Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/X3oc1JOWib-qtw6i6JAO4xQTXXg.roa
File: X3oc1JOWib-qtw6i6JAO4xQTXXg.roa (raw, json)
Hash identifier: 0C/pETFlPkYaqW6fqtr8qhcbwztb8R6AGRfVLz0Noog=
Subject key identifier: 5F:7A:1C:D4:93:96:89:BF:AA:B7:0E:A2:E8:90:0E:E3:14:13:5D:78
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 019543A1A5DC54082A2093DE57CE60717C6F
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/X3oc1JOWib-qtw6i6JAO4xQTXXg.roa
Signing time: Wed 26 Feb 2025 19:00:21 +0000
ROA not before: Wed 26 Feb 2025 19:00:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12844
IP address blocks: 62.100.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 12:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:a1:a5:dc:54:08:2a:20:93:de:57:ce:60:71:7c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Feb 26 19:00:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f7a1cd4939689bfaab70ea2e8900ee314135d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a7:5d:9c:1a:3d:d1:e1:7b:11:cd:32:09:2b:
4c:03:1d:37:f5:2a:8b:d1:e8:9f:bb:d3:bc:09:43:
c1:99:ac:32:c3:5f:32:4b:2e:ac:d6:16:35:23:81:
9b:57:79:bb:41:54:10:b4:d3:23:ad:b3:83:0d:f0:
64:3f:dc:1c:ba:da:ee:61:b6:61:d9:d7:c9:f4:91:
6c:11:9c:8a:fe:76:68:2e:43:21:b3:b9:27:2f:ed:
f8:20:7a:96:07:0a:91:e1:97:19:52:29:e9:a3:dc:
a3:c0:3a:d0:8b:56:34:95:ca:50:e0:ef:52:5b:ca:
50:1c:21:7c:b0:ce:cd:30:cd:14:86:de:ab:06:2a:
eb:36:3e:3c:84:0c:d1:e0:17:8d:5e:03:e9:4d:45:
22:e4:34:7e:3c:4a:a4:a1:c7:c6:0f:8f:52:73:e7:
32:9a:a0:bc:95:c0:b2:23:3b:f7:52:42:47:4c:d1:
60:9f:d6:21:76:89:1a:af:1c:58:11:c1:c7:ea:00:
7a:6d:65:0d:b4:de:de:6f:d0:48:23:28:00:cb:a0:
55:9b:25:d7:d7:1f:4c:be:0a:1f:38:45:77:d2:0e:
fc:4e:bc:ed:d8:1d:5c:65:fb:23:9d:b3:87:95:c1:
12:c8:e8:7c:28:6c:30:ff:c5:63:d5:cb:2c:82:d7:
7b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7A:1C:D4:93:96:89:BF:AA:B7:0E:A2:E8:90:0E:E3:14:13:5D:78
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/X3oc1JOWib-qtw6i6JAO4xQTXXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.196.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:54:fc:02:1e:ba:e0:f8:10:bc:67:5e:50:0a:36:be:a9:f4:
a0:6a:50:f5:0e:89:d4:52:ae:39:3a:ac:f2:f0:c5:1b:54:73:
c2:4b:c6:a2:2c:53:bc:02:a0:87:8f:3e:e7:49:b7:c2:c5:5f:
99:5d:e1:b8:0b:a0:76:02:e6:01:20:11:bb:5e:de:9c:6e:4a:
92:49:69:7a:7b:83:e4:13:3e:52:28:c9:f5:af:27:bd:98:2c:
12:05:fb:03:7c:a6:81:28:25:ce:1c:00:f5:b2:71:41:3d:0f:
dd:65:dc:d2:33:9f:32:41:4c:8d:31:a2:6e:03:76:7f:e6:21:
09:97:13:f8:43:eb:40:57:60:6b:29:66:0f:d9:6e:5c:b6:71:
68:7d:1c:9e:24:f6:6d:b1:90:3c:1e:b2:55:b5:1c:0e:bd:e7:
75:df:5d:f2:29:8b:48:74:03:f2:d0:79:be:66:8e:fc:e2:cf:
50:b4:89:c9:16:12:ef:cd:38:26:d3:6e:fd:61:a8:a8:57:b2:
05:88:b8:7d:13:af:24:62:29:53:fc:d0:06:67:34:cc:f3:d3:
56:b7:c5:05:62:06:61:04:b7:95:01:0c:1c:ad:db:c4:d4:a0:
d1:d8:84:c0:e3:29:a4:9b:30:34:eb:a8:f6:eb:30:cd:63:e1:
4b:40:03:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVDoaXcVAgqIJPeV85gcXxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjUwMjI2MTkwMDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdhMWNkNDkzOTY4OWJmYWFiNzBlYTJlODkwMGVlMzE0MTM1ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KddnBo90eF7Ec0yCStMAx039SqL
0eifu9O8CUPBmawyw18ySy6s1hY1I4GbV3m7QVQQtNMjrbODDfBkP9wcutruYbZh
2dfJ9JFsEZyK/nZoLkMhs7knL+34IHqWBwqR4ZcZUinpo9yjwDrQi1Y0lcpQ4O9S
W8pQHCF8sM7NMM0Uht6rBirrNj48hAzR4BeNXgPpTUUi5DR+PEqkocfGD49Sc+cy
mqC8lcCyIzv3UkJHTNFgn9YhdokarxxYEcHH6gB6bWUNtN7eb9BIIygAy6BVmyXX
1x9MvgofOEV30g78Trzt2B1cZfsjnbOHlcESyOh8KGww/8Vj1cssgtd7pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF96HNSTlom/qrcOouiQDuMUE114MB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvWDNvYzFKT1dpYi1xdHc2aTZKQU80eFFUWFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPmTEMA0G
CSqGSIb3DQEBCwUAA4IBAQA6VPwCHrrg+BC8Z15QCja+qfSgalD1DonUUq45Oqzy
8MUbVHPCS8aiLFO8AqCHjz7nSbfCxV+ZXeG4C6B2AuYBIBG7Xt6cbkqSSWl6e4Pk
Ez5SKMn1rye9mCwSBfsDfKaBKCXOHAD1snFBPQ/dZdzSM58yQUyNMaJuA3Z/5iEJ
lxP4Q+tAV2BrKWYP2W5ctnFofRyeJPZtsZA8HrJVtRwOved1313yKYtIdAPy0Hm+
Zo784s9QtInJFhLvzTgm0279YaioV7IFiLh9E68kYilT/NAGZzTM89NWt8UFYgZh
BLeVAQwcrdvE1KDR2ITA4ymkmzA066j26zDNY+FLQAMi
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:06 2025 by rpki-client