Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/jy6ZQDS-YqFCf2Cn_W0r70C4lz4.roa
File: jy6ZQDS-YqFCf2Cn_W0r70C4lz4.roa (raw, json)
Hash identifier: wbMwT/LI6BlVBcI4TsbmQW/8Juf9ZSouNoe1le3Rim4=
Subject key identifier: 8F:2E:99:40:34:BE:62:A1:42:7F:60:A7:FD:6D:2B:EF:40:B8:97:3E
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01977C70352352F0AAEDA56CFBCF68B1B03F
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/jy6ZQDS-YqFCf2Cn_W0r70C4lz4.roa
Signing time: Tue 17 Jun 2025 05:50:17 +0000
ROA not before: Tue 17 Jun 2025 05:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 144.56.9.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
144.56.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jun 2025 19:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:70:35:23:52:f0:aa:ed:a5:6c:fb:cf:68:b1:b0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 17 05:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f2e994034be62a1427f60a7fd6d2bef40b8973e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d8:7c:b7:e9:0a:05:c3:6a:49:0a:ec:4f:a4:
41:1c:5a:f5:b2:33:7f:2a:c7:d2:79:47:ce:df:ea:
86:dd:a7:80:cf:9d:a8:70:c4:d9:26:8f:a9:c1:66:
85:17:20:81:d0:84:14:4a:df:f2:44:4c:16:18:81:
64:e1:d3:4e:3a:9c:6a:c6:52:ac:dc:17:50:b7:6a:
d8:63:48:4e:37:9f:18:08:95:ef:27:65:c5:c9:ed:
43:d6:bb:cd:04:76:81:1d:b4:86:ef:c1:c7:6e:3e:
d4:aa:76:9d:0d:5b:36:6e:92:4c:2c:90:cc:e3:d2:
4f:d6:c9:ee:24:55:72:4e:ee:3d:00:d7:58:67:f7:
b8:85:22:92:1b:10:b3:74:49:1c:41:dd:11:73:c1:
56:50:3b:13:ba:61:75:a5:3e:4f:6b:43:ae:70:02:
83:b3:1b:90:d8:92:ab:39:be:58:e8:3b:32:bb:4a:
59:66:af:19:a7:21:96:f0:5f:fc:2f:1f:0c:f1:a9:
25:4b:a8:fd:a9:56:cd:e9:b1:75:c0:66:3d:be:66:
16:78:4b:7a:a4:54:74:3c:3c:5d:0b:e5:e2:c1:8e:
39:2c:9e:a6:c8:b5:70:fa:0d:4c:cb:b7:f7:45:ad:
ee:2f:d0:0b:36:e2:90:1c:04:22:ba:3a:34:f5:cd:
8f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2E:99:40:34:BE:62:A1:42:7F:60:A7:FD:6D:2B:EF:40:B8:97:3E
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/jy6ZQDS-YqFCf2Cn_W0r70C4lz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.9.0/24
144.56.20.0/24
144.56.33.0-144.56.34.255
144.56.71.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b0:82:fb:81:4e:be:a9:83:53:3d:b3:0e:ad:2a:c4:48:77:
70:e4:8d:5f:50:29:2a:df:ce:23:5f:9b:ea:5e:64:e4:78:78:
8b:28:3b:cd:62:da:9d:58:23:25:c9:c2:bf:f6:aa:4b:fe:33:
75:eb:69:0b:7f:4d:e2:60:33:0a:36:91:06:1e:9c:80:27:d2:
4a:7a:86:4f:f8:fc:ac:bf:e3:55:a3:91:2d:b1:a6:f5:bb:81:
28:cb:b2:6d:bd:31:20:c6:84:d0:ba:75:49:61:ea:05:69:f0:
91:4d:e4:55:8d:cc:e0:21:3d:3e:a7:be:5d:6b:88:1f:90:b6:
a9:72:55:e9:4c:65:7a:36:03:52:20:86:36:0a:01:cb:7e:cd:
a8:77:58:0f:db:34:6c:f5:9b:17:3c:8d:40:c4:4d:1c:e0:37:
28:1a:d8:5c:40:9e:4e:a1:92:18:47:96:04:b4:26:dc:37:b0:
a7:43:0e:27:ea:91:5b:c5:08:d9:21:e7:d9:ba:8b:b5:ae:06:
9a:59:70:1e:99:59:2e:4c:b0:b6:e7:5c:de:a0:28:d0:70:29:
b3:49:ea:3b:ba:4a:15:85:13:71:2d:4d:5f:2b:46:55:d2:1a:
7c:21:59:cc:2f:de:c4:b3:37:bf:d8:3f:f9:ee:02:59:3e:12:
de:06:a6:86
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZd8cDUjUvCq7aVs+89osbA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjE3MDU1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjJlOTk0MDM0YmU2MmExNDI3ZjYwYTdmZDZkMmJlZjQwYjg5NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39h8t+kKBcNqSQrsT6RBHFr1sjN/
KsfSeUfO3+qG3aeAz52ocMTZJo+pwWaFFyCB0IQUSt/yREwWGIFk4dNOOpxqxlKs
3BdQt2rYY0hON58YCJXvJ2XFye1D1rvNBHaBHbSG78HHbj7UqnadDVs2bpJMLJDM
49JP1snuJFVyTu49ANdYZ/e4hSKSGxCzdEkcQd0Rc8FWUDsTumF1pT5Pa0OucAKD
sxuQ2JKrOb5Y6Dsyu0pZZq8ZpyGW8F/8Lx8M8aklS6j9qVbN6bF1wGY9vmYWeEt6
pFR0PDxdC+XiwY45LJ6myLVw+g1My7f3Ra3uL9ALNuKQHAQiujo09c2PZwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI8umUA0vmKhQn9gp/1tK+9AuJc+MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvank2WlFEUy1ZcUZDZjJDbl9XMHI3MEM0bHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAkDgJAwQA
kDgUMAwDBACQOCEDBACQOCIDBACQOEcwDQYJKoZIhvcNAQELBQADggEBAHWwgvuB
Tr6pg1M9sw6tKsRId3DkjV9QKSrfziNfm+peZOR4eIsoO81i2p1YIyXJwr/2qkv+
M3XraQt/TeJgMwo2kQYenIAn0kp6hk/4/Ky/41WjkS2xpvW7gSjLsm29MSDGhNC6
dUlh6gVp8JFN5FWNzOAhPT6nvl1riB+QtqlyVelMZXo2A1IghjYKAct+zah3WA/b
NGz1mxc8jUDETRzgNyga2FxAnk6hkhhHlgS0Jtw3sKdDDifqkVvFCNkh59m6i7Wu
BppZcB6ZWS5MsLbnXN6gKNBwKbNJ6ju6ShWFE3EtTV8rRlXSGnwhWcwv3sSzN7/Y
P/nuAlk+Et4GpoY=
-----END CERTIFICATE-----
Generated at Thu Jul 3 10:15:12 2025 by rpki-client