Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Y0RI77vb1zgkLwfOsPvUUiMjwzs.roa
File: Y0RI77vb1zgkLwfOsPvUUiMjwzs.roa (raw, json)
Hash identifier: jHOWmXRg0Lv8HcV+9/cRNBDo3TV7xsUczXc2+F3da3E=
Subject key identifier: 63:44:48:EF:BB:DB:D7:38:24:2F:07:CE:B0:FB:D4:52:23:23:C3:3B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194A2897C32E407A377B2786610FD1F6C4E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Y0RI77vb1zgkLwfOsPvUUiMjwzs.roa
Signing time: Sun 26 Jan 2025 12:15:06 +0000
ROA not before: Sun 26 Jan 2025 12:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 217.60.0.0/18 maxlen: 24
217.60.245.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Feb 2025 11:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a2:89:7c:32:e4:07:a3:77:b2:78:66:10:fd:1f:6c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 26 12:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=634448efbbdbd738242f07ceb0fbd4522323c33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:55:81:1a:5e:53:67:f5:c4:2a:8e:45:28:51:
51:d5:5e:3f:ce:14:68:57:85:1e:ef:1b:b7:4d:02:
2d:df:34:6b:4b:fa:29:ac:0d:55:97:66:05:0a:1b:
72:78:f0:7b:2c:44:df:e8:ee:79:d1:ff:a6:1c:b7:
03:4e:24:b3:6a:d5:9f:af:92:4b:c2:ab:5b:c0:b9:
53:a9:96:4b:5a:4f:d5:16:54:d4:24:a6:5d:ef:01:
4e:cb:4b:a9:f1:57:42:e4:dc:0f:0d:60:67:68:5b:
1f:19:cf:ce:99:e5:17:9f:7d:67:e2:dc:d0:e0:ed:
c0:ae:9f:49:5b:43:10:ec:be:6d:ec:b5:65:31:f9:
a6:aa:dd:0a:be:ce:92:47:69:12:69:b2:25:89:45:
4b:3e:d8:c0:10:3b:84:34:37:71:b1:21:70:99:d3:
97:43:33:1c:45:ca:97:42:57:b7:0a:bf:aa:2c:16:
81:f4:30:55:0e:c1:73:ae:01:34:dd:bd:ad:ca:2b:
ff:59:e4:94:68:d1:2b:34:55:d9:3e:81:85:03:25:
cd:fd:31:34:38:2e:cd:ac:89:4c:24:6e:16:c8:25:
28:dd:57:54:83:dc:bb:72:60:ee:7b:cf:5b:c3:c8:
36:9b:61:7e:36:69:6f:c0:97:2f:4b:63:71:3c:4a:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:44:48:EF:BB:DB:D7:38:24:2F:07:CE:B0:FB:D4:52:23:23:C3:3B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Y0RI77vb1zgkLwfOsPvUUiMjwzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/18
217.60.245.0/24
217.60.248.0/24
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
1f:8c:c9:0a:fd:5e:10:85:ff:f8:f0:f6:f8:82:2d:a3:73:0e:
2e:f8:02:97:73:4c:05:4e:d7:1b:46:7a:46:c5:80:5c:a9:f1:
dd:9c:92:35:3f:6d:41:99:0d:5a:67:41:52:24:68:e0:67:eb:
9c:9b:e2:0f:33:7b:97:f8:15:f3:9d:c0:29:a5:bf:2e:96:31:
e8:2b:99:26:33:89:04:28:b1:1b:09:c1:e9:36:e5:87:62:28:
72:fd:2b:8e:d3:e1:16:5e:81:c3:98:fa:9d:20:14:99:1d:f3:
2b:bb:9a:19:78:f8:69:e5:b0:de:ac:66:9d:a8:14:d9:0f:aa:
89:cd:ea:1f:4e:d1:31:6c:04:64:52:9e:53:c8:51:6c:8b:03:
d1:a5:f4:37:ec:82:a2:5f:4a:99:e8:f1:48:6d:0e:88:67:99:
b2:d1:e7:fb:78:27:ec:2b:3a:68:54:2c:a0:1d:5e:48:14:ef:
c1:35:6c:14:82:58:f6:a5:91:1a:d8:a7:7e:0b:37:3a:2a:bd:
78:2c:13:2f:64:b6:57:87:d9:ad:fd:3f:48:ad:60:7f:17:df:
d5:d0:6d:ae:5e:9d:fb:10:87:00:d2:13:75:df:59:5e:4b:d8:
3a:1e:5d:4b:7b:8c:48:3f:2d:67:b4:66:85:22:af:b0:73:c5:
b4:93:0e:b5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSiiXwy5Aejd7J4ZhD9H2xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTI2MTIxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ0NDhlZmJiZGJkNzM4MjQyZjA3Y2ViMGZiZDQ1MjIzMjNjMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1WBGl5TZ/XEKo5FKFFR1V4/zhRo
V4Ue7xu3TQIt3zRrS/oprA1Vl2YFChtyePB7LETf6O550f+mHLcDTiSzatWfr5JL
wqtbwLlTqZZLWk/VFlTUJKZd7wFOy0up8VdC5NwPDWBnaFsfGc/OmeUXn31n4tzQ
4O3Arp9JW0MQ7L5t7LVlMfmmqt0Kvs6SR2kSabIliUVLPtjAEDuENDdxsSFwmdOX
QzMcRcqXQle3Cr+qLBaB9DBVDsFzrgE03b2tyiv/WeSUaNErNFXZPoGFAyXN/TE0
OC7NrIlMJG4WyCUo3VdUg9y7cmDue89bw8g2m2F+NmlvwJcvS2NxPEq4owIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGNESO+729c4JC8HzrD71FIjI8M7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWTBSSTc3dmIxemdrTHdmT3NQdlVVaU1qd3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQG2TwAAwQA
2Tz1AwQA2Tz4MA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQAfjMkK
/V4Qhf/48Pb4gi2jcw4u+AKXc0wFTtcbRnpGxYBcqfHdnJI1P21BmQ1aZ0FSJGjg
Z+ucm+IPM3uX+BXzncAppb8uljHoK5kmM4kEKLEbCcHpNuWHYihy/SuO0+EWXoHD
mPqdIBSZHfMru5oZePhp5bDerGadqBTZD6qJzeofTtExbARkUp5TyFFsiwPRpfQ3
7IKiX0qZ6PFIbQ6IZ5my0ef7eCfsKzpoVCygHV5IFO/BNWwUglj2pZEa2Kd+Czc6
Kr14LBMvZLZXh9mt/T9IrWB/F9/V0G2uXp37EIcA0hN131leS9g6Hl1Le4xIPy1n
tGaFIq+wc8W0kw61
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:45:42 2025 by rpki-client