Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xJMth6D-G2nzmRV3_ikix_X0c_8.roa
File: xJMth6D-G2nzmRV3_ikix_X0c_8.roa (raw, json)
Hash identifier: /cpy384GY3uHvzs9J2A0vZ5lVhaQPBqErenkfWg1xYY=
Subject key identifier: C4:93:2D:87:A0:FE:1B:69:F3:99:15:77:FE:29:22:C7:F5:F4:73:FF
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01973A166E7692435EEA51450FEA32577298
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xJMth6D-G2nzmRV3_ikix_X0c_8.roa
Signing time: Wed 04 Jun 2025 08:37:17 +0000
ROA not before: Wed 04 Jun 2025 08:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 170.62.96.0/22 maxlen: 24
170.62.101.0/24 maxlen: 24
170.62.105.0/24 maxlen: 24
170.62.109.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:16:6e:76:92:43:5e:ea:51:45:0f:ea:32:57:72:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 4 08:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4932d87a0fe1b69f3991577fe2922c7f5f473ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:52:90:a3:bb:fc:ff:4a:a1:2a:84:51:91:
43:66:72:63:28:92:16:16:c2:5c:a4:27:3b:46:53:
f0:eb:8e:2b:4d:55:d0:08:4d:bc:52:a0:a3:71:55:
30:ad:92:08:92:af:af:0d:47:0e:fb:3e:99:77:aa:
35:8b:b0:b5:9a:d5:db:68:70:37:94:71:33:b4:64:
1e:53:64:4f:d5:63:83:1d:a7:5f:3d:8a:2d:fe:0a:
e8:bf:8b:0d:9b:a6:e4:05:4a:2e:d3:37:62:14:c0:
71:12:fb:8b:c2:9f:8e:2f:6d:98:6b:fc:3d:28:90:
43:77:48:e0:c7:93:b6:45:bc:fb:7d:13:63:1d:fe:
31:cf:e3:88:87:ae:c6:aa:e5:06:57:1d:f5:8c:6d:
b9:40:43:de:39:15:f4:cc:ec:9c:7a:fc:d7:98:b0:
f9:ca:b8:a8:20:08:7b:30:0a:be:da:27:2a:60:75:
40:9f:14:00:87:84:68:27:30:1f:74:70:18:11:b6:
05:aa:55:b7:8d:ea:01:87:8a:fc:57:4c:e7:12:d1:
a0:71:68:5a:0d:01:67:17:72:25:f7:30:01:f0:0c:
b7:21:72:14:77:32:ac:e0:8c:65:6b:ba:81:9f:e6:
d0:1c:a8:37:6a:b1:2b:52:7c:3a:a6:3d:ff:80:5a:
a5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:93:2D:87:A0:FE:1B:69:F3:99:15:77:FE:29:22:C7:F5:F4:73:FF
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xJMth6D-G2nzmRV3_ikix_X0c_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
192.253.211.0/24
203.188.173.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c1:29:3a:88:23:98:e8:fb:26:6e:70:83:6e:8b:6f:be:52:
0d:1f:4d:a7:c6:a6:b8:b7:3f:f2:5d:51:95:c0:b9:db:77:66:
e0:ee:39:a8:4a:46:89:1f:82:03:16:e7:62:c9:c0:df:d7:30:
ba:b1:e6:13:c3:e9:6f:31:62:28:f6:c1:29:89:c8:87:6c:91:
3d:71:b5:b9:ae:84:a2:70:b1:15:0b:26:db:b0:25:4f:1d:c7:
a4:dd:54:cb:b8:94:0e:ff:b9:f6:25:7a:b2:d7:6a:71:68:0f:
e9:57:95:c2:14:d8:31:72:dc:71:53:c5:b3:1e:ba:8f:c6:5b:
86:8d:49:fc:c0:e9:9b:91:f8:03:51:02:e3:98:37:b0:b1:92:
d2:6e:19:2b:b7:cd:7f:4e:4c:1f:50:1e:02:01:c2:c9:37:e1:
21:16:6f:29:d8:b2:25:40:8b:04:a0:b0:ee:67:04:0d:84:48:
c2:22:71:53:8e:15:cc:04:13:c3:5b:9d:61:d8:7b:b1:e4:e0:
54:ae:79:a4:4a:b6:4f:ad:c5:ae:62:02:3e:e9:18:16:31:90:
52:fc:a2:17:5b:c1:16:bb:07:b7:36:e7:54:aa:47:9e:c0:3b:
8d:ec:cb:81:40:96:ee:e2:dc:b9:9e:d1:0a:dd:fc:37:85:78:
84:7f:c9:3b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZc6Fm52kkNe6lFFD+oyV3KYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA0MDgzNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDkzMmQ4N2EwZmUxYjY5ZjM5OTE1NzdmZTI5MjJjN2Y1ZjQ3M2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI5SkKO7/P9KoSqEUZFDZnJjKJIW
FsJcpCc7RlPw644rTVXQCE28UqCjcVUwrZIIkq+vDUcO+z6Zd6o1i7C1mtXbaHA3
lHEztGQeU2RP1WODHadfPYot/grov4sNm6bkBUou0zdiFMBxEvuLwp+OL22Ya/w9
KJBDd0jgx5O2Rbz7fRNjHf4xz+OIh67GquUGVx31jG25QEPeORX0zOycevzXmLD5
yrioIAh7MAq+2icqYHVAnxQAh4RoJzAfdHAYEbYFqlW3jeoBh4r8V0znEtGgcWha
DQFnF3Il9zAB8Ay3IXIUdzKs4Ixla7qBn+bQHKg3arErUnw6pj3/gFqlcwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMSTLYeg/htp85kVd/4pIsf19HP/MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveEpNdGg2RC1HMm56bVJWM19pa2l4X1gwY184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCqj5gAwQA
qj5lAwQAqj5pAwQAqj5tAwQAwP3TAwQAy7ytMA0GCSqGSIb3DQEBCwUAA4IBAQBl
wSk6iCOY6PsmbnCDbotvvlINH02nxqa4tz/yXVGVwLnbd2bg7jmoSkaJH4IDFudi
ycDf1zC6seYTw+lvMWIo9sEpiciHbJE9cbW5roSicLEVCybbsCVPHcek3VTLuJQO
/7n2JXqy12pxaA/pV5XCFNgxctxxU8WzHrqPxluGjUn8wOmbkfgDUQLjmDewsZLS
bhkrt81/TkwfUB4CAcLJN+EhFm8p2LIlQIsEoLDuZwQNhEjCInFTjhXMBBPDW51h
2Hux5OBUrnmkSrZPrcWuYgI+6RgWMZBS/KIXW8EWuwe3NudUqkeewDuN7MuBQJbu
4ty5ntEK3fw3hXiEf8k7
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:32:33 2025 by rpki-client