Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sumD_9YnkDJHTYUJtj9su2nW528.roa
File: sumD_9YnkDJHTYUJtj9su2nW528.roa (raw, json)
Hash identifier: W+/uXTP3+7eBEXunSN10yuXZ8njmV/Fk4aF4FdyPFUs=
Subject key identifier: B2:E9:83:FF:D6:27:90:32:47:4D:85:09:B6:3F:6C:BB:69:D6:E7:6F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01963EEB01E277F12368DD8D64C943051E99
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sumD_9YnkDJHTYUJtj9su2nW528.roa
Signing time: Wed 16 Apr 2025 14:05:10 +0000
ROA not before: Wed 16 Apr 2025 14:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56755
IP address blocks: 139.28.99.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 11:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:eb:01:e2:77:f1:23:68:dd:8d:64:c9:43:05:1e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 16 14:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2e983ffd6279032474d8509b63f6cbb69d6e76f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:89:8e:ff:f2:b6:fc:e8:92:43:4b:cf:c1:
33:4d:ce:1d:75:ae:04:83:ff:92:2c:a1:0e:71:50:
85:3d:2b:46:bb:ff:cf:4d:ea:65:20:d9:4b:70:a0:
55:cf:23:12:07:56:8f:39:fa:78:16:43:9e:b7:55:
ea:dd:17:b0:71:91:0a:5a:54:1e:57:58:d5:5b:d0:
40:46:9d:30:61:85:ad:86:6c:4f:01:48:ce:a6:88:
02:c0:ce:74:e0:cd:aa:bd:0a:2c:69:5e:e6:40:8d:
03:2d:34:ab:66:9b:9a:33:09:d0:d6:a6:68:67:c1:
d7:c2:42:af:22:8c:41:25:02:ec:27:4d:78:49:3a:
8c:02:51:b7:26:f4:a1:7b:75:18:57:0d:cf:12:f9:
be:d4:d2:2c:36:17:95:3a:2b:2f:08:e4:00:72:17:
f5:74:b6:d7:ef:df:6b:26:fc:c8:73:8f:c1:3b:d9:
d7:96:bb:3f:69:27:8e:a3:9c:b6:ad:ed:08:54:d4:
9f:a0:6c:16:95:8e:10:7f:15:b7:03:c9:c6:3e:51:
b1:f9:de:46:7e:ad:a7:5b:18:60:4c:64:82:b5:59:
4a:5a:2f:37:36:ca:db:4d:5a:b3:79:11:4f:7e:d0:
5d:0a:ff:44:c7:1e:2f:a9:65:0a:ef:4f:34:ed:cd:
0b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E9:83:FF:D6:27:90:32:47:4D:85:09:B6:3F:6C:BB:69:D6:E7:6F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sumD_9YnkDJHTYUJtj9su2nW528.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.99.0/24
194.50.111.0/24
Signature Algorithm: sha256WithRSAEncryption
89:42:0f:56:e0:90:b3:30:e2:6e:91:4b:bc:29:9a:75:28:31:
5d:06:64:d4:ae:cf:13:c9:10:90:ff:7d:2f:cf:cb:1e:f2:5c:
45:f2:94:83:19:cc:4c:98:13:2d:b9:68:4f:a0:c5:8a:4e:7a:
c5:17:d1:9a:15:f7:b3:db:4e:01:96:f7:7d:7c:7b:84:b9:d7:
71:c3:f8:7d:f3:38:1c:b4:c5:9f:0d:e8:98:e1:e0:bb:b9:af:
b2:45:6e:8f:c9:68:22:0d:be:ed:2d:ab:02:20:3b:67:0d:ce:
df:b0:04:ba:23:45:c1:5f:94:fd:0a:17:34:c5:0a:6c:a0:37:
14:ea:d5:32:d2:8a:ed:48:5b:bf:94:9d:ab:09:a3:74:65:66:
4e:38:50:3a:d2:e8:5e:75:ff:5a:38:af:aa:91:4e:92:0c:7a:
a6:8a:e3:5e:3d:c2:5c:73:75:50:a8:df:50:0b:0e:6c:fe:a8:
92:9a:f0:0a:70:22:80:a7:77:67:d2:3c:1e:e9:b3:32:5c:c7:
54:0e:c2:e8:c6:b0:35:1b:35:77:e8:ad:76:fd:0f:81:b5:57:
34:85:c6:a5:f3:90:a5:85:66:4b:a1:6e:10:32:f9:c6:94:f2:
c5:1e:e9:f1:a0:b2:ff:ef:09:b3:72:9f:25:df:c1:dd:cb:7f:
bb:a7:5f:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZY+6wHid/EjaN2NZMlDBR6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNDE2MTQwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU5ODNmZmQ2Mjc5MDMyNDc0ZDg1MDliNjNmNmNiYjY5ZDZlNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXuJjv/ytvzokkNLz8EzTc4dda4E
g/+SLKEOcVCFPStGu//PTeplINlLcKBVzyMSB1aPOfp4FkOet1Xq3RewcZEKWlQe
V1jVW9BARp0wYYWthmxPAUjOpogCwM504M2qvQosaV7mQI0DLTSrZpuaMwnQ1qZo
Z8HXwkKvIoxBJQLsJ014STqMAlG3JvShe3UYVw3PEvm+1NIsNheVOisvCOQAchf1
dLbX799rJvzIc4/BO9nXlrs/aSeOo5y2re0IVNSfoGwWlY4QfxW3A8nGPlGx+d5G
fq2nWxhgTGSCtVlKWi83NsrbTVqzeRFPftBdCv9Exx4vqWUK70807c0LEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLpg//WJ5AyR02FCbY/bLtp1udvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc3VtRF85WW5rREpIVFlVSnRqOXN1Mm5XNTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAixxjAwQA
wjJvMA0GCSqGSIb3DQEBCwUAA4IBAQCJQg9W4JCzMOJukUu8KZp1KDFdBmTUrs8T
yRCQ/30vz8se8lxF8pSDGcxMmBMtuWhPoMWKTnrFF9GaFfez204Blvd9fHuEuddx
w/h98zgctMWfDeiY4eC7ua+yRW6PyWgiDb7tLasCIDtnDc7fsAS6I0XBX5T9Chc0
xQpsoDcU6tUy0ortSFu/lJ2rCaN0ZWZOOFA60uhedf9aOK+qkU6SDHqmiuNePcJc
c3VQqN9QCw5s/qiSmvAKcCKAp3dn0jwe6bMyXMdUDsLoxrA1GzV36K12/Q+BtVc0
hcal85ClhWZLoW4QMvnGlPLFHunxoLL/7wmzcp8l38Hdy3+7p192
-----END CERTIFICATE-----
Generated at Fri May 16 08:18:29 2025 by rpki-client