Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Z6RKkhh4LrqLfFnaDC56c9F_X9s.roa
File: Z6RKkhh4LrqLfFnaDC56c9F_X9s.roa (raw, json)
Hash identifier: +gKFBCFnT7kQhDfsyGXLDeVfYQPlUZ4HLTcRhXUaOzU=
Subject key identifier: 67:A4:4A:92:18:78:2E:BA:8B:7C:59:DA:0C:2E:7A:73:D1:7F:5F:DB
Certificate issuer: /CN=473779e6a77c7e58213198764ce2ac0e6bee6236
Certificate serial: 0196A53316B6FB5CB7036445FCC25729DEAC
Authority key identifier: 47:37:79:E6:A7:7C:7E:58:21:31:98:76:4C:E2:AC:0E:6B:EE:62:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rzd55qd8flghMZh2TOKsDmvuYjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Z6RKkhh4LrqLfFnaDC56c9F_X9s.roa
Signing time: Tue 06 May 2025 10:45:10 +0000
ROA not before: Tue 06 May 2025 10:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42730
IP address blocks: 178.254.60.0/23 maxlen: 23
2a00:6800::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 May 2025 05:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:33:16:b6:fb:5c:b7:03:64:45:fc:c2:57:29:de:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473779e6a77c7e58213198764ce2ac0e6bee6236
Validity
Not Before: May 6 10:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67a44a9218782eba8b7c59da0c2e7a73d17f5fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b7:96:01:3f:99:9b:ba:58:2f:25:12:4b:33:
26:de:c8:b3:94:5d:9d:fe:2b:23:27:45:12:18:22:
a2:c1:6b:5a:1a:a9:24:b0:19:fd:eb:75:7b:5c:82:
a1:b5:81:bc:85:e5:2f:6a:61:9b:8d:92:0f:3a:ed:
b2:b8:5f:10:2f:e0:e3:6c:d9:eb:96:a4:aa:7d:e9:
ea:8f:3b:20:63:38:a4:76:a5:8d:fb:4d:f0:61:89:
04:89:9c:f8:1d:75:f8:d9:ec:16:ea:05:ff:2b:23:
fa:58:22:4a:29:bc:da:ba:43:98:8f:6c:08:19:24:
7e:7c:84:bd:5d:03:af:07:9f:ca:a0:1f:f7:39:a5:
1a:c6:79:be:85:eb:5a:74:9d:50:5a:49:4b:1b:1d:
68:a7:cd:2d:09:06:4e:a7:09:61:53:76:9d:e0:2a:
af:36:eb:8d:16:de:ec:22:6f:85:2d:20:4b:97:7d:
41:98:fa:8a:d7:2c:53:1b:24:88:86:d9:c4:9b:04:
15:d1:38:cd:bb:54:52:ca:0b:50:64:79:79:f8:07:
02:ca:f0:46:c3:72:07:9b:f6:d0:02:2d:c2:3d:d8:
79:56:e2:ed:78:fc:b1:df:15:88:c7:13:32:cf:98:
52:5d:31:c2:22:dc:10:ef:26:6d:5e:2a:61:c2:ce:
a4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A4:4A:92:18:78:2E:BA:8B:7C:59:DA:0C:2E:7A:73:D1:7F:5F:DB
X509v3 Authority Key Identifier:
keyid:47:37:79:E6:A7:7C:7E:58:21:31:98:76:4C:E2:AC:0E:6B:EE:62:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rzd55qd8flghMZh2TOKsDmvuYjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Z6RKkhh4LrqLfFnaDC56c9F_X9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Rzd55qd8flghMZh2TOKsDmvuYjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.254.60.0/23
IPv6:
2a00:6800::/32
Signature Algorithm: sha256WithRSAEncryption
ad:1c:bb:53:d9:aa:fc:69:de:22:c9:b3:1e:a9:bc:24:12:f6:
40:86:ef:48:c5:0b:d1:b3:7e:bd:23:4b:59:b5:b5:4c:ba:cd:
e0:03:97:4d:77:66:dd:7a:53:78:00:ae:88:a1:62:95:da:94:
20:be:46:c4:ec:9a:8b:a5:56:81:aa:26:41:f4:07:17:65:35:
68:61:35:04:b8:dd:1e:5c:fc:fc:1e:4a:cf:17:ec:00:dc:a9:
eb:eb:53:ba:41:06:7b:99:3f:05:64:85:6f:c0:be:2a:64:03:
3e:c0:06:0b:e7:14:b3:97:66:8e:e1:b2:52:9e:44:43:c9:f0:
19:78:69:1a:05:8b:a9:63:4f:8a:3c:ae:f3:75:68:f4:34:57:
3e:f2:c3:aa:45:27:d6:ae:0b:55:a7:3b:bf:1c:37:a0:45:8d:
4b:52:4c:29:74:c9:79:33:68:53:e0:4a:ed:55:bf:bd:2b:73:
2b:a7:cf:13:2c:b3:92:5e:eb:a4:14:1b:a5:96:d5:d6:55:85:
3d:a6:7e:ed:a2:6a:7c:40:bd:01:e1:1f:8b:6e:ad:3d:73:75:
16:d2:96:e8:34:b3:04:0e:c2:c2:c9:24:f9:f9:aa:8f:86:8a:
ac:6c:34:45:eb:f7:fc:34:ac:9d:7e:5f:9a:31:0d:c7:6e:5e:
8c:59:99:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZalMxa2+1y3A2RF/MJXKd6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Mzc3OWU2YTc3YzdlNTgyMTMxOTg3NjRjZTJhYzBlNmJl
ZTYyMzYwHhcNMjUwNTA2MTA0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E0NGE5MjE4NzgyZWJhOGI3YzU5ZGEwYzJlN2E3M2QxN2Y1ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7eWAT+Zm7pYLyUSSzMm3sizlF2d
/isjJ0USGCKiwWtaGqkksBn963V7XIKhtYG8heUvamGbjZIPOu2yuF8QL+DjbNnr
lqSqfenqjzsgYzikdqWN+03wYYkEiZz4HXX42ewW6gX/KyP6WCJKKbzaukOYj2wI
GSR+fIS9XQOvB5/KoB/3OaUaxnm+hetadJ1QWklLGx1op80tCQZOpwlhU3ad4Cqv
NuuNFt7sIm+FLSBLl31BmPqK1yxTGySIhtnEmwQV0TjNu1RSygtQZHl5+AcCyvBG
w3IHm/bQAi3CPdh5VuLtePyx3xWIxxMyz5hSXTHCItwQ7yZtXiphws6kKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGekSpIYeC66i3xZ2gwuenPRf1/bMB8GA1UdIwQY
MBaAFEc3eeanfH5YITGYdkzirA5r7mI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpkNTVxZDhmbGdoTVpoMlRPS3NEbXZ1WWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZDc1ODMtZDEwYy00N2RiLWFlZTEt
NThkNjY0MjEwNjY5LzEvWjZSS2toaDRMcnFMZkZuYURDNTZjOUZfWDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZDc1ODMtZDEwYy00N2RiLWFlZTEtNThkNjY0MjEwNjY5
LzEvUnpkNTVxZDhmbGdoTVpoMlRPS3NEbXZ1WWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBsv48MA0E
AgACMAcDBQAqAGgAMA0GCSqGSIb3DQEBCwUAA4IBAQCtHLtT2ar8ad4iybMeqbwk
EvZAhu9IxQvRs369I0tZtbVMus3gA5dNd2bdelN4AK6IoWKV2pQgvkbE7JqLpVaB
qiZB9AcXZTVoYTUEuN0eXPz8HkrPF+wA3Knr61O6QQZ7mT8FZIVvwL4qZAM+wAYL
5xSzl2aO4bJSnkRDyfAZeGkaBYupY0+KPK7zdWj0NFc+8sOqRSfWrgtVpzu/HDeg
RY1LUkwpdMl5M2hT4ErtVb+9K3Mrp88TLLOSXuukFBulltXWVYU9pn7tomp8QL0B
4R+Lbq09c3UW0pboNLMEDsLCyST5+aqPhoqsbDRF6/f8NKydfl+aMQ3Hbl6MWZk1
-----END CERTIFICATE-----
Generated at Tue May 13 23:15:20 2025 by rpki-client