Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/4_gX2rLl7SXp76o_KNZbWWW8gwc.roa
File: 4_gX2rLl7SXp76o_KNZbWWW8gwc.roa (raw, json)
Hash identifier: l7rwUHiuZLnhJ+azAiZGKL6+RCOg1nTU+KU16dIukIs=
Subject key identifier: E3:F8:17:DA:B2:E5:ED:25:E9:EF:AA:3F:28:D6:5B:59:65:BC:83:07
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018CC6B938E5086926CD380135613A527B7D
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/4_gX2rLl7SXp76o_KNZbWWW8gwc.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62077
IP address blocks: 62.244.233.0/24 maxlen: 24
62.244.246.0/24 maxlen: 24
62.244.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:38:e5:08:69:26:cd:38:01:35:61:3a:52:7b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f817dab2e5ed25e9efaa3f28d65b5965bc8307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6d:5d:15:1d:19:1c:15:ef:0d:76:c1:06:1a:
a1:f0:76:9e:db:43:4c:ed:7d:0c:be:11:de:53:f5:
d5:ea:31:22:17:69:95:f5:d5:ac:84:58:f7:3d:1f:
01:9c:39:e4:89:62:b0:76:de:f4:15:f8:6e:c3:ed:
a9:fd:34:43:85:31:39:7b:e0:3f:1e:2f:62:49:bf:
0a:fd:cf:ab:79:ab:c0:84:fa:54:9c:67:84:3b:61:
7f:eb:a6:94:0b:88:c1:ce:df:55:40:9a:e0:67:2f:
35:1e:4a:17:92:cd:aa:59:64:22:b8:0c:9e:ea:56:
1e:46:a7:ad:ad:d4:17:97:c5:76:2a:dd:b3:9a:fe:
ef:71:2e:67:e6:5b:db:b0:6f:83:5c:08:f1:78:2c:
f7:13:60:50:ef:22:4d:ae:a3:5f:3b:56:2e:fd:41:
88:37:4d:7e:22:43:f1:1a:15:fc:af:0d:30:e2:3d:
91:96:94:66:b6:48:a3:b7:33:40:f2:fa:1a:81:60:
2b:fd:e1:66:1e:eb:df:bc:51:0e:34:0e:9c:75:3e:
8c:69:4c:61:81:b8:07:ee:42:f3:fc:48:a4:df:6c:
19:a6:1c:7a:d3:ae:13:9c:28:45:8e:89:36:95:dd:
23:a7:10:75:07:a9:cf:5b:73:c0:6b:7b:55:4f:a9:
ff:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F8:17:DA:B2:E5:ED:25:E9:EF:AA:3F:28:D6:5B:59:65:BC:83:07
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/4_gX2rLl7SXp76o_KNZbWWW8gwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.233.0/24
62.244.246.0/24
62.244.249.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:56:56:5f:c0:33:81:d7:86:39:5f:43:11:d6:41:2a:07:f1:
1f:ab:39:e5:32:15:9e:e3:96:f8:e8:a2:ad:2a:86:93:ec:2a:
88:be:77:e9:69:0f:3d:05:c4:1b:47:7d:23:c7:6f:bf:bc:ac:
38:d6:5c:8e:31:28:2d:3a:b3:ff:f7:ac:23:7a:a4:da:c7:10:
a0:46:89:6e:ab:3a:40:fb:7e:53:a7:de:54:33:0a:ed:71:aa:
66:13:aa:62:f3:97:3d:33:37:20:b2:1a:1d:09:62:e3:06:7e:
b5:89:aa:5c:ac:fa:a3:2b:b1:07:1b:01:e9:2c:41:b1:d8:76:
3b:57:ac:cf:08:e5:4b:9c:ce:b2:7f:21:98:22:1e:a1:76:a3:
1a:61:4c:41:27:f8:81:f5:b2:ee:ef:13:7f:1b:03:28:c7:76:
4d:ce:cf:51:01:37:1d:d9:82:9f:1e:fa:e3:1a:84:2d:77:21:
9f:17:d3:3c:4e:4c:ae:9f:f0:8b:5f:49:aa:fb:10:c3:14:cf:
5a:6d:55:f3:17:5e:6b:1a:cb:bd:5c:8d:95:18:ed:87:31:c8:
6e:ec:79:f0:26:2b:3f:b4:c3:b4:24:ef:82:4e:f9:5a:9f:de:
b0:8d:07:01:b3:49:3f:09:bd:58:44:b1:08:18:f8:53:fd:89:
59:19:91:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuTjlCGkmzTgBNWE6Unt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Y4MTdkYWIyZTVlZDI1ZTllZmFhM2YyOGQ2NWI1OTY1YmM4MzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG1dFR0ZHBXvDXbBBhqh8Hae20NM
7X0MvhHeU/XV6jEiF2mV9dWshFj3PR8BnDnkiWKwdt70Ffhuw+2p/TRDhTE5e+A/
Hi9iSb8K/c+reavAhPpUnGeEO2F/66aUC4jBzt9VQJrgZy81HkoXks2qWWQiuAye
6lYeRqetrdQXl8V2Kt2zmv7vcS5n5lvbsG+DXAjxeCz3E2BQ7yJNrqNfO1Yu/UGI
N01+IkPxGhX8rw0w4j2RlpRmtkijtzNA8voagWAr/eFmHuvfvFEONA6cdT6MaUxh
gbgH7kLz/Eik32wZphx6064TnChFjok2ld0jpxB1B6nPW3PAa3tVT6n/JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOP4F9qy5e0l6e+qPyjWW1llvIMHMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvNF9nWDJyTGw3U1hwNzZvX0tOWmJXV1c4Z3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPvTpAwQA
PvT2AwQAPvT5MA0GCSqGSIb3DQEBCwUAA4IBAQCOVlZfwDOB14Y5X0MR1kEqB/Ef
qznlMhWe45b46KKtKoaT7CqIvnfpaQ89BcQbR30jx2+/vKw41lyOMSgtOrP/96wj
eqTaxxCgRoluqzpA+35Tp95UMwrtcapmE6pi85c9MzcgshodCWLjBn61iapcrPqj
K7EHGwHpLEGx2HY7V6zPCOVLnM6yfyGYIh6hdqMaYUxBJ/iB9bLu7xN/GwMox3ZN
zs9RATcd2YKfHvrjGoQtdyGfF9M8Tkyun/CLX0mq+xDDFM9abVXzF15rGsu9XI2V
GO2HMchu7HnwJis/tMO0JO+CTvlan96wjQcBs0k/Cb1YRLEIGPhT/YlZGZG+
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:58:44 2025 by rpki-client