Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtgNVtAg6y64YzLGpQKV8jX0JU8.roa
File: HtgNVtAg6y64YzLGpQKV8jX0JU8.roa (raw, json)
Hash identifier: YPE1yJ6rrYvTSjrYoEhkC3DKYA3d9Deq/iB6JDSjtYc=
Subject key identifier: 1E:D8:0D:56:D0:20:EB:2E:B8:63:32:C6:A5:02:95:F2:35:F4:25:4F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01969A47128AC8BE297DF96AC0956BB4C046
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtgNVtAg6y64YzLGpQKV8jX0JU8.roa
Signing time: Sun 04 May 2025 07:51:11 +0000
ROA not before: Sun 04 May 2025 07:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398704
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.36.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 08:58:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:47:12:8a:c8:be:29:7d:f9:6a:c0:95:6b:b4:c0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 4 07:51:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ed80d56d020eb2eb86332c6a50295f235f4254f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:36:e8:e7:c1:16:0d:a1:8f:de:56:07:97:
dc:99:4f:ee:8d:24:d6:4d:4d:da:3c:c6:49:05:59:
6c:0f:4c:aa:b0:ba:b1:86:92:97:23:08:48:52:ad:
0d:9a:21:79:8c:1a:94:fb:c1:6a:11:dc:a8:35:45:
e2:9c:f3:80:db:d6:a1:35:5c:e3:77:01:0a:d5:8d:
5a:48:43:97:b8:c2:78:78:df:aa:98:e9:2a:8e:40:
5d:6e:56:17:d1:80:7a:30:79:07:80:4c:c6:c7:e1:
23:f9:b4:81:70:53:d8:7d:bf:45:95:bb:b1:3b:1f:
43:b7:d2:01:30:cf:d5:fb:d5:96:f1:d2:db:a0:78:
ba:d5:8c:1c:55:6f:06:df:fa:32:54:07:c9:27:73:
e4:7c:b1:35:32:67:cd:12:ba:f8:fe:80:56:55:85:
24:89:55:96:9a:a3:f4:7a:da:3e:87:96:04:72:ed:
2c:4a:7f:91:38:21:e1:ef:9c:eb:6e:cb:ae:b6:8e:
95:20:59:5d:e8:57:fe:12:5f:e8:5d:d1:a7:77:dc:
97:4e:82:04:50:b2:b0:32:c1:84:9e:41:ed:a2:66:
86:a6:8e:f7:f6:25:e7:63:9a:21:e7:42:fb:0a:87:
da:47:bd:d1:5b:05:77:2d:b0:f7:50:af:66:6f:6a:
ff:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D8:0D:56:D0:20:EB:2E:B8:63:32:C6:A5:02:95:F2:35:F4:25:4F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtgNVtAg6y64YzLGpQKV8jX0JU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.36.0/22
217.60.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:a4:30:1e:86:b5:d4:65:e6:cd:15:da:c2:0c:41:7a:c1:21:
57:9e:e3:f4:ad:d2:13:5e:c5:80:0f:92:7d:91:01:b2:02:98:
53:74:17:47:0a:38:3c:4f:64:25:54:d0:16:91:b1:28:b7:31:
91:06:f3:84:2c:c4:75:1f:9e:b4:74:38:0d:04:b9:35:f3:f5:
83:57:be:74:f3:b3:6c:c3:b1:02:db:1d:3c:32:fb:e7:47:9f:
87:cb:d0:4d:39:4a:3a:06:c2:dd:98:af:e8:34:b4:d9:8f:8b:
f1:73:a6:6c:0a:3b:6a:45:27:f5:30:d3:a4:70:c3:d0:64:12:
b3:44:74:5f:8a:2d:cb:9f:18:e9:f2:38:ee:9c:d3:f7:80:15:
e3:0b:3d:5a:dc:32:7d:0c:21:13:67:b9:4b:da:f8:c4:f8:74:
ef:ee:d0:75:d3:03:d2:85:00:e4:58:04:96:8c:7d:71:db:ed:
01:6e:f5:f7:e4:eb:a4:da:6d:a3:0c:ee:72:c6:e7:8d:c0:5c:
83:e2:a8:2a:ef:eb:d3:fb:03:f0:02:06:e9:af:4f:33:2e:e1:
d4:f5:ee:07:32:1d:dd:9e:9a:aa:b0:65:f4:ca:1c:c1:45:30:
c0:4d:66:ca:ba:7e:7e:f1:d8:da:a2:c8:81:24:76:bb:7d:7f:
20:9d:a7:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaaRxKKyL4pfflqwJVrtMBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA0MDc1MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ4MGQ1NmQwMjBlYjJlYjg2MzMyYzZhNTAyOTVmMjM1ZjQyNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmw26OfBFg2hj95WB5fcmU/ujSTW
TU3aPMZJBVlsD0yqsLqxhpKXIwhIUq0NmiF5jBqU+8FqEdyoNUXinPOA29ahNVzj
dwEK1Y1aSEOXuMJ4eN+qmOkqjkBdblYX0YB6MHkHgEzGx+Ej+bSBcFPYfb9Flbux
Ox9Dt9IBMM/V+9WW8dLboHi61YwcVW8G3/oyVAfJJ3PkfLE1MmfNErr4/oBWVYUk
iVWWmqP0eto+h5YEcu0sSn+ROCHh75zrbsuuto6VIFld6Ff+El/oXdGnd9yXToIE
ULKwMsGEnkHtomaGpo739iXnY5oh50L7CofaR73RWwV3LbD3UK9mb2r/xQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB7YDVbQIOsuuGMyxqUClfI19CVPMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSHRnTlZ0QWc2eTY0WXpMR3BRS1Y4algwSlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQD2TwAAwQC
2TwMAwQC2TwYAwQC2TwkAwQC2Tw8MA0GCSqGSIb3DQEBCwUAA4IBAQBvpDAehrXU
ZebNFdrCDEF6wSFXnuP0rdITXsWAD5J9kQGyAphTdBdHCjg8T2QlVNAWkbEotzGR
BvOELMR1H560dDgNBLk18/WDV75087Nsw7EC2x08MvvnR5+Hy9BNOUo6BsLdmK/o
NLTZj4vxc6ZsCjtqRSf1MNOkcMPQZBKzRHRfii3Lnxjp8jjunNP3gBXjCz1a3DJ9
DCETZ7lL2vjE+HTv7tB10wPShQDkWASWjH1x2+0BbvX35Ouk2m2jDO5yxueNwFyD
4qgq7+vT+wPwAgbpr08zLuHU9e4HMh3dnpqqsGX0yhzBRTDATWbKun5+8djaosiB
JHa7fX8gnad8
-----END CERTIFICATE-----
Generated at Thu Jun 5 04:19:56 2025 by rpki-client