Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uir5suYuMXDKe4CdN_Ok9iztfHI.roa
File: uir5suYuMXDKe4CdN_Ok9iztfHI.roa (raw, json)
Hash identifier: C5WSEs5jBZivq04DhYJpo+eL4Cd+dU6Rn+hAg1DloUo=
Subject key identifier: BA:2A:F9:B2:E6:2E:31:70:CA:7B:80:9D:37:F3:A4:F6:2C:ED:7C:72
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019777EAFD0635D0022507D9202F1CD65470
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uir5suYuMXDKe4CdN_Ok9iztfHI.roa
Signing time: Mon 16 Jun 2025 08:46:18 +0000
ROA not before: Mon 16 Jun 2025 08:46:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 217.60.239.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jun 2025 13:15:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:ea:fd:06:35:d0:02:25:07:d9:20:2f:1c:d6:54:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 16 08:46:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba2af9b2e62e3170ca7b809d37f3a4f62ced7c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8f:88:16:51:81:04:17:e2:cd:fa:94:29:2c:
a2:9d:c7:40:01:0d:61:3e:4c:d1:79:48:c6:d6:c0:
66:68:26:88:48:41:5f:06:f7:04:96:46:10:bc:90:
0e:31:9d:2a:af:41:cf:d4:f3:87:c1:c3:bd:51:00:
40:6c:aa:be:52:bd:68:57:3b:37:34:c4:5e:eb:21:
7d:ed:3e:71:2d:73:83:fc:57:f1:8a:7a:c1:01:ea:
90:7f:d5:e4:18:71:7a:63:6a:6a:7d:dc:17:dd:55:
83:f7:e8:d8:44:45:bd:1a:a3:d9:bf:ca:ae:c7:2a:
cb:78:6a:03:ea:90:90:5c:72:65:a9:e7:b9:e5:15:
f3:b2:40:5b:c9:07:07:44:79:61:ec:3c:05:e8:af:
56:f7:a8:73:9a:b1:3a:9c:5f:3e:fd:d5:cc:05:6b:
c6:8b:f9:76:d0:20:78:42:7d:e3:c6:b9:56:0f:ff:
f0:81:48:ee:10:93:64:73:0d:2e:a0:98:9f:29:fd:
a3:50:a9:15:19:90:f7:cc:91:16:43:c3:00:54:9b:
67:ec:1d:25:16:0c:98:f4:a8:be:a3:65:e4:ff:97:
6c:c1:03:cf:b0:f1:cc:a1:82:b8:9b:f6:2f:bc:88:
91:fd:31:43:77:c4:5f:02:8a:6b:68:c5:ef:4e:01:
f0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:2A:F9:B2:E6:2E:31:70:CA:7B:80:9D:37:F3:A4:F6:2C:ED:7C:72
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uir5suYuMXDKe4CdN_Ok9iztfHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.239.0/24
217.60.242.0/24
217.60.247.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6e:b4:dc:b3:61:51:a7:f5:90:c4:a8:d5:11:b7:a4:54:d7:
8f:90:80:29:52:78:53:c4:ac:85:9e:c5:44:08:0f:ea:51:4f:
f7:99:3c:e3:89:04:0a:73:37:c3:ee:c8:cd:52:6d:23:83:75:
56:36:94:79:c1:0e:e1:b3:bd:ec:b8:25:e2:fc:54:03:59:d0:
82:05:cb:ad:6a:d9:d9:7f:b1:f5:26:db:40:21:f1:37:b0:56:
10:27:f1:52:30:04:45:a2:ea:5a:ff:27:24:42:0c:8d:e7:6b:
72:ff:b6:74:77:fe:29:67:13:9e:52:d5:98:02:d1:e2:6d:24:
3a:00:33:8b:0e:dd:67:cd:45:35:74:80:ab:d1:f9:8b:01:22:
af:6a:ff:73:71:34:f9:b9:85:b1:b6:96:ba:c9:6e:94:7a:db:
35:43:ac:4d:35:60:8b:c7:01:61:2b:f1:48:6e:b9:b3:2b:b0:
38:d4:d3:d9:16:77:bc:3e:b8:bd:38:11:4a:7a:2b:4a:82:47:
e5:0e:4d:51:5c:41:85:6a:b8:03:af:f9:85:78:a8:13:19:aa:
44:7a:74:de:f9:28:f5:09:a9:f1:2f:43:48:b6:1f:41:7e:71:
ab:0c:b1:0a:c7:43:60:22:ca:54:4a:0b:33:08:08:30:f2:dc:
36:2f:10:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZd36v0GNdACJQfZIC8c1lRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjE2MDg0NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTJhZjliMmU2MmUzMTcwY2E3YjgwOWQzN2YzYTRmNjJjZWQ3YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o+IFlGBBBfizfqUKSyincdAAQ1h
PkzReUjG1sBmaCaISEFfBvcElkYQvJAOMZ0qr0HP1POHwcO9UQBAbKq+Ur1oVzs3
NMRe6yF97T5xLXOD/FfxinrBAeqQf9XkGHF6Y2pqfdwX3VWD9+jYREW9GqPZv8qu
xyrLeGoD6pCQXHJlqee55RXzskBbyQcHRHlh7DwF6K9W96hzmrE6nF8+/dXMBWvG
i/l20CB4Qn3jxrlWD//wgUjuEJNkcw0uoJifKf2jUKkVGZD3zJEWQ8MAVJtn7B0l
FgyY9Ki+o2Xk/5dswQPPsPHMoYK4m/YvvIiR/TFDd8RfAopraMXvTgHwxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLoq+bLmLjFwynuAnTfzpPYs7XxyMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdWlyNXN1WXVNWERLZTRDZE5fT2s5aXp0ZkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2TzvAwQA
2TzyAwQA2Tz3MA0GCSqGSIb3DQEBCwUAA4IBAQBEbrTcs2FRp/WQxKjVEbekVNeP
kIApUnhTxKyFnsVECA/qUU/3mTzjiQQKczfD7sjNUm0jg3VWNpR5wQ7hs73suCXi
/FQDWdCCBcutatnZf7H1JttAIfE3sFYQJ/FSMARFoupa/yckQgyN52ty/7Z0d/4p
ZxOeUtWYAtHibSQ6ADOLDt1nzUU1dICr0fmLASKvav9zcTT5uYWxtpa6yW6Uets1
Q6xNNWCLxwFhK/FIbrmzK7A41NPZFne8Pri9OBFKeitKgkflDk1RXEGFargDr/mF
eKgTGapEenTe+Sj1CanxL0NIth9BfnGrDLEKx0NgIspUSgszCAgw8tw2LxDW
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:46:19 2025 by rpki-client