Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0YEBISqwLBu9dgrWGV-hOL5nF_A.roa
File: 0YEBISqwLBu9dgrWGV-hOL5nF_A.roa (raw, json)
Hash identifier: DAtIYDWnHGjEDsBR4VBe8HE4DPHFnyg5utUEJFuQGJE=
Subject key identifier: D1:81:01:21:2A:B0:2C:1B:BD:76:0A:D6:19:5F:A1:38:BE:67:17:F0
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019792E3ABE5EBF5076535BDD67F2FA0D112
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0YEBISqwLBu9dgrWGV-hOL5nF_A.roa
Signing time: Sat 21 Jun 2025 14:28:03 +0000
ROA not before: Sat 21 Jun 2025 14:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 88.223.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jun 2025 05:20:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:92:e3:ab:e5:eb:f5:07:65:35:bd:d6:7f:2f:a0:d1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jun 21 14:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d18101212ab02c1bbd760ad6195fa138be6717f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:68:bd:a2:6f:a0:40:9d:54:76:f3:06:a3:
8a:3a:99:89:15:ac:38:79:48:41:d1:dd:f9:15:c2:
b0:4e:13:f2:ef:3f:1d:17:70:01:0e:18:f3:cc:e2:
dd:37:2a:b9:45:43:d2:73:96:fc:b1:55:2f:8c:6d:
74:63:0a:bd:48:b8:f7:1b:76:94:a9:a3:97:6e:5b:
3c:41:a4:23:12:32:f7:a4:42:11:c3:20:31:00:52:
f9:12:68:66:0f:81:05:b5:fa:3c:8f:b9:b7:ec:2b:
a2:8f:16:dc:57:83:6c:fd:e4:6e:5b:24:ff:59:13:
b0:89:c5:45:6a:dd:9d:86:2b:be:7d:ee:c5:96:cf:
47:98:61:73:0a:4d:44:0c:5c:5d:fc:2e:eb:bc:2a:
2e:3e:2c:04:fe:91:d8:f2:f7:1b:17:38:96:e8:4d:
1d:de:a7:b1:f1:c7:5a:9a:58:3c:fe:58:cf:5b:9d:
13:cb:e2:3e:3f:48:6a:39:da:79:c4:c6:f9:0f:66:
c2:14:57:48:ef:ea:e7:6a:12:26:36:a8:ba:6d:ce:
aa:63:11:b4:52:c6:b8:8a:84:4a:49:d7:c3:17:fa:
9c:f7:80:3b:e0:c7:63:a6:4a:0c:2e:20:9a:a1:62:
d9:30:0d:64:8e:db:00:d3:02:12:30:9a:1d:3f:bb:
41:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:81:01:21:2A:B0:2C:1B:BD:76:0A:D6:19:5F:A1:38:BE:67:17:F0
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0YEBISqwLBu9dgrWGV-hOL5nF_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.223.168.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f3:97:ff:31:9f:b6:a8:48:17:c9:87:84:ab:f3:d1:9b:2f:
23:f7:b2:d2:8c:27:38:b6:50:fa:ae:e2:83:3a:27:04:96:7c:
03:27:31:8b:69:0d:39:19:09:d1:27:59:d1:d8:7f:cf:11:b0:
ab:85:bd:7c:5b:58:e1:b1:03:f2:19:17:50:c5:88:04:0d:53:
b4:0e:7b:9b:55:22:2f:fb:a8:5d:ad:32:47:26:02:bc:44:32:
2d:88:6f:1f:71:28:62:f4:46:d4:97:bc:ba:4b:7c:9e:d2:83:
81:05:52:72:17:3a:60:e2:31:e3:09:ab:92:bb:07:0f:fc:01:
a8:73:b9:2c:7b:be:6b:d7:19:29:0a:6c:45:bd:41:50:e0:be:
fb:fe:f7:b7:f8:ee:77:08:a4:5c:6b:6c:29:ba:5e:59:59:1e:
bf:27:92:30:5a:65:84:fa:54:0b:03:f2:c9:ab:e5:cd:a6:f7:
63:d2:2d:8c:c9:ee:9b:a1:7d:13:73:e7:c1:ed:a9:17:aa:16:
16:09:da:88:b5:a5:e1:a4:28:1a:7c:ba:24:47:a7:e7:e0:b4:
64:e0:b9:7d:ce:c7:77:ac:5f:31:22:40:2a:67:be:50:42:11:
71:33:63:04:37:e8:75:46:fa:5b:79:74:d3:06:d2:ac:47:3a:
10:5c:d4:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeS46vl6/UHZTW91n8voNESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwNjIxMTQyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTgxMDEyMTJhYjAyYzFiYmQ3NjBhZDYxOTVmYTEzOGJlNjcxN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+JovaJvoECdVHbzBqOKOpmJFaw4
eUhB0d35FcKwThPy7z8dF3ABDhjzzOLdNyq5RUPSc5b8sVUvjG10Ywq9SLj3G3aU
qaOXbls8QaQjEjL3pEIRwyAxAFL5EmhmD4EFtfo8j7m37CuijxbcV4Ns/eRuWyT/
WROwicVFat2dhiu+fe7Fls9HmGFzCk1EDFxd/C7rvCouPiwE/pHY8vcbFziW6E0d
3qex8cdamlg8/ljPW50Ty+I+P0hqOdp5xMb5D2bCFFdI7+rnahImNqi6bc6qYxG0
Usa4ioRKSdfDF/qc94A74MdjpkoMLiCaoWLZMA1kjtsA0wISMJodP7tBLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGBASEqsCwbvXYK1hlfoTi+ZxfwMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvMFlFQklTcXdMQnU5ZGdyV0dWLWhPTDVuRl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWN+oMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ85f/MZ+2qEgXyYeEq/PRmy8j97LSjCc4tlD6ruKD
OicElnwDJzGLaQ05GQnRJ1nR2H/PEbCrhb18W1jhsQPyGRdQxYgEDVO0DnubVSIv
+6hdrTJHJgK8RDItiG8fcShi9EbUl7y6S3ye0oOBBVJyFzpg4jHjCauSuwcP/AGo
c7kse75r1xkpCmxFvUFQ4L77/ve3+O53CKRca2wpul5ZWR6/J5IwWmWE+lQLA/LJ
q+XNpvdj0i2Mye6boX0Tc+fB7akXqhYWCdqItaXhpCgafLokR6fn4LRk4Ll9zsd3
rF8xIkAqZ75QQhFxM2MEN+h1RvpbeXTTBtKsRzoQXNSv
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:48:49 2025 by rpki-client