Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/YGz0l0KanpkRADt0svSILZ8knXY.roa
File: YGz0l0KanpkRADt0svSILZ8knXY.roa (raw, json)
Hash identifier: +muyUo3AjLjDH5hGjVjHwV+HIIzhGjtcGzjPopZPp5s=
Subject key identifier: 60:6C:F4:97:42:9A:9E:99:11:00:3B:74:B2:F4:88:2D:9F:24:9D:76
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019427484C4E8F6E4D690AEF8C345A47E029
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/YGz0l0KanpkRADt0svSILZ8knXY.roa
Signing time: Thu 02 Jan 2025 13:50:37 +0000
ROA not before: Thu 02 Jan 2025 13:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209618
IP address blocks: 201.77.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 12:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4c:4e:8f:6e:4d:69:0a:ef:8c:34:5a:47:e0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=606cf497429a9e9911003b74b2f4882d9f249d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dc:ab:b4:b7:00:c5:5b:cc:a6:b4:a7:21:2e:
20:b1:0f:50:11:aa:90:a4:59:f3:71:7c:2b:85:3a:
e7:d3:f3:6b:d9:d2:39:f0:da:89:6b:a3:4f:8d:57:
0c:35:a2:26:2f:4d:b6:e6:71:12:85:f1:b9:ae:b7:
d3:42:2e:6e:00:19:61:17:3c:58:7c:4c:86:3e:7c:
34:f6:35:60:bb:b1:db:22:d5:8c:93:5c:59:a3:3b:
b0:46:44:52:09:10:17:5f:8d:f4:58:8d:a8:5e:9f:
8d:29:af:89:49:b9:34:36:d9:1f:83:70:e6:fb:83:
fb:39:cc:99:78:f2:a9:72:59:84:4c:53:2d:da:9f:
22:d7:bd:9a:3e:38:cf:2d:21:5f:f5:7d:42:fd:1e:
a2:03:d6:2e:32:c1:19:d6:c9:9b:03:36:57:89:06:
c2:35:42:b7:06:bd:be:94:82:75:1f:27:d0:c8:cb:
72:34:c2:71:bc:97:c0:39:e4:39:64:48:cc:73:34:
5a:87:ea:cd:1c:a4:5d:22:0e:4a:7f:41:ac:70:94:
1a:53:4a:4d:ae:a6:bf:28:bf:1b:41:8b:cc:cf:6c:
33:65:92:08:5b:a4:ef:ba:da:e9:9b:74:6a:79:d0:
ae:46:ef:b5:2d:1d:4e:12:bc:56:5e:f7:63:f1:f9:
f4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6C:F4:97:42:9A:9E:99:11:00:3B:74:B2:F4:88:2D:9F:24:9D:76
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/YGz0l0KanpkRADt0svSILZ8knXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.77.61.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:96:ea:24:be:6f:ca:2a:04:77:2d:dc:36:5e:c8:a6:3a:98:
ad:e6:a5:74:21:50:d0:5b:1f:92:02:39:cc:4a:b5:d0:30:59:
48:e6:14:b1:d2:a0:98:ec:94:43:d7:ac:f4:ae:66:d3:8e:4b:
24:ba:73:76:80:2b:d7:4f:85:1a:c6:ba:31:d1:fd:c9:f7:c0:
b0:ae:fe:f3:f8:b8:0e:f3:59:ef:cc:16:78:86:2c:ed:47:6d:
c4:9b:bb:65:d5:d5:5b:39:c4:74:da:69:d1:9d:24:81:52:f2:
d5:ff:e9:4e:ae:4a:9b:78:c8:06:83:ca:63:e0:8c:71:f9:13:
a1:86:24:3a:b9:d0:0d:dd:a7:aa:d4:56:35:d0:7b:0b:2d:13:
0c:cb:8d:3d:0b:5d:c1:43:05:e8:37:3f:07:6f:c1:21:7f:55:
25:a6:2d:c2:05:d7:da:b8:32:db:b1:60:38:4a:64:c4:cb:4e:
98:27:e1:51:3b:76:5d:72:1e:06:83:8f:22:6a:c3:02:79:da:
a0:c5:66:7f:cd:a7:5e:aa:08:b6:de:c3:31:17:97:90:6e:fd:
5b:98:38:81:ff:fc:6d:d4:7f:dc:34:9f:ad:ab:03:e9:59:fc:
1e:ab:73:34:6d:c2:be:35:0f:7f:ee:e2:dc:ec:d1:4e:b4:e0:
67:02:03:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSExOj25NaQrvjDRaR+ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZjZjQ5NzQyOWE5ZTk5MTEwMDNiNzRiMmY0ODgyZDlmMjQ5ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtyrtLcAxVvMprSnIS4gsQ9QEaqQ
pFnzcXwrhTrn0/Nr2dI58NqJa6NPjVcMNaImL0225nEShfG5rrfTQi5uABlhFzxY
fEyGPnw09jVgu7HbItWMk1xZozuwRkRSCRAXX430WI2oXp+NKa+JSbk0Ntkfg3Dm
+4P7OcyZePKpclmETFMt2p8i172aPjjPLSFf9X1C/R6iA9YuMsEZ1smbAzZXiQbC
NUK3Br2+lIJ1HyfQyMtyNMJxvJfAOeQ5ZEjMczRah+rNHKRdIg5Kf0GscJQaU0pN
rqa/KL8bQYvMz2wzZZIIW6Tvutrpm3RqedCuRu+1LR1OErxWXvdj8fn0MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBs9JdCmp6ZEQA7dLL0iC2fJJ12MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvWUd6MGwwS2FucGtSQUR0MHN2U0lMWjhrblhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyU09MA0G
CSqGSIb3DQEBCwUAA4IBAQCeluokvm/KKgR3Ldw2XsimOpit5qV0IVDQWx+SAjnM
SrXQMFlI5hSx0qCY7JRD16z0rmbTjkskunN2gCvXT4Uaxrox0f3J98Cwrv7z+LgO
81nvzBZ4hiztR23Em7tl1dVbOcR02mnRnSSBUvLV/+lOrkqbeMgGg8pj4Ixx+ROh
hiQ6udAN3aeq1FY10HsLLRMMy409C13BQwXoNz8Hb8Ehf1Ulpi3CBdfauDLbsWA4
SmTEy06YJ+FRO3Zdch4Gg48iasMCedqgxWZ/zadeqgi23sMxF5eQbv1bmDiB//xt
1H/cNJ+tqwPpWfweq3M0bcK+NQ9/7uLc7NFOtOBnAgOB
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:09 2025 by rpki-client