Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c9330d-4d4a-4458-888a-e362a90edec1/1/T_yg4R5ozJ9xlB6dKFiBK6qpQEQ.roa
File: T_yg4R5ozJ9xlB6dKFiBK6qpQEQ.roa (raw, json)
Hash identifier: mBXRhqkcR3u1C8gf4KyrvmfEYVamODeG7E1l9TcgkW8=
Subject key identifier: 4F:FC:A0:E1:1E:68:CC:9F:71:94:1E:9D:28:58:81:2B:AA:A9:40:44
Certificate issuer: /CN=2ac89af05d20711e0a94e84bf4b44766362c5083
Certificate serial: 018CCA2B601DBD6FEF8882B6E94447314240
Authority key identifier: 2A:C8:9A:F0:5D:20:71:1E:0A:94:E8:4B:F4:B4:47:66:36:2C:50:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ksia8F0gcR4KlOhL9LRHZjYsUIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c9330d-4d4a-4458-888a-e362a90edec1/1/T_yg4R5ozJ9xlB6dKFiBK6qpQEQ.roa
Signing time: Tue 02 Jan 2024 12:34:49 +0000
ROA not before: Tue 02 Jan 2024 12:34:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210657
IP address blocks: 194.62.61.0/24 maxlen: 24
194.62.62.0/24 maxlen: 24
194.62.63.0/24 maxlen: 24
194.62.60.0/24 maxlen: 24
2a0c:fcc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:60:1d:bd:6f:ef:88:82:b6:e9:44:47:31:42:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac89af05d20711e0a94e84bf4b44766362c5083
Validity
Not Before: Jan 2 12:34:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ffca0e11e68cc9f71941e9d2858812baaa94044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:be:a9:8d:77:e2:29:a7:20:a1:68:7a:be:01:
5d:45:86:ee:80:0c:53:5b:9c:42:b9:0c:97:bf:f0:
cc:a8:39:a0:ba:d4:b3:b0:e3:d8:31:fe:17:2b:38:
70:73:02:9b:17:f1:2f:6c:3f:21:d5:76:8a:f7:fe:
fa:53:40:77:b8:32:97:e4:11:af:4b:df:f2:d5:3d:
1d:f5:17:07:66:44:4e:d7:8e:5e:bd:c1:46:1a:5b:
4d:83:83:3a:be:46:cd:e0:7c:10:3f:ed:f6:83:ba:
1d:e5:fb:6a:32:f2:bd:f3:90:6e:b8:53:d8:b6:68:
57:64:ad:82:2f:18:6c:78:57:64:00:fb:1c:e2:56:
75:80:37:82:aa:87:44:24:4f:1c:77:d4:f0:c9:c0:
73:a3:43:a8:85:56:12:90:12:38:e6:47:84:43:17:
6d:a0:67:79:f5:d1:c3:97:87:26:af:9d:d1:fd:6c:
67:e0:48:06:70:31:c2:5b:a3:08:41:f9:14:4f:5c:
7e:42:e5:3a:52:51:cd:fb:65:4d:8c:c3:f2:f0:e5:
29:82:5f:fb:57:d1:bf:32:dc:a9:fe:7a:70:66:bc:
2e:d9:31:66:5a:5c:c1:fc:08:ab:80:5f:c1:70:4e:
f7:06:4d:82:88:b5:db:a1:52:b1:76:63:8f:73:c9:
f7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FC:A0:E1:1E:68:CC:9F:71:94:1E:9D:28:58:81:2B:AA:A9:40:44
X509v3 Authority Key Identifier:
keyid:2A:C8:9A:F0:5D:20:71:1E:0A:94:E8:4B:F4:B4:47:66:36:2C:50:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ksia8F0gcR4KlOhL9LRHZjYsUIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c9330d-4d4a-4458-888a-e362a90edec1/1/T_yg4R5ozJ9xlB6dKFiBK6qpQEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c9330d-4d4a-4458-888a-e362a90edec1/1/Ksia8F0gcR4KlOhL9LRHZjYsUIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.60.0/22
IPv6:
2a0c:fcc0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:78:80:1d:ff:bc:1f:35:06:7f:d6:9d:fc:4a:4b:d5:5d:0e:
26:25:d5:b7:a6:97:89:84:8e:bb:6a:62:aa:3f:c7:a6:82:a2:
06:45:41:d4:0c:f8:1c:82:5b:f3:dd:0d:2a:00:db:0d:28:99:
be:a0:8e:a0:c5:fe:28:66:e3:f0:18:c1:8c:fe:ee:83:6c:c9:
3b:8d:af:3f:ca:88:da:80:d3:e7:2a:cd:e9:a9:e8:52:15:80:
f3:6d:60:0b:38:4e:e0:4d:f8:ce:b7:d0:65:5a:f0:07:73:16:
58:a6:39:03:a9:03:d1:3f:23:07:dc:07:c4:61:52:29:6e:5d:
10:ed:3e:cd:4d:0d:23:ee:f5:f2:1e:bb:5c:20:27:27:a7:dc:
64:c7:c8:44:fc:e5:4b:47:bc:db:ee:fb:68:fc:88:59:ad:e7:
3e:06:d8:11:99:30:85:fd:12:5c:98:8c:13:ed:14:54:e9:11:
e6:5a:24:79:1d:12:c6:58:94:83:a8:98:97:d8:f8:79:65:ac:
c7:b7:c4:98:02:fe:27:e2:48:3f:d0:be:c2:10:87:0e:fa:2b:
27:3e:39:70:85:4f:eb:6b:c6:93:2c:3e:9d:27:38:b0:ce:c7:
91:12:af:b2:6e:81:27:2d:ad:94:fa:2d:d4:22:d9:c0:b0:c5:
7c:93:f2:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKK2AdvW/viIK26URHMUJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzg5YWYwNWQyMDcxMWUwYTk0ZTg0YmY0YjQ0NzY2MzYy
YzUwODMwHhcNMjQwMTAyMTIzNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZjYTBlMTFlNjhjYzlmNzE5NDFlOWQyODU4ODEyYmFhYTk0MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr6pjXfiKacgoWh6vgFdRYbugAxT
W5xCuQyXv/DMqDmgutSzsOPYMf4XKzhwcwKbF/EvbD8h1XaK9/76U0B3uDKX5BGv
S9/y1T0d9RcHZkRO145evcFGGltNg4M6vkbN4HwQP+32g7od5ftqMvK985BuuFPY
tmhXZK2CLxhseFdkAPsc4lZ1gDeCqodEJE8cd9TwycBzo0OohVYSkBI45keEQxdt
oGd59dHDl4cmr53R/Wxn4EgGcDHCW6MIQfkUT1x+QuU6UlHN+2VNjMPy8OUpgl/7
V9G/Mtyp/npwZrwu2TFmWlzB/AirgF/BcE73Bk2CiLXboVKxdmOPc8n38wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE/8oOEeaMyfcZQenShYgSuqqUBEMB8GA1UdIwQY
MBaAFCrImvBdIHEeCpToS/S0R2Y2LFCDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NpYThGMGdjUjRLbE9oTDlMUkhaallzVUlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jOTMzMGQtNGQ0YS00NDU4LTg4OGEt
ZTM2MmE5MGVkZWMxLzEvVF95ZzRSNW96Sjl4bEI2ZEtGaUJLNnFwUUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jOTMzMGQtNGQ0YS00NDU4LTg4OGEtZTM2MmE5MGVkZWMx
LzEvS3NpYThGMGdjUjRLbE9oTDlMUkhaallzVUlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwj48MA0E
AgACMAcDBQAqDPzAMA0GCSqGSIb3DQEBCwUAA4IBAQAueIAd/7wfNQZ/1p38SkvV
XQ4mJdW3ppeJhI67amKqP8emgqIGRUHUDPgcglvz3Q0qANsNKJm+oI6gxf4oZuPw
GMGM/u6DbMk7ja8/yojagNPnKs3pqehSFYDzbWALOE7gTfjOt9BlWvAHcxZYpjkD
qQPRPyMH3AfEYVIpbl0Q7T7NTQ0j7vXyHrtcICcnp9xkx8hE/OVLR7zb7vto/IhZ
rec+BtgRmTCF/RJcmIwT7RRU6RHmWiR5HRLGWJSDqJiX2Ph5ZazHt8SYAv4n4kg/
0L7CEIcO+isnPjlwhU/ra8aTLD6dJziwzseREq+yboEnLa2U+i3UItnAsMV8k/Ie
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:50:06 2025 by rpki-client