Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/dtitKLynK6lCLCRkmp1t_tWAksI.roa
File: dtitKLynK6lCLCRkmp1t_tWAksI.roa (raw, json)
Hash identifier: 67XrBoPacmbILez65XNAMw9icv5bI3PhtOHlnL9BsPY=
Subject key identifier: 76:D8:AD:28:BC:A7:2B:A9:42:2C:24:64:9A:9D:6D:FE:D5:80:92:C2
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019739F1CE3AB4CFDAEB9541C02882592E1E
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/dtitKLynK6lCLCRkmp1t_tWAksI.roa
Signing time: Wed 04 Jun 2025 07:57:17 +0000
ROA not before: Wed 04 Jun 2025 07:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 144.56.35.0/24 maxlen: 24
144.56.37.0/24 maxlen: 24
144.56.39.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
144.56.50.0/24 maxlen: 24
144.56.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 05:18:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:f1:ce:3a:b4:cf:da:eb:95:41:c0:28:82:59:2e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 4 07:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76d8ad28bca72ba9422c24649a9d6dfed58092c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:26:3b:f7:55:37:26:e5:28:7a:65:11:8f:c0:
85:2a:64:ee:e9:34:0d:62:19:bd:11:4d:4b:38:12:
5f:62:ba:48:75:36:ae:fb:34:6d:55:75:f6:cc:cf:
c8:ef:fe:37:fb:b5:ef:c2:5c:61:51:30:26:87:cd:
b7:d2:fb:64:d8:96:55:85:39:22:53:07:47:3d:33:
bd:c8:78:f5:c6:86:d8:56:f2:1b:2c:f6:2a:71:85:
25:92:f4:05:13:a1:4f:f9:61:09:76:ae:3b:4f:c1:
fe:b0:ef:89:1f:44:9a:03:f3:27:2d:2e:cb:64:2c:
65:ae:3b:09:b3:85:bf:7d:cd:d1:0b:dc:de:52:87:
11:95:7a:e1:0a:75:61:d8:24:39:6e:91:82:d7:5c:
1e:a4:68:7d:93:7a:4e:c1:2a:7d:9c:0b:03:da:f5:
2b:7d:2f:a9:7f:68:1b:8f:7d:f9:93:9c:91:99:9f:
05:81:c8:6a:ad:f0:c4:bd:a5:6a:79:4c:a6:95:29:
6f:fe:f4:a5:b6:96:1c:6f:6a:26:ed:12:c3:74:ea:
af:4d:3e:4c:a7:3d:6b:45:7e:df:17:62:6d:dd:e1:
72:6d:dc:c2:13:c6:21:72:8c:29:f3:b5:da:56:da:
8c:c6:4f:9c:42:2e:a6:2f:34:52:fe:49:e1:20:e1:
ff:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D8:AD:28:BC:A7:2B:A9:42:2C:24:64:9A:9D:6D:FE:D5:80:92:C2
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/dtitKLynK6lCLCRkmp1t_tWAksI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.35.0/24
144.56.37.0/24
144.56.39.0/24
144.56.41.0/24
144.56.50.0/23
Signature Algorithm: sha256WithRSAEncryption
58:7a:01:98:83:34:f7:36:45:c4:66:b5:7c:fc:62:04:f3:96:
a4:01:fa:09:fe:7b:99:e7:0b:51:99:37:0f:85:cb:81:b0:5d:
b7:98:4c:5a:fa:57:ad:79:9c:af:3c:32:95:f3:f1:ae:04:b9:
cc:0a:5b:60:a9:50:db:30:9f:7d:a5:cf:ee:23:e6:ca:e7:53:
e4:23:99:54:50:13:a0:06:02:45:a8:8e:a7:8b:ca:dd:ad:3a:
53:e4:15:6b:55:81:b6:73:64:23:ce:66:32:1c:67:62:36:a1:
e1:bc:5a:a6:06:19:b8:6b:27:7f:8d:cf:7e:58:9a:00:18:74:
ad:ed:52:13:5d:08:d0:fe:b3:03:29:c4:46:03:32:08:75:2e:
c2:1b:fd:e1:a8:7c:db:21:50:cb:c6:72:6f:68:a0:8f:fb:7d:
d9:7a:2c:3a:bb:d5:07:eb:99:7b:de:56:90:24:db:ca:c1:7d:
45:50:22:fc:cf:31:45:83:e9:52:01:7d:50:2e:80:36:d2:c5:
fd:59:ee:8e:a7:6f:50:38:4e:d8:e7:4a:f2:10:ee:25:1a:5c:
c3:08:fb:d4:3b:35:42:a3:0c:ec:22:ec:ad:9b:61:fd:27:cd:
48:cc:e7:8e:1c:9b:70:76:35:41:0c:73:84:f3:5e:88:9b:4d:
44:29:90:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZc58c46tM/a65VBwCiCWS4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjA0MDc1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ4YWQyOGJjYTcyYmE5NDIyYzI0NjQ5YTlkNmRmZWQ1ODA5MmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCY791U3JuUoemURj8CFKmTu6TQN
Yhm9EU1LOBJfYrpIdTau+zRtVXX2zM/I7/43+7XvwlxhUTAmh8230vtk2JZVhTki
UwdHPTO9yHj1xobYVvIbLPYqcYUlkvQFE6FP+WEJdq47T8H+sO+JH0SaA/MnLS7L
ZCxlrjsJs4W/fc3RC9zeUocRlXrhCnVh2CQ5bpGC11wepGh9k3pOwSp9nAsD2vUr
fS+pf2gbj335k5yRmZ8FgchqrfDEvaVqeUymlSlv/vSltpYcb2om7RLDdOqvTT5M
pz1rRX7fF2Jt3eFybdzCE8Yhcowp87XaVtqMxk+cQi6mLzRS/knhIOH/YQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHbYrSi8pyupQiwkZJqdbf7VgJLCMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvZHRpdEtMeW5LNmxDTENSa21wMXRfdFdBa3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkDgjAwQA
kDglAwQAkDgnAwQAkDgpAwQBkDgyMA0GCSqGSIb3DQEBCwUAA4IBAQBYegGYgzT3
NkXEZrV8/GIE85akAfoJ/nuZ5wtRmTcPhcuBsF23mExa+leteZyvPDKV8/GuBLnM
CltgqVDbMJ99pc/uI+bK51PkI5lUUBOgBgJFqI6ni8rdrTpT5BVrVYG2c2QjzmYy
HGdiNqHhvFqmBhm4ayd/jc9+WJoAGHSt7VITXQjQ/rMDKcRGAzIIdS7CG/3hqHzb
IVDLxnJvaKCP+33Zeiw6u9UH65l73laQJNvKwX1FUCL8zzFFg+lSAX1QLoA20sX9
We6Op29QOE7Y50ryEO4lGlzDCPvUOzVCowzsIuytm2H9J81IzOeOHJtwdjVBDHOE
816Im01EKZDl
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:51:36 2025 by rpki-client