Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YHCqItxCeirf_LvP8DvNTBsuG1E.roa
File: YHCqItxCeirf_LvP8DvNTBsuG1E.roa (raw, json)
Hash identifier: xTysAn8ODc0Hu6g6GivVJcuD78L90UY1XUn2ElDL0yg=
Subject key identifier: 60:70:AA:22:DC:42:7A:2A:DF:FC:BB:CF:F0:3B:CD:4C:1B:2E:1B:51
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0197596A72AED5A057AA9DD1D5919A29ADD6
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YHCqItxCeirf_LvP8DvNTBsuG1E.roa
Signing time: Tue 10 Jun 2025 10:37:17 +0000
ROA not before: Tue 10 Jun 2025 10:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.55.8.0/22 maxlen: 24
88.223.164.0/22 maxlen: 24
88.223.168.0/21 maxlen: 24
95.173.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 12:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:6a:72:ae:d5:a0:57:aa:9d:d1:d5:91:9a:29:ad:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jun 10 10:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6070aa22dc427a2adffcbbcff03bcd4c1b2e1b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:ed:66:7d:61:87:04:b7:22:50:dd:79:29:
8d:30:c9:de:38:7e:7e:a0:27:a8:3a:11:5b:a2:66:
a0:02:3c:4f:83:22:7a:4e:b2:ab:e4:ae:43:83:a8:
62:72:a3:8e:91:bd:b1:f7:66:6e:6a:5a:dd:2a:40:
7d:db:07:54:fa:a3:37:f2:26:d2:6e:3e:9e:ca:93:
01:fa:6a:68:2c:2f:57:30:9f:65:98:3b:c1:38:44:
ad:8a:4e:9b:4a:60:c3:bd:6a:c0:f8:4c:57:69:c8:
1c:86:e7:68:f3:55:da:c7:98:70:1e:f4:a8:c3:aa:
37:ee:e9:16:16:ff:a8:25:14:0a:cb:2b:be:2d:6a:
29:34:5a:49:6d:71:af:7f:2a:8e:d2:13:c2:fe:df:
a2:1c:99:3a:7b:6c:58:51:dd:9a:2b:2f:60:48:c9:
3f:3e:f3:c7:a2:25:9a:af:ec:1d:d1:4c:1d:ab:8a:
db:60:dc:5d:5a:ae:b8:55:34:c5:9d:2f:cc:cc:a4:
0d:35:ca:fe:04:1b:bc:19:69:a7:30:bc:a1:b6:98:
69:15:1d:47:d8:e4:6a:04:3d:16:b5:b4:15:7c:71:
f0:47:33:86:7d:0d:81:99:7b:b3:3c:05:4f:33:b4:
8c:b9:8e:ae:cf:9d:cd:a9:6c:47:83:b0:18:3b:57:
1d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:70:AA:22:DC:42:7A:2A:DF:FC:BB:CF:F0:3B:CD:4C:1B:2E:1B:51
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YHCqItxCeirf_LvP8DvNTBsuG1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.8.0/22
88.223.164.0-88.223.175.255
95.173.48.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:da:4f:52:16:85:14:5a:a1:a9:eb:d0:bf:d6:68:d3:57:a3:
10:04:35:ac:15:06:5a:6c:51:e3:34:d5:98:a8:7f:e7:7c:78:
ff:4f:30:65:4d:b3:48:36:68:ec:98:b0:81:92:ca:19:56:72:
41:e9:57:ad:ca:b7:21:2a:1e:e6:3f:50:c1:04:41:4a:51:46:
26:45:84:26:f8:a7:f7:23:7f:a5:62:a8:4c:bf:2e:c3:82:92:
fe:7f:c0:b6:75:ee:3c:b1:a3:23:84:e8:93:8a:8a:41:a7:59:
e2:c9:84:45:fc:7c:ea:be:30:72:6e:64:63:98:ad:bd:83:37:
be:72:9e:57:d8:93:9a:0a:81:ff:9b:12:48:11:99:d1:eb:ab:
8b:8e:0a:78:4d:36:93:10:45:d2:0b:db:4c:78:3b:a2:eb:2b:
49:37:d1:f1:38:90:0e:ac:a1:6b:c2:00:d7:ba:62:98:24:d5:
2c:c9:fa:6d:47:0b:2a:10:cf:dd:0a:a0:3d:13:26:8e:9c:5d:
49:ef:01:31:1e:05:49:35:45:cc:4e:31:11:c3:cd:3e:34:b8:
b9:9b:f7:c3:fe:de:13:0c:12:df:e6:75:64:15:8d:f1:80:ff:
00:49:f0:72:43:e4:21:ee:8a:42:36:04:c0:77:70:db:57:d8:
bf:ba:79:cb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZdZanKu1aBXqp3R1ZGaKa3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwNjEwMTAzNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcwYWEyMmRjNDI3YTJhZGZmY2JiY2ZmMDNiY2Q0YzFiMmUxYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+/tZn1hhwS3IlDdeSmNMMneOH5+
oCeoOhFbomagAjxPgyJ6TrKr5K5Dg6hicqOOkb2x92ZualrdKkB92wdU+qM38ibS
bj6eypMB+mpoLC9XMJ9lmDvBOEStik6bSmDDvWrA+ExXacgchudo81Xax5hwHvSo
w6o37ukWFv+oJRQKyyu+LWopNFpJbXGvfyqO0hPC/t+iHJk6e2xYUd2aKy9gSMk/
PvPHoiWar+wd0Uwdq4rbYNxdWq64VTTFnS/MzKQNNcr+BBu8GWmnMLyhtphpFR1H
2ORqBD0WtbQVfHHwRzOGfQ2BmXuzPAVPM7SMuY6uz53NqWxHg7AYO1cdnwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGBwqiLcQnoq3/y7z/A7zUwbLhtRMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvWUhDcUl0eENlaXJmX0x2UDhEdk5UQnN1RzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCVDcIMAwD
BAJY36QDBARY36ADBARfrTAwDQYJKoZIhvcNAQELBQADggEBAH7aT1IWhRRaoanr
0L/WaNNXoxAENawVBlpsUeM01Ziof+d8eP9PMGVNs0g2aOyYsIGSyhlWckHpV63K
tyEqHuY/UMEEQUpRRiZFhCb4p/cjf6ViqEy/LsOCkv5/wLZ17jyxoyOE6JOKikGn
WeLJhEX8fOq+MHJuZGOYrb2DN75ynlfYk5oKgf+bEkgRmdHrq4uOCnhNNpMQRdIL
20x4O6LrK0k30fE4kA6soWvCANe6Ypgk1SzJ+m1HCyoQz90KoD0TJo6cXUnvATEe
BUk1RcxOMRHDzT40uLmb98P+3hMMEt/mdWQVjfGA/wBJ8HJD5CHuikI2BMB3cNtX
2L+6ecs=
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:07:06 2025 by rpki-client