Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/akQEP_0ic9TaRGx-LjdQ1bLlcmc.roa
File: akQEP_0ic9TaRGx-LjdQ1bLlcmc.roa (raw, json)
Hash identifier: izt+ivo1P2k92dJeAs87jKzbkg1Qvk0e+AWWB+R8cnk=
Subject key identifier: 6A:44:04:3F:FD:22:73:D4:DA:44:6C:7E:2E:37:50:D5:B2:E5:72:67
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019767D6C8AEC12C39A025BC9A678543FA07
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/akQEP_0ic9TaRGx-LjdQ1bLlcmc.roa
Signing time: Fri 13 Jun 2025 05:50:18 +0000
ROA not before: Fri 13 Jun 2025 05:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 217.60.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 08:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:67:d6:c8:ae:c1:2c:39:a0:25:bc:9a:67:85:43:fa:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 13 05:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a44043ffd2273d4da446c7e2e3750d5b2e57267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:1b:cf:19:3e:71:6d:a5:30:30:cf:b8:37:
8c:ed:5b:d9:4c:a8:9c:35:75:fd:75:2b:60:3f:a7:
bc:c5:c0:35:81:44:2c:22:7b:6e:ee:82:7b:fb:36:
93:2d:8e:b6:42:91:3a:fd:e1:b8:7c:4c:7b:ba:40:
90:7e:08:ef:3a:ff:39:20:fc:0b:37:7e:16:a8:6e:
c1:2b:fa:22:5c:05:08:fb:81:8e:72:77:7b:05:1b:
dd:30:ce:63:d8:2a:75:c4:19:f5:fc:20:52:d0:06:
83:f9:c0:69:b9:3d:20:81:e9:08:24:a6:b0:d0:ea:
45:48:3b:61:54:89:fc:97:46:5e:ed:25:04:66:ba:
23:1f:3d:18:49:0e:f2:78:29:e0:49:c4:5e:26:97:
29:2a:5a:1c:c6:a7:79:ea:9c:94:d0:25:1c:69:06:
c8:dc:5e:eb:4a:c3:21:2d:85:c4:57:4b:b9:e4:d7:
a7:ec:54:5b:e3:8d:f4:e4:22:d3:59:a2:00:11:ab:
17:92:f6:47:d9:ae:41:36:bb:07:0f:79:ee:b2:b0:
64:f7:34:9b:f6:8f:54:14:fc:14:9d:04:18:10:82:
8f:39:4a:63:58:43:e5:2c:ee:51:3a:4d:46:a3:9c:
ca:25:d0:79:89:2e:ff:e4:ad:b5:03:ca:a2:75:f4:
07:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:44:04:3F:FD:22:73:D4:DA:44:6C:7E:2E:37:50:D5:B2:E5:72:67
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/akQEP_0ic9TaRGx-LjdQ1bLlcmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.239.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3d:7a:b6:23:f3:e0:51:86:5d:de:9d:e4:55:f4:ba:15:51:
5a:ab:25:62:b1:c5:fa:dd:74:12:78:c7:e1:05:82:c1:3c:58:
88:d4:c7:70:fc:9b:2d:6b:b0:c2:3d:18:10:69:7c:c2:17:d4:
39:01:b4:ae:09:ff:c7:33:00:de:cf:28:f5:c4:39:d4:4f:03:
06:8c:16:a5:1a:7c:72:37:3c:b2:c3:f2:c4:37:ef:d1:c4:46:
84:46:21:4f:fa:96:7c:d2:13:3e:dd:9e:fb:04:76:af:09:59:
fe:f3:42:f8:3e:24:0c:7a:1f:63:53:f4:4b:d1:91:91:83:c1:
8b:28:3a:14:6e:66:ee:a9:45:f0:d8:0c:4b:b1:ad:a5:fc:72:
f8:75:cb:88:7c:96:4b:25:d9:6e:08:14:12:38:f5:54:1c:7d:
66:ee:fb:98:99:a4:ae:83:59:85:1c:79:90:61:d2:05:98:24:
07:b5:35:a7:68:71:a3:73:f8:5a:ef:7d:87:a3:04:06:b0:a1:
8d:b5:6e:9e:e1:cc:c6:d5:01:63:81:73:ce:df:88:2c:fe:03:
96:96:7d:89:f1:c9:5e:58:e0:83:9f:ae:93:0a:be:f0:04:20:
2d:e3:ea:e6:5c:00:fa:44:f1:b9:15:ed:d4:e6:4a:bf:b0:5d:
57:73:ad:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdn1siuwSw5oCW8mmeFQ/oHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjEzMDU1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQ0MDQzZmZkMjI3M2Q0ZGE0NDZjN2UyZTM3NTBkNWIyZTU3MjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Ibzxk+cW2lMDDPuDeM7VvZTKic
NXX9dStgP6e8xcA1gUQsIntu7oJ7+zaTLY62QpE6/eG4fEx7ukCQfgjvOv85IPwL
N34WqG7BK/oiXAUI+4GOcnd7BRvdMM5j2Cp1xBn1/CBS0AaD+cBpuT0ggekIJKaw
0OpFSDthVIn8l0Ze7SUEZrojHz0YSQ7yeCngScReJpcpKlocxqd56pyU0CUcaQbI
3F7rSsMhLYXEV0u55Nen7FRb44305CLTWaIAEasXkvZH2a5BNrsHD3nusrBk9zSb
9o9UFPwUnQQYEIKPOUpjWEPlLO5ROk1Go5zKJdB5iS7/5K21A8qidfQHDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpEBD/9InPU2kRsfi43UNWy5XJnMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYWtRRVBfMGljOVRhUkd4LUxqZFExYkxsY21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2TzvMA0G
CSqGSIb3DQEBCwUAA4IBAQAzPXq2I/PgUYZd3p3kVfS6FVFaqyViscX63XQSeMfh
BYLBPFiI1Mdw/Jsta7DCPRgQaXzCF9Q5AbSuCf/HMwDezyj1xDnUTwMGjBalGnxy
Nzyyw/LEN+/RxEaERiFP+pZ80hM+3Z77BHavCVn+80L4PiQMeh9jU/RL0ZGRg8GL
KDoUbmbuqUXw2AxLsa2l/HL4dcuIfJZLJdluCBQSOPVUHH1m7vuYmaSug1mFHHmQ
YdIFmCQHtTWnaHGjc/ha732HowQGsKGNtW6e4czG1QFjgXPO34gs/gOWln2J8cle
WOCDn66TCr7wBCAt4+rmXAD6RPG5Fe3U5kq/sF1Xc63F
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:45:52 2025 by rpki-client