Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4B3aG57ev-UJ85dVoOePLiPZ-uw.roa
File: 4B3aG57ev-UJ85dVoOePLiPZ-uw.roa (raw, json)
Hash identifier: F7Bhr6+ijoEjwbt9XupphO2Ur8CqTEzxLD/jLU/HcQE=
Subject key identifier: E0:1D:DA:1B:9E:DE:BF:E5:09:F3:97:55:A0:E7:8F:2E:23:D9:FA:EC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01969A3696AA76FE6A6EFA6782225D78ECB9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4B3aG57ev-UJ85dVoOePLiPZ-uw.roa
Signing time: Sun 04 May 2025 07:33:10 +0000
ROA not before: Sun 04 May 2025 07:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.36.0/22 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 May 2025 07:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:36:96:aa:76:fe:6a:6e:fa:67:82:22:5d:78:ec:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 4 07:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e01dda1b9edebfe509f39755a0e78f2e23d9faec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7a:6b:b1:e1:71:0f:7f:a4:38:da:8f:6b:b2:
af:f9:7d:1f:5d:97:41:28:6b:fd:bd:c7:db:0a:38:
b0:04:c3:eb:73:67:e2:d6:e4:72:e7:a1:14:dc:b9:
4d:c8:e5:72:66:7f:df:e0:3c:05:98:86:50:a9:fa:
c8:ac:4f:c5:27:54:85:d3:b8:f7:d7:63:e2:94:61:
c3:d7:67:0d:9c:e6:8d:ff:50:9e:67:6c:6f:53:b9:
84:d9:65:f2:cf:cb:85:66:16:13:39:f1:2f:00:f5:
5d:73:44:94:41:c0:80:0b:02:1d:1a:ac:49:bd:09:
84:72:a7:9e:93:21:2c:a5:d4:3c:c2:4d:eb:7c:8f:
d2:b7:eb:e7:71:fb:14:7c:7b:a3:46:ee:91:04:3f:
24:b5:11:95:ce:ac:83:24:47:b6:89:08:92:97:38:
43:ff:d4:0e:d5:56:40:e0:d7:06:b9:2c:74:df:68:
7f:76:80:5c:cd:f4:f4:77:98:18:57:fa:d1:b4:f8:
29:65:ea:fd:da:86:85:6c:1f:c6:30:d6:e0:ae:5a:
65:f2:f9:f9:e6:59:b4:6e:6e:3a:88:fc:c5:49:83:
8d:c3:e8:6a:b0:6a:60:21:a1:f5:a2:c7:1c:ac:a4:
f9:e4:cb:9a:b5:96:84:4e:d5:76:c9:c9:6c:23:f4:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1D:DA:1B:9E:DE:BF:E5:09:F3:97:55:A0:E7:8F:2E:23:D9:FA:EC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4B3aG57ev-UJ85dVoOePLiPZ-uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.36.0/22
217.60.44.0/22
217.60.60.0/22
217.60.188.0-217.60.195.255
Signature Algorithm: sha256WithRSAEncryption
9c:2d:d7:a6:7f:33:94:0f:3a:a6:f6:72:5e:08:13:c7:ef:53:
09:c1:3f:d1:d2:8f:53:09:06:79:40:c5:6e:7c:05:e2:16:18:
b0:d8:f3:ea:ae:63:08:d9:69:82:35:ae:0c:a4:62:8e:ef:e7:
41:42:79:65:63:02:68:d0:c6:77:2e:4d:77:9f:bc:45:b8:8e:
4d:6b:54:06:54:68:fc:c4:09:aa:e7:be:62:68:ba:da:a7:5a:
8e:c6:bd:44:9b:b1:31:3e:9d:c6:a6:0f:e1:f7:6f:f6:cb:76:
5c:d1:0d:24:fb:7a:f1:ca:e4:b7:f1:4c:aa:43:6b:00:7a:75:
14:b1:c9:8f:2b:38:76:e2:d2:d8:e2:61:83:cb:a8:2f:50:c8:
84:b8:0a:dc:85:e7:f8:b6:b0:b7:79:cb:6f:5c:21:f4:a3:96:
8d:89:6a:c4:be:a2:c8:94:db:d6:7e:72:7f:79:90:10:cb:8e:
09:57:18:91:95:ba:c6:7b:0f:57:2e:d3:69:09:51:0b:84:7f:
72:1e:19:0f:2e:61:36:2c:c7:1b:02:14:09:13:67:7d:32:f1:
ca:83:39:fc:80:3c:01:60:a8:18:59:cd:cb:76:9b:14:d4:53:
37:08:eb:02:e0:ec:5d:6b:52:53:4c:cf:dc:8b:9e:ef:dc:7c:
0a:35:bc:f3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZaaNpaqdv5qbvpngiJdeOy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA0MDczMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDFkZGExYjllZGViZmU1MDlmMzk3NTVhMGU3OGYyZTIzZDlmYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3prseFxD3+kONqPa7Kv+X0fXZdB
KGv9vcfbCjiwBMPrc2fi1uRy56EU3LlNyOVyZn/f4DwFmIZQqfrIrE/FJ1SF07j3
12PilGHD12cNnOaN/1CeZ2xvU7mE2WXyz8uFZhYTOfEvAPVdc0SUQcCACwIdGqxJ
vQmEcqeekyEspdQ8wk3rfI/St+vncfsUfHujRu6RBD8ktRGVzqyDJEe2iQiSlzhD
/9QO1VZA4NcGuSx032h/doBczfT0d5gYV/rRtPgpZer92oaFbB/GMNbgrlpl8vn5
5lm0bm46iPzFSYONw+hqsGpgIaH1osccrKT55MuatZaETtV2yclsI/SRyQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOAd2hue3r/lCfOXVaDnjy4j2frsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNEIzYUc1N2V2LVVKODVkVm9PZVBMaVBaLXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQD2TwAAwQC
2TwMAwQC2TwYAwQC2TwkAwQC2TwsAwQC2Tw8MAwDBALZPLwDBALZPMAwDQYJKoZI
hvcNAQELBQADggEBAJwt16Z/M5QPOqb2cl4IE8fvUwnBP9HSj1MJBnlAxW58BeIW
GLDY8+quYwjZaYI1rgykYo7v50FCeWVjAmjQxncuTXefvEW4jk1rVAZUaPzECarn
vmJoutqnWo7GvUSbsTE+ncamD+H3b/bLdlzRDST7evHK5LfxTKpDawB6dRSxyY8r
OHbi0tjiYYPLqC9QyIS4CtyF5/i2sLd5y29cIfSjlo2JasS+osiU29Z+cn95kBDL
jglXGJGVusZ7D1cu02kJUQuEf3IeGQ8uYTYsxxsCFAkTZ30y8cqDOfyAPAFgqBhZ
zct2mxTUUzcI6wLg7F1rUlNMz9yLnu/cfAo1vPM=
-----END CERTIFICATE-----
Generated at Fri May 9 20:33:00 2025 by rpki-client