75:1a:17:13:c2:f5:5d:
7c:e7:1e:76:61:ac:d1:2d:4e:a3:96:47:48:75:64:3c:e7:f1:
11:b3:a8:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaaKrEGYEs3+S9EZmtG+4F7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA0MDcyMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQ2ZDg1N2Y0MjgxYjZhN2M2MjkzNTNlYjI3MTVmZmVkN2Q1ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzP5oDiLYy3mH5AzKP8sZ0Aq5bD5
/aDO8zP+7N49uPSu3ucpRaHnR2DlCupDSXt7t66H21IpCU3Do2ZaaPLoqgUxVgb3
2PfUgi3ehfbwmQqjgZ2mnhlxeBUnW+O+5tmep6T7r7Y68zvZ4Q7uIDyxbYr0GwmN
c9js5QUdlAR6yH3nRVp/3QkOTto7ptjDfMv4UcjhRUv90mNqqPHnAulRSMz/LKhw
CrmB3Zt5/IOEpNcbYGQpqd3KOWIfCKvnKiygVKZ/xNlAATXvL9DTold91xnbWRgM
4Mk3jHCss8eDw0kht8jKlgfIdl4H1nKNuTcHpvNwOOlSW9ruTo6fZUBNbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGlG2Ff0KBtqfGKTU+snFf/tfV7dMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYVViWVZfUW9HMnA4WXBOVDZ5Y1ZfLTE5WHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQD2TwAAwQC
2TwMAwQC2TwYAwQC2TwkAwQC2TwsAwQD2Tw4MA0GCSqGSIb3DQEBCwUAA4IBAQCO
imzKz3NkZySedTelJgRuRzsqyI2QEfS2rB5outBCVj1S6/JK9xcbXu1qZROM/Mmg
aYzCm8GcE78Ji0H3lUMACk0E6owChCtkuCDqP3sLsQmcFUx8WbJjvfALqct1uwNa
5UKp6AUXwxh5dTYXfBgKGEpVTCcb5c4KtJxht3ZAziHJ8bOpXgfzgf+TN9nvrg/l
csiDCCwSUc8AtggjS5tKvO7mV5Ra+vfcwcB9WpLjAPZmKJrY2GFFFjjQhwnnNFea
3WoalAqgA+pg4SCQ72uK/VUKk4ZP7XJY/07NKhsc46MFcHUaFxPC9V185x52YazR
LU6jlkdIdWQ85/ERs6j3
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:53:38 2025 by rpki-client