Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/yA6nGDLd6PEifa-erhR9XgKHa3g.roa
File: yA6nGDLd6PEifa-erhR9XgKHa3g.roa (raw, json)
Hash identifier: kIYt2GM0KR+E6WRXBOl61UQq9NF0wX51EeXgiJkrp6U=
Subject key identifier: C8:0E:A7:18:32:DD:E8:F1:22:7D:AF:9E:AE:14:7D:5E:02:87:6B:78
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01954BCE1DE6B675E28D5779E59C269BB9E6
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/yA6nGDLd6PEifa-erhR9XgKHa3g.roa
Signing time: Fri 28 Feb 2025 09:05:54 +0000
ROA not before: Fri 28 Feb 2025 09:05:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 170.62.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 13:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:ce:1d:e6:b6:75:e2:8d:57:79:e5:9c:26:9b:b9:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 28 09:05:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c80ea71832dde8f1227daf9eae147d5e02876b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:39:2b:0e:f6:c1:ea:74:b2:1b:4b:d0:75:28:
fa:f7:9e:85:01:c2:4a:39:d6:8c:c3:6d:34:8b:46:
c1:48:c7:f6:d3:60:b9:06:bf:cd:f4:e5:b5:18:24:
e9:59:f5:56:af:05:fc:f7:a7:bf:03:c7:cf:04:eb:
0d:b0:54:3f:5b:cf:89:56:8d:db:f0:06:43:bd:4d:
c2:04:c0:d7:af:71:6b:92:3a:44:90:be:c0:03:df:
38:92:9a:bf:82:d9:3a:20:76:eb:22:f3:6b:c3:bc:
a2:6c:64:c7:b8:cc:33:e0:c9:08:c7:ee:2b:ca:fc:
cf:96:a4:1a:50:77:ce:77:39:d4:0e:08:ce:75:50:
3b:cf:8f:72:23:4b:2b:50:fd:54:28:9a:17:4e:df:
cd:be:1e:cd:77:ee:d2:df:b4:27:29:f0:bf:21:7c:
f3:c8:77:81:54:15:4a:ef:a3:88:ae:a0:3b:02:a0:
b1:b4:08:c8:42:be:5e:f7:fa:48:bb:3e:1c:60:df:
95:e8:30:d4:80:2d:b8:86:fc:32:3d:ab:b8:6a:d4:
71:54:99:8a:64:58:4d:e4:16:28:a6:d8:a3:a8:a1:
ef:41:6e:1f:cb:7e:a1:19:15:ea:c6:24:8d:e7:5c:
27:ad:15:76:22:6a:83:3a:f4:1c:97:6f:3c:f3:e6:
28:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:0E:A7:18:32:DD:E8:F1:22:7D:AF:9E:AE:14:7D:5E:02:87:6B:78
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/yA6nGDLd6PEifa-erhR9XgKHa3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.161.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d9:4a:1f:93:4f:2a:0f:8f:a4:8c:18:28:c3:35:cf:21:35:
14:1a:42:90:cb:5a:88:a2:dc:71:71:8a:6f:6c:24:aa:c3:f7:
30:c8:f2:1b:13:aa:42:6a:bd:52:2d:cf:57:69:52:c9:86:65:
28:62:38:ba:ca:da:bf:27:0d:87:25:44:9b:76:95:2e:b4:83:
5d:a7:29:67:63:2f:78:a4:a2:d4:0c:69:6e:a2:7d:81:71:fa:
5b:28:a9:25:9e:d6:a3:7b:aa:e2:e8:60:cf:d9:8e:b4:c8:4a:
b4:a8:b4:18:e8:91:ec:1d:80:e7:94:c5:e0:a9:59:78:3c:27:
c3:4a:42:bc:13:9d:24:c8:4e:fe:da:ac:b3:c4:79:79:1b:43:
91:db:0f:20:9e:a5:89:d8:79:de:95:3e:95:4c:db:69:f2:c0:
0f:c5:8b:7f:73:48:ed:d9:b0:9b:f5:90:d8:8e:4e:5e:48:32:
42:8c:08:eb:ac:82:d1:70:8c:7c:2f:cd:34:52:e1:e6:15:7d:
9f:8b:de:9e:f8:ac:fe:19:32:b6:63:18:0d:23:2d:74:23:c0:
0e:d9:f6:32:54:22:4f:96:05:8b:17:75:c8:73:9e:09:7c:d5:
96:74:69:12:96:05:ad:8d:d9:38:8d:f6:8c:32:59:56:40:74:
db:40:23:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVLzh3mtnXijVd55Zwmm7nmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI4MDkwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODBlYTcxODMyZGRlOGYxMjI3ZGFmOWVhZTE0N2Q1ZTAyODc2Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzkrDvbB6nSyG0vQdSj6956FAcJK
OdaMw200i0bBSMf202C5Br/N9OW1GCTpWfVWrwX896e/A8fPBOsNsFQ/W8+JVo3b
8AZDvU3CBMDXr3FrkjpEkL7AA984kpq/gtk6IHbrIvNrw7yibGTHuMwz4MkIx+4r
yvzPlqQaUHfOdznUDgjOdVA7z49yI0srUP1UKJoXTt/Nvh7Nd+7S37QnKfC/IXzz
yHeBVBVK76OIrqA7AqCxtAjIQr5e9/pIuz4cYN+V6DDUgC24hvwyPau4atRxVJmK
ZFhN5BYoptijqKHvQW4fy36hGRXqxiSN51wnrRV2ImqDOvQcl2888+YotwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgOpxgy3ejxIn2vnq4UfV4Ch2t4MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveUE2bkdETGQ2UEVpZmEtZXJoUjlYZ0tIYTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj6hMA0G
CSqGSIb3DQEBCwUAA4IBAQBT2Uofk08qD4+kjBgowzXPITUUGkKQy1qIotxxcYpv
bCSqw/cwyPIbE6pCar1SLc9XaVLJhmUoYji6ytq/Jw2HJUSbdpUutINdpylnYy94
pKLUDGluon2BcfpbKKklntaje6ri6GDP2Y60yEq0qLQY6JHsHYDnlMXgqVl4PCfD
SkK8E50kyE7+2qyzxHl5G0OR2w8gnqWJ2HnelT6VTNtp8sAPxYt/c0jt2bCb9ZDY
jk5eSDJCjAjrrILRcIx8L800UuHmFX2fi96e+Kz+GTK2YxgNIy10I8AO2fYyVCJP
lgWLF3XIc54JfNWWdGkSlgWtjdk4jfaMMllWQHTbQCNW
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:08:29 2025 by rpki-client