Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/FHSFoZa9JQm0gjX2W_AfRUiI1D8.roa
File: FHSFoZa9JQm0gjX2W_AfRUiI1D8.roa (raw, json)
Hash identifier: cTO0gNRd2zqA+z4C9JkGx2C2k3l4Sfb1YpSyTBP6q9g=
Subject key identifier: 14:74:85:A1:96:BD:25:09:B4:82:35:F6:5B:F0:1F:45:48:88:D4:3F
Certificate issuer: /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial: 019340DF33D2865B8B9C47DA665C90F3CB9C
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/FHSFoZa9JQm0gjX2W_AfRUiI1D8.roa
Signing time: Mon 18 Nov 2024 20:03:09 +0000
ROA not before: Mon 18 Nov 2024 20:03:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210513
IP address blocks: 62.3.56.0/24 maxlen: 24
2a12:100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Nov 2024 13:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:df:33:d2:86:5b:8b:9c:47:da:66:5c:90:f3:cb:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Validity
Not Before: Nov 18 20:03:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=147485a196bd2509b48235f65bf01f454888d43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:17:c5:f4:03:ec:30:b7:0d:2d:23:08:49:fa:
da:e9:6f:6c:c7:71:4a:5a:14:ac:bc:c1:da:7c:2e:
a1:f6:95:99:11:0b:66:bd:5c:cb:55:2d:32:f4:98:
d6:49:0f:b3:82:f8:2a:78:4b:5d:e6:60:c5:97:91:
9a:94:44:f5:10:6d:cf:4e:cd:d6:86:fa:5a:45:56:
dd:f5:81:75:4e:bb:c5:a2:03:09:95:a5:cd:ff:23:
6e:90:1a:ba:11:72:7d:6e:72:4e:96:d8:79:82:51:
cb:6b:6b:a9:4a:12:cf:31:46:a3:93:e3:86:39:97:
e2:80:2a:88:86:93:3e:78:17:66:12:68:b9:9c:3a:
6e:2e:fe:b9:cc:69:6a:49:25:51:35:87:13:51:3c:
2e:30:0a:93:a6:6e:5e:ef:8c:ea:ea:ee:4c:8a:a3:
e0:c9:4b:f0:aa:e7:9a:41:c2:b5:19:82:5a:d0:90:
b4:21:6c:88:73:dc:07:53:7d:a4:ed:97:7f:ff:6c:
2e:b5:4c:4e:e1:25:e2:4d:b8:13:51:68:c4:4d:0f:
fe:e6:cf:02:ac:8c:3c:0f:4c:f1:9f:f8:3d:86:f6:
71:2d:e7:7c:f8:fb:4b:cf:38:52:4f:68:92:66:a5:
9f:a4:c8:ee:b3:87:ff:55:25:2a:b4:23:4c:42:17:
3f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:74:85:A1:96:BD:25:09:B4:82:35:F6:5B:F0:1F:45:48:88:D4:3F
X509v3 Authority Key Identifier:
keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/FHSFoZa9JQm0gjX2W_AfRUiI1D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.56.0/24
IPv6:
2a12:100::/29
Signature Algorithm: sha256WithRSAEncryption
9d:3e:28:c0:17:a4:01:1b:a8:c8:e0:3e:2c:38:17:7b:61:b7:
d4:1d:cf:17:06:76:c2:a0:a3:e2:57:0f:b8:a7:97:49:72:08:
bd:c8:e5:ce:87:88:37:ad:fc:1a:5d:1e:fb:53:dd:ac:4a:5b:
7b:79:31:d4:41:4f:c6:16:37:fd:7a:f6:d2:0d:26:0c:43:1c:
12:36:8b:41:8d:89:48:c3:9f:ba:df:9f:f0:a0:87:52:fb:e0:
94:1c:bb:9e:12:26:3a:5d:02:5a:3e:1e:10:e8:86:19:80:95:
47:57:f5:6c:9b:92:3d:eb:bf:7d:1e:3d:c5:a2:a0:53:cf:db:
7e:db:a1:61:56:f4:87:ac:08:33:31:f2:7e:04:49:93:39:2a:
38:a8:3b:06:2f:31:d3:e0:83:d6:d9:d9:5e:a6:f4:81:51:63:
fd:7d:f9:b9:90:cd:8f:6f:49:3c:06:da:8d:8e:95:87:e0:ce:
0c:87:35:ca:44:03:40:be:a4:39:17:19:c4:d7:8d:93:11:d8:
46:ce:c6:96:69:82:b5:32:6f:dd:30:1b:f3:00:4a:b3:74:ce:
4a:e2:58:f9:28:b3:71:b8:d2:12:67:48:ba:77:1e:65:a0:b6:
8a:f7:eb:63:cd:81:3a:e7:cf:9d:7e:f2:40:cb:5b:84:b2:43:
21:b8:96:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNA3zPShluLnEfaZlyQ88ucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjQxMTE4MjAwMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDc0ODVhMTk2YmQyNTA5YjQ4MjM1ZjY1YmYwMWY0NTQ4ODhkNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhfF9APsMLcNLSMISfra6W9sx3FK
WhSsvMHafC6h9pWZEQtmvVzLVS0y9JjWSQ+zgvgqeEtd5mDFl5GalET1EG3PTs3W
hvpaRVbd9YF1TrvFogMJlaXN/yNukBq6EXJ9bnJOlth5glHLa2upShLPMUajk+OG
OZfigCqIhpM+eBdmEmi5nDpuLv65zGlqSSVRNYcTUTwuMAqTpm5e74zq6u5MiqPg
yUvwqueaQcK1GYJa0JC0IWyIc9wHU32k7Zd//2wutUxO4SXiTbgTUWjETQ/+5s8C
rIw8D0zxn/g9hvZxLed8+PtLzzhST2iSZqWfpMjus4f/VSUqtCNMQhc/vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBR0haGWvSUJtII19lvwH0VIiNQ/MB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEvRkhTRm9aYTlKUW0wZ2pYMldfQWZSVWlJMUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPgM4MA0E
AgACMAcDBQMqEgEAMA0GCSqGSIb3DQEBCwUAA4IBAQCdPijAF6QBG6jI4D4sOBd7
YbfUHc8XBnbCoKPiVw+4p5dJcgi9yOXOh4g3rfwaXR77U92sSlt7eTHUQU/GFjf9
evbSDSYMQxwSNotBjYlIw5+635/woIdS++CUHLueEiY6XQJaPh4Q6IYZgJVHV/Vs
m5I96799Hj3FoqBTz9t+26FhVvSHrAgzMfJ+BEmTOSo4qDsGLzHT4IPW2dlepvSB
UWP9ffm5kM2Pb0k8BtqNjpWH4M4MhzXKRANAvqQ5FxnE142TEdhGzsaWaYK1Mm/d
MBvzAEqzdM5K4lj5KLNxuNISZ0i6dx5loLaK9+tjzYE658+dfvJAy1uEskMhuJaO
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:51:27 2025 by rpki-client