Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RZOtIHOpiEzc2tLiPRIOHW9--rQ.roa
File: RZOtIHOpiEzc2tLiPRIOHW9--rQ.roa (raw, json)
Hash identifier: CRR1KASADpvJzaOCrszw34FLaEnbHOYqHE+EFU704ko=
Subject key identifier: 45:93:AD:20:73:A9:88:4C:DC:DA:D2:E2:3D:12:0E:1D:6F:7E:FA:B4
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01911249FF933C4ED6F90C668F65529C3FB6
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RZOtIHOpiEzc2tLiPRIOHW9--rQ.roa
Signing time: Fri 02 Aug 2024 08:52:04 +0000
ROA not before: Fri 02 Aug 2024 08:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
62.164.240.0/20 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.96.0/20 maxlen: 24
93.119.184.0/21 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
192.200.192.0/19 maxlen: 24
195.133.202.0/23 maxlen: 24
198.145.112.0/22 maxlen: 24
212.32.96.0/20 maxlen: 24
212.32.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 23:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:49:ff:93:3c:4e:d6:f9:0c:66:8f:65:52:9c:3f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4593ad2073a9884cdcdad2e23d120e1d6f7efab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:27:43:57:8c:c9:b9:b3:a8:e2:59:ff:20:b7:
80:17:20:0b:12:b0:68:34:87:f6:75:ef:10:51:2c:
b6:ad:1b:e0:bb:3c:37:d8:21:f6:89:cc:29:1f:37:
a5:7d:e0:8f:d4:7d:ce:10:ad:07:06:7a:b5:84:6a:
dd:0b:d6:0c:85:b7:d3:f3:37:08:71:0d:ed:1f:75:
30:21:9c:0c:6a:d3:b8:73:c6:4f:dc:96:f9:e2:e3:
57:ae:a3:a8:7a:f5:81:e5:38:5f:38:84:dc:60:5d:
bc:e6:d1:b5:d3:b3:64:79:b3:7e:ed:ba:5b:cc:c3:
ee:04:4f:b4:17:8e:3a:d7:e6:b5:14:e7:8f:a5:da:
1e:c0:c6:f6:d3:64:a4:0c:8e:a6:06:2e:06:45:c3:
17:cd:2d:09:24:7f:21:b0:c2:5b:c3:28:8e:3c:cf:
80:58:b2:44:cc:5d:6b:f7:be:26:a2:0e:03:01:50:
70:c9:ef:cc:46:f0:2b:f5:08:d9:72:cb:68:25:97:
c8:c8:b4:f6:56:b4:72:ec:05:ac:8b:ba:e8:4f:30:
ab:51:64:72:5e:43:44:11:20:de:25:c4:99:f0:29:
5f:13:ac:2d:02:e6:e1:ca:b7:46:6e:06:56:04:1d:
09:e8:f0:22:5c:4b:97:f6:69:2d:14:e0:9e:55:38:
34:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:93:AD:20:73:A9:88:4C:DC:DA:D2:E2:3D:12:0E:1D:6F:7E:FA:B4
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RZOtIHOpiEzc2tLiPRIOHW9--rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/19
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.96.0/20
93.119.184.0/21
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
192.200.192.0/19
195.133.202.0/23
198.145.112.0/22
212.32.96.0/19
Signature Algorithm: sha256WithRSAEncryption
41:dd:a2:09:e9:55:c9:74:11:73:61:2e:ed:19:15:64:6c:63:
d5:20:1f:7e:7a:60:a0:79:b1:19:3e:25:0e:c2:bf:ad:de:14:
ee:3e:f4:6b:29:a4:d6:9e:a4:b8:b1:6e:24:52:4e:94:40:1d:
5d:3b:7a:8a:93:e7:4f:20:f5:c7:3a:97:dc:f9:c1:60:6d:14:
b5:79:40:e1:d1:ef:10:b0:28:3d:ce:25:48:0b:32:fd:83:bc:
4a:83:48:33:79:c5:1b:05:e1:3d:1b:f5:5b:43:70:1f:44:0a:
4e:84:8e:f6:dc:9c:54:9a:fd:26:93:f7:b8:38:c4:e6:29:6b:
3a:97:52:c7:fb:62:45:48:4c:08:c7:9b:39:7c:90:f8:46:17:
ad:9c:79:fd:4d:0c:9a:06:5e:ba:69:f7:8a:17:9a:8c:ab:c8:
7d:d2:87:43:f2:48:68:b9:19:bd:a8:95:ce:0a:8f:5c:3f:dd:
b5:2c:1c:27:71:be:bf:08:ef:ae:b5:84:0c:69:c3:bd:20:06:
c8:23:8c:89:d2:71:a0:05:f9:e3:f5:7b:a2:5b:3a:0f:3f:36:
e3:99:8d:12:53:81:4d:b8:f6:b8:b8:fd:b5:fa:fc:ab:43:45:
5b:11:5f:66:70:50:5e:17:f5:b2:21:f6:ad:27:95:fd:c4:ab:
57:68:62:f8
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZESSf+TPE7W+Qxmj2VSnD+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTkzYWQyMDczYTk4ODRjZGNkYWQyZTIzZDEyMGUxZDZmN2VmYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4idDV4zJubOo4ln/ILeAFyALErBo
NIf2de8QUSy2rRvguzw32CH2icwpHzelfeCP1H3OEK0HBnq1hGrdC9YMhbfT8zcI
cQ3tH3UwIZwMatO4c8ZP3Jb54uNXrqOoevWB5ThfOITcYF285tG107NkebN+7bpb
zMPuBE+0F4461+a1FOePpdoewMb202SkDI6mBi4GRcMXzS0JJH8hsMJbwyiOPM+A
WLJEzF1r974mog4DAVBwye/MRvAr9QjZcstoJZfIyLT2VrRy7AWsi7roTzCrUWRy
XkNEESDeJcSZ8ClfE6wtAubhyrdGbgZWBB0J6PAiXEuX9mktFOCeVTg0/wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFEWTrSBzqYhM3NrS4j0SDh1vfvq0MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUlpPdElIT3BpRXpjMnRMaVBSSU9IVzktLXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEBT6k4AME
BEIJYAMEAkJ1CDAMAwQGTd/AAwQBTd/IAwQBT4tAAwQDU47IAwQEWIdgAwQDXXe4
AwQAXmVnAwQDX7IIAwQDdDIQAwQDeX84AwQCsN4wAwQFwMjAAwQBw4XKAwQCxpFw
AwQF1CBgMA0GCSqGSIb3DQEBCwUAA4IBAQBB3aIJ6VXJdBFzYS7tGRVkbGPVIB9+
emCgebEZPiUOwr+t3hTuPvRrKaTWnqS4sW4kUk6UQB1dO3qKk+dPIPXHOpfc+cFg
bRS1eUDh0e8QsCg9ziVICzL9g7xKg0gzecUbBeE9G/VbQ3AfRApOhI723JxUmv0m
k/e4OMTmKWs6l1LH+2JFSEwIx5s5fJD4RhetnHn9TQyaBl66afeKF5qMq8h90odD
8khouRm9qJXOCo9cP921LBwncb6/CO+utYQMacO9IAbII4yJ0nGgBfnj9XuiWzoP
PzbjmY0SU4FNuPa4uP21+vyrQ0VbEV9mcFBeF/WyIfatJ5X9xKtXaGL4
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:45 2025 by rpki-client