Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/u_Pgl2RLW2Ltv22iwycyvfn07NA.roa
File: u_Pgl2RLW2Ltv22iwycyvfn07NA.roa (raw, json)
Hash identifier: iT7R+11vfgdxuaq+jIsnXK8F5PcryXUgz0Wf1g+y+Y8=
Subject key identifier: BB:F3:E0:97:64:4B:5B:62:ED:BF:6D:A2:C3:27:32:BD:F9:F4:EC:D0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193BF5646F9DEB523BA78AC2DD94A04CCA7
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/u_Pgl2RLW2Ltv22iwycyvfn07NA.roa
Signing time: Fri 13 Dec 2024 09:25:22 +0000
ROA not before: Fri 13 Dec 2024 09:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:56:46:f9:de:b5:23:ba:78:ac:2d:d9:4a:04:cc:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 13 09:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbf3e097644b5b62edbf6da2c32732bdf9f4ecd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a9:6e:30:62:37:40:bc:6f:6a:ce:df:3e:eb:
4f:4a:22:67:a9:c3:94:be:75:e2:36:5c:8b:0b:e2:
69:17:ea:c7:b8:28:d1:73:79:56:64:da:cb:cc:fd:
70:8c:52:07:59:75:0e:05:ad:23:4b:87:e3:60:cf:
43:00:14:d9:b9:bf:17:71:00:6b:b4:22:ac:33:60:
f6:a1:19:cc:bb:6d:e1:2b:40:36:ce:b9:e6:32:fc:
37:83:08:e4:5c:6f:d1:6b:2a:0c:ed:db:a4:64:cb:
49:74:4d:bc:30:2c:f2:71:e9:43:6a:22:6d:79:f9:
18:01:35:48:db:e3:a5:5e:11:b7:7c:fc:60:49:d1:
ee:4c:73:1d:a4:8f:b8:fe:48:ca:f4:b8:50:1f:27:
da:7c:5e:36:f6:aa:5f:fd:d0:26:99:ad:16:11:f6:
5a:4b:76:3c:58:25:aa:b2:09:db:a6:b0:8e:d5:c1:
2b:2b:98:ac:00:30:83:15:90:c6:c1:20:1d:d4:be:
b3:6b:7b:56:e4:18:58:98:e5:ac:24:70:c5:4b:9a:
30:2d:a7:f6:2d:fd:86:cf:d1:d0:08:96:07:88:a5:
92:da:bf:84:0c:fa:e4:74:8d:14:bc:22:9a:92:02:
1e:36:37:f0:22:56:e6:f9:af:2d:09:d3:7a:4d:0d:
1e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F3:E0:97:64:4B:5B:62:ED:BF:6D:A2:C3:27:32:BD:F9:F4:EC:D0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/u_Pgl2RLW2Ltv22iwycyvfn07NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.199.0/24
217.60.237.0-217.60.238.255
217.60.243.0/24
217.60.246.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:f6:00:34:e6:57:8c:d9:a5:5d:07:e6:8f:60:0b:66:28:66:
6b:f7:dc:ae:2c:42:1f:3c:c3:0f:a3:c3:ba:ca:61:6f:7f:aa:
5e:1d:13:a4:84:86:8c:2e:11:a7:d3:57:91:75:9e:39:78:07:
ea:45:03:ee:68:7a:68:98:c0:17:25:5b:6b:b1:14:2b:19:12:
a4:e2:09:94:dc:71:d8:2c:91:6d:f7:f1:bc:fb:0b:a4:94:58:
b7:61:29:76:43:07:dd:96:2a:61:45:a0:cb:34:d3:6c:44:5f:
47:22:a1:61:08:6e:9b:f2:5e:a6:b1:b7:c0:f2:1b:5e:2a:2f:
4a:bf:74:68:ef:f1:d6:04:70:e8:ff:b5:7f:35:92:48:03:0a:
d9:2d:7f:61:3f:50:24:ac:cd:93:ae:28:16:4a:81:ae:b6:4b:
c7:52:ba:44:dd:63:a3:af:b2:17:5d:b1:34:e0:41:79:69:63:
d6:14:fc:c4:0d:b1:70:1e:d3:35:fe:6d:84:2f:e3:eb:24:e6:
03:34:19:68:a6:ba:c5:82:3e:ae:be:2e:01:41:44:a2:4f:1e:
c3:a9:7e:cb:13:24:3a:fa:8b:af:2f:b4:63:f9:fb:f9:5e:57:
c1:7e:8e:08:ed:8c:ba:ee:15:ef:6e:66:80:38:c9:b1:ed:78:
5f:9c:63:ff
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZO/Vkb53rUjunisLdlKBMynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjEzMDkyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmYzZTA5NzY0NGI1YjYyZWRiZjZkYTJjMzI3MzJiZGY5ZjRlY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKluMGI3QLxvas7fPutPSiJnqcOU
vnXiNlyLC+JpF+rHuCjRc3lWZNrLzP1wjFIHWXUOBa0jS4fjYM9DABTZub8XcQBr
tCKsM2D2oRnMu23hK0A2zrnmMvw3gwjkXG/RayoM7dukZMtJdE28MCzycelDaiJt
efkYATVI2+OlXhG3fPxgSdHuTHMdpI+4/kjK9LhQHyfafF429qpf/dAmma0WEfZa
S3Y8WCWqsgnbprCO1cErK5isADCDFZDGwSAd1L6za3tW5BhYmOWsJHDFS5owLaf2
Lf2Gz9HQCJYHiKWS2r+EDPrkdI0UvCKakgIeNjfwIlbm+a8tCdN6TQ0emQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLvz4JdkS1ti7b9tosMnMr359OzQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdV9QZ2wyUkxXMkx0djIyaXd5Y3l2Zm4wN05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA2TzHMAwD
BADZPO0DBADZPO4DBADZPPMDBADZPPYwDQYJKoZIhvcNAQELBQADggEBADv2ADTm
V4zZpV0H5o9gC2YoZmv33K4sQh88ww+jw7rKYW9/ql4dE6SEhowuEafTV5F1njl4
B+pFA+5oemiYwBclW2uxFCsZEqTiCZTccdgskW338bz7C6SUWLdhKXZDB92WKmFF
oMs002xEX0cioWEIbpvyXqaxt8DyG14qL0q/dGjv8dYEcOj/tX81kkgDCtktf2E/
UCSszZOuKBZKga62S8dSukTdY6OvshddsTTgQXlpY9YU/MQNsXAe0zX+bYQv4+sk
5gM0GWimusWCPq6+LgFBRKJPHsOpfssTJDr6i68vtGP5+/leV8F+jgjtjLruFe9u
ZoA4ybHteF+cY/8=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:09 2025 by rpki-client