Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/aRoqqKyyU05-bTp3CwlBnCxpFPg.roa
File: aRoqqKyyU05-bTp3CwlBnCxpFPg.roa (raw, json)
Hash identifier: QXGEhnDdfNr2Xqbiuc/D3jeZ2RxCHmW3uzhv+dRtlg8=
Subject key identifier: 69:1A:2A:A8:AC:B2:53:4E:7E:6D:3A:77:0B:09:41:9C:2C:69:14:F8
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 019543A1A63C95429482230E06DF7958CF40
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/aRoqqKyyU05-bTp3CwlBnCxpFPg.roa
Signing time: Wed 26 Feb 2025 19:00:22 +0000
ROA not before: Wed 26 Feb 2025 19:00:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 62.100.192.0/22 maxlen: 22
62.100.200.0/22 maxlen: 24
62.100.212.0/22 maxlen: 22
62.100.220.0/22 maxlen: 22
93.188.68.0/22 maxlen: 22
157.97.145.0/24 maxlen: 24
185.71.220.0/23 maxlen: 24
185.92.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 12:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:a1:a6:3c:95:42:94:82:23:0e:06:df:79:58:cf:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Feb 26 19:00:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=691a2aa8acb2534e7e6d3a770b09419c2c6914f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e4:30:fd:ff:bd:7d:17:0c:20:12:e6:54:3a:
71:92:2f:b6:51:c5:4f:3b:3c:22:29:2c:4a:a1:3f:
00:9e:ee:c0:f5:20:9c:8f:e1:3b:a1:56:94:cd:31:
15:46:69:20:2b:28:71:88:9d:7f:e8:f7:ec:f4:08:
1e:14:07:45:d6:d2:77:9b:8c:93:12:b1:a4:bf:3a:
0c:9b:2e:41:fa:86:bf:d6:f1:bb:f8:b3:10:bb:ce:
9a:16:ad:25:51:c8:bd:c6:98:e5:45:6a:88:4b:39:
fb:9f:25:fa:3a:93:0f:8f:5f:a3:d1:a3:8c:98:6a:
7a:93:39:2f:65:f0:91:56:23:2b:1f:ed:bc:ff:6d:
e5:c8:c1:72:3d:9c:0a:3c:e3:62:a9:46:21:9f:af:
25:15:41:88:6f:bc:3d:2d:b3:73:23:47:dd:49:1d:
01:ac:7e:41:30:2d:39:8b:cd:c9:6b:75:68:ac:6c:
09:1c:44:c7:dc:f9:40:15:04:1b:9c:0f:d8:52:ac:
85:89:7f:43:d6:7d:ef:66:31:86:f2:13:39:8b:03:
74:d7:ac:b2:ff:bc:d5:e4:e0:21:0e:a3:85:81:07:
d0:fd:f8:e0:f1:9e:4d:c0:04:c9:f7:f7:b6:11:68:
31:7d:db:35:b2:a9:5a:e8:26:3f:1c:67:64:26:cb:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1A:2A:A8:AC:B2:53:4E:7E:6D:3A:77:0B:09:41:9C:2C:69:14:F8
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/aRoqqKyyU05-bTp3CwlBnCxpFPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.192.0/22
62.100.200.0/22
62.100.212.0/22
62.100.220.0/22
93.188.68.0/22
157.97.145.0/24
185.71.220.0/23
185.92.27.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a1:8b:59:c3:fb:00:11:06:a5:90:df:4a:e0:ce:ee:20:cd:
de:40:fa:9f:ad:7b:c9:b3:a9:4a:67:3f:df:66:09:35:f4:71:
a8:78:8b:4b:ce:f1:bd:55:20:03:d7:eb:e6:e1:95:86:c9:62:
9d:cc:56:2d:0d:2d:47:b3:69:1a:4a:7a:31:7c:7f:70:54:bd:
2f:1c:ec:13:d3:bf:30:63:c4:fc:e5:a4:f2:f5:31:64:2c:71:
45:a0:49:34:b3:25:0c:2e:37:de:73:bb:31:bd:1b:42:40:20:
6b:a0:c8:19:70:39:cb:e9:70:60:48:4d:c0:51:9c:11:91:c9:
c8:ae:b5:7d:e4:ef:04:ad:ce:f6:a3:88:5c:d0:76:ca:d9:2b:
39:01:f5:cf:3f:e7:9d:48:b8:c3:e7:88:9a:00:34:8d:03:af:
2d:9e:f9:a8:95:73:4e:85:a4:2d:43:88:17:27:5c:25:f6:93:
94:13:63:84:c2:03:91:d6:92:10:35:7b:16:1d:4b:d0:04:8a:
63:89:06:b8:5b:08:e8:f5:62:ea:3e:44:80:7d:4c:f5:b6:ed:
3e:f9:e0:02:bd:0b:07:e1:a4:df:39:03:0f:c1:9d:8c:99:be:
01:44:f7:fe:e0:18:28:db:da:41:9c:4a:fe:06:7f:97:32:16:
2c:d4:59:b3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZVDoaY8lUKUgiMOBt95WM9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjUwMjI2MTkwMDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFhMmFhOGFjYjI1MzRlN2U2ZDNhNzcwYjA5NDE5YzJjNjkxNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eQw/f+9fRcMIBLmVDpxki+2UcVP
OzwiKSxKoT8Anu7A9SCcj+E7oVaUzTEVRmkgKyhxiJ1/6Pfs9AgeFAdF1tJ3m4yT
ErGkvzoMmy5B+oa/1vG7+LMQu86aFq0lUci9xpjlRWqISzn7nyX6OpMPj1+j0aOM
mGp6kzkvZfCRViMrH+28/23lyMFyPZwKPONiqUYhn68lFUGIb7w9LbNzI0fdSR0B
rH5BMC05i83Ja3VorGwJHETH3PlAFQQbnA/YUqyFiX9D1n3vZjGG8hM5iwN016yy
/7zV5OAhDqOFgQfQ/fjg8Z5NwATJ9/e2EWgxfds1sqla6CY/HGdkJss9cQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGkaKqisslNOfm06dwsJQZwsaRT4MB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvYVJvcXFLeXlVMDUtYlRwM0N3bEJuQ3hwRlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCPmTAAwQC
PmTIAwQCPmTUAwQCPmTcAwQCXbxEAwQAnWGRAwQBuUfcAwQAuVwbMA0GCSqGSIb3
DQEBCwUAA4IBAQAxoYtZw/sAEQalkN9K4M7uIM3eQPqfrXvJs6lKZz/fZgk19HGo
eItLzvG9VSAD1+vm4ZWGyWKdzFYtDS1Hs2kaSnoxfH9wVL0vHOwT078wY8T85aTy
9TFkLHFFoEk0syUMLjfec7sxvRtCQCBroMgZcDnL6XBgSE3AUZwRkcnIrrV95O8E
rc72o4hc0HbK2Ss5AfXPP+edSLjD54iaADSNA68tnvmolXNOhaQtQ4gXJ1wl9pOU
E2OEwgOR1pIQNXsWHUvQBIpjiQa4Wwjo9WLqPkSAfUz1tu0++eACvQsH4aTfOQMP
wZ2Mmb4BRPf+4Bgo29pBnEr+Bn+XMhYs1Fmz
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:06 2025 by rpki-client