Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/2cPwTehgxjOAQ0QzmcfB3zmbV6g.roa
File: 2cPwTehgxjOAQ0QzmcfB3zmbV6g.roa (raw, json)
Hash identifier: Uiiwp4ZGEP+Z2Q3JHEbk5wa9mxjyvTlUT79PTFwItOw=
Subject key identifier: D9:C3:F0:4D:E8:60:C6:33:80:43:44:33:99:C7:C1:DF:39:9B:57:A8
Certificate issuer: /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial: 01939D5C266E9DAE66B3BFE25B407E202216
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/2cPwTehgxjOAQ0QzmcfB3zmbV6g.roa
Signing time: Fri 06 Dec 2024 19:04:42 +0000
ROA not before: Fri 06 Dec 2024 19:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210513
IP address blocks: 62.3.56.0/24 maxlen: 24
185.65.255.0/24 maxlen: 24
2a12:100::/29 maxlen: 29
2a12:100:1a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9d:5c:26:6e:9d:ae:66:b3:bf:e2:5b:40:7e:20:22:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Validity
Not Before: Dec 6 19:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9c3f04de860c6338043443399c7c1df399b57a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:4b:ae:0e:0a:71:af:df:65:55:2a:3d:67:
05:e7:f5:d9:5b:90:06:e2:9b:9f:8a:18:07:c1:6b:
55:bf:fe:cf:b9:ff:9a:c4:13:8d:49:a8:7d:a2:3a:
47:47:84:1f:1b:54:f1:4b:51:e4:a6:0b:d3:cf:e6:
c8:36:75:3d:0a:76:0c:72:ee:5b:9a:ec:ca:46:c5:
d6:84:3e:ea:e1:b4:a8:d0:f1:a9:10:67:ba:e9:9a:
26:47:0e:87:55:03:43:10:5b:b1:a7:2d:c5:f6:3c:
b3:02:96:4e:9e:3f:90:66:b1:7e:1e:eb:2e:38:23:
42:8f:ef:88:52:99:d2:37:2c:d4:1d:52:16:98:ab:
c4:1f:27:e9:54:da:05:0b:7a:97:07:97:ac:42:95:
6d:cc:44:4c:f6:15:42:a7:28:41:c4:98:a1:52:f3:
d2:89:0b:fb:55:7e:a2:76:d6:bd:af:ea:b0:8b:37:
20:df:77:84:83:cc:87:94:ac:6d:39:12:1d:3b:68:
a6:7b:0a:74:e6:9b:65:14:b3:26:a9:3a:4a:ac:1a:
d9:6d:09:9d:1f:9b:61:7b:1a:5b:6a:56:95:dc:9e:
fd:3e:5f:8a:bc:74:c7:ca:3b:a9:bb:f0:24:93:3f:
02:c8:2d:85:ae:11:24:9a:77:67:e6:fe:ab:0e:f0:
35:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C3:F0:4D:E8:60:C6:33:80:43:44:33:99:C7:C1:DF:39:9B:57:A8
X509v3 Authority Key Identifier:
keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/2cPwTehgxjOAQ0QzmcfB3zmbV6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.56.0/24
185.65.255.0/24
IPv6:
2a12:100::/29
Signature Algorithm: sha256WithRSAEncryption
15:6a:2b:7c:6b:aa:3b:eb:17:81:ec:81:5e:65:e1:22:08:6c:
96:67:a2:e6:6d:a9:b6:50:bc:69:dc:2c:c9:f7:ca:91:01:d0:
cb:58:0c:b6:77:ea:b0:79:9e:3c:62:b4:63:c4:6d:c3:34:bc:
b5:e6:4e:ed:4c:78:c5:26:00:7e:35:bf:1a:c4:e1:cd:ff:2c:
9b:c0:80:2f:74:0a:ce:b8:b6:cc:de:fd:fa:5b:59:9b:91:78:
7f:df:62:07:b8:c5:c3:a5:b5:c8:d6:89:b5:29:aa:17:15:16:
3d:00:bc:3f:93:8b:e1:a1:55:6e:9f:07:f3:6c:05:43:fe:9f:
ab:05:d9:92:be:8f:8f:31:63:9b:55:8b:d4:f2:38:6c:e1:3b:
ea:41:24:d5:50:13:88:2a:da:be:9d:3c:28:95:1c:b5:10:24:
d7:18:1f:78:33:19:5d:fe:7c:d4:02:1b:75:eb:5f:ab:79:00:
f8:5b:12:61:d8:b2:c2:14:9b:5c:a3:1c:c7:43:19:23:17:41:
59:3f:4d:e3:e2:aa:dd:6a:39:36:64:dd:40:8f:e4:57:7c:f8:
4d:59:5e:26:53:7b:ff:f1:c6:63:b8:fc:eb:d0:54:09:06:df:
28:f7:24:3c:14:dd:55:bc:6c:3a:71:04:4c:a6:f8:df:20:f5:
9e:82:3c:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOdXCZuna5ms7/iW0B+ICIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjQxMjA2MTkwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWMzZjA0ZGU4NjBjNjMzODA0MzQ0MzM5OWM3YzFkZjM5OWI1N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTFLrg4Kca/fZVUqPWcF5/XZW5AG
4pufihgHwWtVv/7Puf+axBONSah9ojpHR4QfG1TxS1HkpgvTz+bINnU9CnYMcu5b
muzKRsXWhD7q4bSo0PGpEGe66ZomRw6HVQNDEFuxpy3F9jyzApZOnj+QZrF+Husu
OCNCj++IUpnSNyzUHVIWmKvEHyfpVNoFC3qXB5esQpVtzERM9hVCpyhBxJihUvPS
iQv7VX6idta9r+qwizcg33eEg8yHlKxtORIdO2imewp05ptlFLMmqTpKrBrZbQmd
H5thexpbalaV3J79Pl+KvHTHyjupu/Akkz8CyC2FrhEkmndn5v6rDvA1gwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNnD8E3oYMYzgENEM5nHwd85m1eoMB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEvMmNQd1RlaGd4ak9BUTBRem1jZkIzem1iVjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPgM4AwQA
uUH/MA0EAgACMAcDBQMqEgEAMA0GCSqGSIb3DQEBCwUAA4IBAQAVait8a6o76xeB
7IFeZeEiCGyWZ6Lmbam2ULxp3CzJ98qRAdDLWAy2d+qweZ48YrRjxG3DNLy15k7t
THjFJgB+Nb8axOHN/yybwIAvdArOuLbM3v36W1mbkXh/32IHuMXDpbXI1om1KaoX
FRY9ALw/k4vhoVVunwfzbAVD/p+rBdmSvo+PMWObVYvU8jhs4TvqQSTVUBOIKtq+
nTwolRy1ECTXGB94Mxld/nzUAht161+reQD4WxJh2LLCFJtcoxzHQxkjF0FZP03j
4qrdajk2ZN1Aj+RXfPhNWV4mU3v/8cZjuPzr0FQJBt8o9yQ8FN1VvGw6cQRMpvjf
IPWegjwS
-----END CERTIFICATE-----
Generated at Tue Apr 15 06:14:35 2025 by rpki-client