Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/fT19og9KGX6Coxz5ghTlQO_XQNs.roa
File: fT19og9KGX6Coxz5ghTlQO_XQNs.roa (raw, json)
Hash identifier: JDaGvignNuwpZH0s2nCqA5m2Vv99bh7P4aAWLvb0VB0=
Subject key identifier: 7D:3D:7D:A2:0F:4A:19:7E:82:A3:1C:F9:82:14:E5:40:EF:D7:40:DB
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01973A4D5C881EA60ED66A37E45BCC968AF9
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/fT19og9KGX6Coxz5ghTlQO_XQNs.roa
Signing time: Wed 04 Jun 2025 09:37:17 +0000
ROA not before: Wed 04 Jun 2025 09:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 170.62.96.0/22 maxlen: 24
170.62.101.0/24 maxlen: 24
170.62.105.0/24 maxlen: 24
170.62.109.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
213.254.172.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 12:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:4d:5c:88:1e:a6:0e:d6:6a:37:e4:5b:cc:96:8a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 4 09:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d3d7da20f4a197e82a31cf98214e540efd740db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4a:cd:59:e1:c8:b0:a3:0c:db:a0:7a:74:e3:
17:d3:c1:28:f9:7e:12:5c:cc:2e:75:c4:c3:c6:be:
b2:46:b9:a2:f8:97:68:a4:b0:14:75:91:b0:19:c5:
38:2c:99:7f:74:66:ad:9f:79:8b:10:a5:e9:2d:b3:
35:fe:d5:b9:f1:8f:6f:17:36:75:cb:9d:02:39:75:
b3:64:d3:d6:87:5e:b5:55:77:15:d3:38:21:6b:04:
fb:81:d5:ce:3b:67:d6:21:28:90:08:d1:31:39:8a:
3c:73:02:58:3b:f0:15:6f:2b:2c:5d:13:b8:e6:3d:
0d:03:c0:f5:2a:61:47:1e:01:96:e9:03:45:6b:a6:
32:fd:64:df:26:c4:ae:05:fa:5a:29:38:21:2d:25:
19:b5:5e:88:22:7c:c9:5f:28:19:4b:e8:38:98:36:
a7:a3:39:c4:f0:42:93:6e:8d:08:4b:12:c9:19:79:
ee:f0:1d:3a:56:31:3d:96:62:c9:b0:fb:56:ec:57:
52:05:d2:07:65:3f:9f:95:c9:9d:af:96:d1:4d:b2:
d6:3c:13:c5:23:25:2a:e0:ac:21:54:8a:02:42:30:
7c:be:86:5a:1f:8a:48:9c:66:a6:2b:c3:94:0d:94:
4d:f4:7c:81:4b:67:69:77:4b:b1:6a:7f:ec:8f:d0:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:3D:7D:A2:0F:4A:19:7E:82:A3:1C:F9:82:14:E5:40:EF:D7:40:DB
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/fT19og9KGX6Coxz5ghTlQO_XQNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
192.253.211.0/24
203.188.173.0-203.188.174.255
213.254.172.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:ab:53:82:b2:f9:df:c1:71:0f:cb:af:96:16:b8:f5:48:10:
64:b7:c5:ac:f4:db:a6:57:07:e0:ba:21:7f:da:ed:44:00:f0:
4f:79:cc:90:3d:db:e1:77:97:8b:ab:af:b4:3e:95:7d:45:5c:
d2:62:18:ed:75:a3:99:f2:c0:b1:d5:33:03:9a:b5:61:ad:37:
5a:41:78:34:92:30:f7:a5:e1:5d:bf:98:36:23:b4:78:41:3c:
25:eb:30:1f:41:34:f8:db:ff:2d:92:41:7e:9a:10:88:02:1e:
8a:0f:ef:38:0c:16:62:ce:ca:cb:e8:a8:38:61:a3:2f:b7:56:
4b:de:bc:39:0e:24:da:a0:59:c5:90:4f:31:40:83:07:f8:3b:
d7:15:6b:7a:e6:fa:0c:59:02:a8:ce:ab:77:8e:e7:4d:05:f4:
a9:88:33:4e:b8:89:f0:0b:ad:e2:8b:43:68:22:5f:a6:33:6f:
b8:2d:c5:c6:59:ed:51:f0:ee:3b:45:f0:2a:5e:17:af:a0:6e:
fd:de:a2:19:b1:cb:6d:2f:5e:83:ee:96:db:91:b6:c8:bb:a7:
14:a0:26:c7:b2:7d:fa:41:f3:aa:13:b2:3c:62:42:a3:c7:5d:
91:2c:ed:c9:d6:f0:d1:02:26:58:4a:d5:1d:2b:cb:34:7b:4f:
70:85:ab:81
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZc6TVyIHqYO1mo35FvMlor5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA0MDkzNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDNkN2RhMjBmNGExOTdlODJhMzFjZjk4MjE0ZTU0MGVmZDc0MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0rNWeHIsKMM26B6dOMX08Eo+X4S
XMwudcTDxr6yRrmi+JdopLAUdZGwGcU4LJl/dGatn3mLEKXpLbM1/tW58Y9vFzZ1
y50COXWzZNPWh161VXcV0zghawT7gdXOO2fWISiQCNExOYo8cwJYO/AVbyssXRO4
5j0NA8D1KmFHHgGW6QNFa6Yy/WTfJsSuBfpaKTghLSUZtV6IInzJXygZS+g4mDan
oznE8EKTbo0ISxLJGXnu8B06VjE9lmLJsPtW7FdSBdIHZT+flcmdr5bRTbLWPBPF
IyUq4KwhVIoCQjB8voZaH4pInGamK8OUDZRN9HyBS2dpd0uxan/sj9A2rwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFH09faIPShl+gqMc+YIU5UDv10DbMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZlQxOW9nOUtHWDZDb3h6NWdoVGxRT19YUU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCqj5gAwQA
qj5lAwQAqj5pAwQAqj5tAwQAwP3TMAwDBADLvK0DBADLvK4DBAHV/qwwDQYJKoZI
hvcNAQELBQADggEBAAqrU4Ky+d/BcQ/Lr5YWuPVIEGS3xaz026ZXB+C6IX/a7UQA
8E95zJA92+F3l4urr7Q+lX1FXNJiGO11o5nywLHVMwOatWGtN1pBeDSSMPel4V2/
mDYjtHhBPCXrMB9BNPjb/y2SQX6aEIgCHooP7zgMFmLOysvoqDhhoy+3VkvevDkO
JNqgWcWQTzFAgwf4O9cVa3rm+gxZAqjOq3eO500F9KmIM064ifALreKLQ2giX6Yz
b7gtxcZZ7VHw7jtF8CpeF6+gbv3eohmxy20vXoPultuRtsi7pxSgJseyffpB86oT
sjxiQqPHXZEs7cnW8NECJlhK1R0ryzR7T3CFq4E=
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:49:20 2025 by rpki-client