Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/keiSZeYj3yF9x4N3yXXKMt4Qz8Q.roa
File: keiSZeYj3yF9x4N3yXXKMt4Qz8Q.roa (raw, json)
Hash identifier: oBwAabahOQmmkw7iUUGX6sECO7yMofipdsrVuYc+a+o=
Subject key identifier: 91:E8:92:65:E6:23:DF:21:7D:C7:83:77:C9:75:CA:32:DE:10:CF:C4
Certificate issuer: /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial: 0195AFB7E68D60FD7EB5F3D22201C489DE6E
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/keiSZeYj3yF9x4N3yXXKMt4Qz8Q.roa
Signing time: Wed 19 Mar 2025 18:43:39 +0000
ROA not before: Wed 19 Mar 2025 18:43:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210513
IP address blocks: 62.3.56.0/24 maxlen: 24
185.65.255.0/24 maxlen: 24
2a12:100::/29 maxlen: 29
2a12:100:19::/48 maxlen: 48
2a12:100:1a::/48 maxlen: 48
2a12:100:1c::/48 maxlen: 48
2a12:100:1d::/48 maxlen: 48
2a12:100:29::/48 maxlen: 48
2a12:100:2c::/48 maxlen: 48
2a12:100:2d::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Mar 2025 18:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:b7:e6:8d:60:fd:7e:b5:f3:d2:22:01:c4:89:de:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Validity
Not Before: Mar 19 18:43:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91e89265e623df217dc78377c975ca32de10cfc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e4:f0:8a:13:10:b5:e4:29:0f:2a:72:cd:44:
5d:a6:13:eb:be:9f:e8:2b:6d:45:8d:93:0b:15:55:
3f:07:8a:8c:36:f7:13:98:ca:a8:48:79:c7:c7:9d:
c2:57:0a:c5:bd:71:54:c5:34:50:06:cd:a5:16:f0:
b0:f7:c9:8c:30:74:d1:af:f3:ba:30:28:d7:d4:87:
92:59:7c:ee:53:92:f8:2e:cb:49:93:4b:4a:b3:2a:
96:8c:dd:92:ab:ce:92:70:38:b2:d1:76:9a:5c:ff:
d7:d1:3b:82:5e:6d:b7:d8:21:a7:ce:56:52:d3:04:
e1:c7:3a:0f:c5:cb:a6:c4:f2:56:5a:d5:50:45:f0:
78:bf:f1:db:a3:c5:5b:6a:ee:1c:48:2b:91:70:16:
cd:ba:58:63:3d:5e:0d:f7:c3:16:39:f3:e2:f3:8b:
81:25:72:91:73:34:b7:80:25:ba:b4:86:98:83:8b:
7a:51:be:f5:45:fe:10:50:6f:dd:b9:79:d4:c0:8a:
89:d0:97:87:15:44:d4:df:a5:36:c1:d9:6c:ca:4c:
e9:b2:bc:4b:f3:95:c8:62:32:1c:7e:93:cf:db:84:
48:2a:42:5f:69:63:75:fb:ce:6e:43:08:ad:ea:8a:
48:6f:ab:d9:7a:68:f6:45:20:85:20:fb:7e:9a:6a:
d5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E8:92:65:E6:23:DF:21:7D:C7:83:77:C9:75:CA:32:DE:10:CF:C4
X509v3 Authority Key Identifier:
keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/keiSZeYj3yF9x4N3yXXKMt4Qz8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.56.0/24
185.65.255.0/24
IPv6:
2a12:100::/29
Signature Algorithm: sha256WithRSAEncryption
1d:02:33:25:f4:95:e5:9d:4c:b9:85:c9:39:6f:66:85:1c:cd:
ee:9c:58:a9:72:be:24:39:b5:32:57:3b:5e:54:fa:04:1a:97:
67:7b:08:70:87:8d:03:5c:c2:3c:f0:36:7f:90:32:b2:c9:d6:
71:0e:d6:80:03:0b:fc:80:d0:87:7b:a2:b0:96:6e:47:53:b6:
d4:34:0d:01:9b:79:08:4a:ac:87:4a:d1:4a:2e:72:5f:ae:05:
93:59:4a:85:41:04:7c:db:02:23:68:f2:91:4e:ce:03:39:61:
01:7f:fc:21:60:56:b1:d6:07:bc:5d:1e:47:ae:97:97:39:7b:
d9:5a:d7:14:90:a0:4f:7d:a2:e5:f2:d7:27:90:d0:3d:bc:d3:
d6:4c:06:76:af:9e:70:6e:bf:a4:4d:42:f1:99:12:18:a5:d2:
2e:66:89:db:cb:41:af:c6:5b:eb:c8:2d:64:42:48:42:b5:c3:
72:a3:20:6d:74:f2:b3:c7:76:a0:a5:7d:da:fe:e7:ba:07:16:
8e:ed:4e:e8:33:2a:ce:8a:d3:33:d3:96:f8:32:78:4c:ae:ae:
7b:ca:ca:ea:d5:e0:c8:a7:a0:ea:2c:60:e3:bc:da:77:dc:6d:
82:aa:61:90:7f:a0:c2:58:b3:d3:cc:f7:8f:48:5b:f4:01:b7:
7d:48:13:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWvt+aNYP1+tfPSIgHEid5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjUwMzE5MTg0MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU4OTI2NWU2MjNkZjIxN2RjNzgzNzdjOTc1Y2EzMmRlMTBjZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+TwihMQteQpDypyzURdphPrvp/o
K21FjZMLFVU/B4qMNvcTmMqoSHnHx53CVwrFvXFUxTRQBs2lFvCw98mMMHTRr/O6
MCjX1IeSWXzuU5L4LstJk0tKsyqWjN2Sq86ScDiy0XaaXP/X0TuCXm232CGnzlZS
0wThxzoPxcumxPJWWtVQRfB4v/Hbo8Vbau4cSCuRcBbNulhjPV4N98MWOfPi84uB
JXKRczS3gCW6tIaYg4t6Ub71Rf4QUG/duXnUwIqJ0JeHFUTU36U2wdlsykzpsrxL
85XIYjIcfpPP24RIKkJfaWN1+85uQwit6opIb6vZemj2RSCFIPt+mmrVLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJHokmXmI98hfceDd8l1yjLeEM/EMB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEva2VpU1plWWozeUY5eDROM3lYWEtNdDRRejhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPgM4AwQA
uUH/MA0EAgACMAcDBQMqEgEAMA0GCSqGSIb3DQEBCwUAA4IBAQAdAjMl9JXlnUy5
hck5b2aFHM3unFipcr4kObUyVzteVPoEGpdnewhwh40DXMI88DZ/kDKyydZxDtaA
Awv8gNCHe6Kwlm5HU7bUNA0Bm3kISqyHStFKLnJfrgWTWUqFQQR82wIjaPKRTs4D
OWEBf/whYFax1ge8XR5HrpeXOXvZWtcUkKBPfaLl8tcnkNA9vNPWTAZ2r55wbr+k
TULxmRIYpdIuZonby0GvxlvryC1kQkhCtcNyoyBtdPKzx3agpX3a/ue6BxaO7U7o
MyrOitMz05b4MnhMrq57ysrq1eDIp6DqLGDjvNp33G2CqmGQf6DCWLPTzPePSFv0
Abd9SBOF
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:32:38 2025 by rpki-client