Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/1ybthlfLgtLQgfxAknSZAs8RC5k.roa
File: 1ybthlfLgtLQgfxAknSZAs8RC5k.roa (raw, json)
Hash identifier: h6Du6hP9KxR9m+jaJrmI78AZh53iHUNDmxCbuZh73ag=
Subject key identifier: D7:26:ED:86:57:CB:82:D2:D0:81:FC:40:92:74:99:02:CF:11:0B:99
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 019426D9E02AABBD00EBE3727244EA4EEB06
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/1ybthlfLgtLQgfxAknSZAs8RC5k.roa
Signing time: Thu 02 Jan 2025 11:50:00 +0000
ROA not before: Thu 02 Jan 2025 11:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60251
IP address blocks: 192.42.253.0/24 maxlen: 24
2a0f:6b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Feb 2025 20:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e0:2a:ab:bd:00:eb:e3:72:72:44:ea:4e:eb:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 2 11:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d726ed8657cb82d2d081fc4092749902cf110b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:be:18:47:fa:0d:11:fc:e9:03:1b:81:a1:
40:03:af:53:58:ad:1d:ff:7e:eb:5b:ad:51:05:67:
f3:ef:c4:40:21:29:fe:f5:99:9b:fd:0f:60:af:1b:
41:65:58:95:1f:f9:3f:a4:16:02:60:c0:1d:99:d5:
36:23:b2:af:2d:e1:fa:e7:31:52:06:eb:17:ac:ed:
63:16:c0:7f:ac:56:5c:57:5b:ba:3e:5f:37:5f:1b:
6a:98:58:53:8b:e4:c9:54:54:1b:b3:bf:76:5b:24:
8b:69:86:87:82:a2:cc:9c:36:b9:77:f4:6d:45:69:
de:d7:13:39:35:6b:f9:5e:11:66:3e:33:d7:8d:36:
4c:0c:c3:77:d0:dd:ba:75:28:6c:d2:8d:62:a0:77:
75:2a:5d:3c:ca:96:60:6d:ae:29:d9:97:23:ce:fa:
5c:81:86:f5:ce:97:c0:12:ab:50:7a:2f:19:d0:d2:
1d:2e:a7:96:08:58:d8:4c:ad:05:5f:2a:2b:c5:84:
e1:2e:b7:d8:9b:c0:9d:5a:a5:16:e3:9c:73:a2:c6:
d3:fa:49:ab:6b:ae:44:78:d4:89:3f:1c:30:33:03:
40:4f:f6:73:4d:9a:e8:a2:24:4d:bf:ec:bf:dc:b7:
eb:02:1d:2d:0a:d8:df:eb:f6:c4:6a:a2:ea:8d:c8:
72:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:26:ED:86:57:CB:82:D2:D0:81:FC:40:92:74:99:02:CF:11:0B:99
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/1ybthlfLgtLQgfxAknSZAs8RC5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.42.253.0/24
IPv6:
2a0f:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
88:90:d5:bf:f8:12:0d:a2:2f:70:da:5a:28:71:41:7d:47:58:
78:db:a5:66:52:e4:03:7a:fc:68:7f:86:1b:bf:0a:65:32:4c:
e8:d6:94:dd:73:72:93:03:5e:de:06:d7:a2:52:b7:75:34:a1:
c2:e8:d6:e1:b2:69:33:45:70:62:9c:9e:e8:61:e8:4e:c7:95:
c4:23:17:e0:bf:af:c4:82:8b:c0:c6:86:0d:35:a8:f3:cc:6b:
2f:de:64:36:49:0f:c2:43:3f:37:50:a6:97:72:45:5e:f9:d0:
a8:3e:73:d7:cc:6e:0e:82:2a:2d:2a:2f:6f:79:c3:4c:56:bb:
5f:fe:cc:b7:4f:77:4b:e4:67:a6:6d:2e:e1:43:44:06:6e:68:
ee:23:b3:04:c8:6b:3e:22:c4:cf:32:38:17:ea:c9:54:9a:c9:
cf:49:b2:a1:6b:69:15:48:39:e5:87:19:5e:cf:3a:21:ba:51:
98:e3:23:51:09:33:ef:69:e5:4a:16:1b:4c:a6:9a:a0:53:d3:
80:bb:fc:62:f0:3c:ee:6f:95:e5:87:7b:87:f0:64:29:71:d2:
5c:09:30:1e:f8:4e:86:e3:71:98:5f:37:bb:4a:42:2f:75:4a:
be:e9:b2:01:7a:a3:04:7a:dc:0f:ae:ac:6c:fb:6f:94:50:6a:
22:bc:91:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2eAqq70A6+NyckTqTusGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjUwMTAyMTE1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzI2ZWQ4NjU3Y2I4MmQyZDA4MWZjNDA5Mjc0OTkwMmNmMTEwYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwq+GEf6DRH86QMbgaFAA69TWK0d
/37rW61RBWfz78RAISn+9Zmb/Q9grxtBZViVH/k/pBYCYMAdmdU2I7KvLeH65zFS
BusXrO1jFsB/rFZcV1u6Pl83XxtqmFhTi+TJVFQbs792WySLaYaHgqLMnDa5d/Rt
RWne1xM5NWv5XhFmPjPXjTZMDMN30N26dShs0o1ioHd1Kl08ypZgba4p2Zcjzvpc
gYb1zpfAEqtQei8Z0NIdLqeWCFjYTK0FXyorxYThLrfYm8CdWqUW45xzosbT+kmr
a65EeNSJPxwwMwNAT/ZzTZrooiRNv+y/3LfrAh0tCtjf6/bEaqLqjchyTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNcm7YZXy4LS0IH8QJJ0mQLPEQuZMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvMXlidGhsZkxndExRZ2Z4QWtuU1pBczhSQzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwCr9MA0E
AgACMAcDBQMqD2tAMA0GCSqGSIb3DQEBCwUAA4IBAQCIkNW/+BINoi9w2loocUF9
R1h426VmUuQDevxof4YbvwplMkzo1pTdc3KTA17eBteiUrd1NKHC6NbhsmkzRXBi
nJ7oYehOx5XEIxfgv6/EgovAxoYNNajzzGsv3mQ2SQ/CQz83UKaXckVe+dCoPnPX
zG4OgiotKi9vecNMVrtf/sy3T3dL5GembS7hQ0QGbmjuI7MEyGs+IsTPMjgX6slU
msnPSbKha2kVSDnlhxlezzohulGY4yNRCTPvaeVKFhtMppqgU9OAu/xi8Dzub5Xl
h3uH8GQpcdJcCTAe+E6G43GYXze7SkIvdUq+6bIBeqMEetwPrqxs+2+UUGoivJHS
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:31:31 2025 by rpki-client