Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/oIaj-rjRBPFxJhvuCcfB0k-6dIw.roa
File: oIaj-rjRBPFxJhvuCcfB0k-6dIw.roa (raw, json)
Hash identifier: FwLZaA6q/pxvulKYlEvtKfc2PVDq1d2gT4POXBfz3tg=
Subject key identifier: A0:86:A3:FA:B8:D1:04:F1:71:26:1B:EE:09:C7:C1:D2:4F:BA:74:8C
Certificate issuer: /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial: 0195C452685F98C8D0B55B7271B337EDFE71
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/oIaj-rjRBPFxJhvuCcfB0k-6dIw.roa
Signing time: Sun 23 Mar 2025 18:44:49 +0000
ROA not before: Sun 23 Mar 2025 18:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210513
IP address blocks: 62.3.56.0/24 maxlen: 24
185.65.255.0/24 maxlen: 24
2a12:100::/29 maxlen: 29
2a12:100:16::/48 maxlen: 48
2a12:100:19::/48 maxlen: 48
2a12:100:1a::/48 maxlen: 48
2a12:100:1c::/48 maxlen: 48
2a12:100:1d::/48 maxlen: 48
2a12:100:26::/48 maxlen: 48
2a12:100:29::/48 maxlen: 48
2a12:100:2a::/48 maxlen: 48
2a12:100:2c::/48 maxlen: 48
2a12:100:2d::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 06 Apr 2025 11:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:52:68:5f:98:c8:d0:b5:5b:72:71:b3:37:ed:fe:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Validity
Not Before: Mar 23 18:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a086a3fab8d104f171261bee09c7c1d24fba748c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c8:ea:5b:f1:e6:a0:56:46:5a:1b:56:49:1e:
31:4a:a0:fd:a1:04:cd:78:05:4d:44:b8:1b:7c:c0:
7e:ca:44:84:25:31:5a:f4:87:f1:c5:b6:66:2f:e9:
f7:2e:de:74:41:0c:23:27:8a:78:12:40:22:1c:21:
1d:13:65:87:d0:47:de:e4:a1:58:a3:6b:5c:17:b4:
26:76:a8:d4:a3:fa:b3:1f:3d:ac:31:1b:4b:d6:6e:
9b:f7:74:5f:e0:f6:c8:53:47:1c:ed:b0:59:04:17:
7c:ea:de:c9:04:4c:4f:0b:d6:96:39:49:7e:8b:3a:
8c:f3:ff:34:d0:ab:ae:be:d6:05:7b:a9:bf:7c:5d:
b0:e4:86:ca:bd:f3:ec:34:b3:5c:eb:f6:1a:f6:8e:
4b:b2:4f:39:9b:67:10:a4:25:44:f9:25:6c:70:f1:
dd:fa:27:90:68:8d:8f:ad:76:39:5c:ac:91:91:2d:
0b:8a:8f:ca:b2:99:c0:f9:bc:a7:72:60:96:b5:5c:
d0:27:b3:3d:95:ae:90:ab:70:24:b4:c4:bc:fc:c1:
7a:7e:7c:22:32:6e:d5:f9:4e:36:09:9a:28:98:3f:
2a:17:de:69:59:c6:c6:b3:8f:1a:fe:bc:60:b9:0d:
b4:7d:8c:41:7f:85:f2:e9:92:df:fa:7f:0e:3a:0d:
6d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:86:A3:FA:B8:D1:04:F1:71:26:1B:EE:09:C7:C1:D2:4F:BA:74:8C
X509v3 Authority Key Identifier:
keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/oIaj-rjRBPFxJhvuCcfB0k-6dIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.56.0/24
185.65.255.0/24
IPv6:
2a12:100::/29
Signature Algorithm: sha256WithRSAEncryption
17:f6:10:39:9e:c2:81:b0:1b:6f:d8:43:05:0f:8c:54:77:ea:
bf:83:7e:58:ad:7c:43:3a:0e:44:c5:e0:07:39:cf:16:85:62:
0c:2c:81:15:02:35:60:b0:86:c6:0c:53:42:a4:21:b9:b8:52:
ba:65:bb:b1:8d:ec:7c:62:a7:75:27:16:d2:42:7d:f7:f9:38:
4c:62:34:f8:b3:b9:d5:60:ee:fb:9d:72:ca:08:41:e4:d3:9d:
fd:03:4c:20:65:61:b6:a0:25:5e:ca:61:f6:96:10:df:27:f3:
7b:a8:e1:f6:73:4e:cd:44:85:b1:47:af:b4:7b:81:2c:00:53:
d2:3f:9a:4b:8d:e0:6f:ab:a2:22:1c:bb:96:42:37:a9:94:bb:
8a:59:71:e0:3f:6d:9c:ee:c9:00:7b:c1:87:14:51:87:cd:f6:
49:db:49:2f:6f:ad:ee:90:6f:79:5c:99:ef:41:86:3c:01:cd:
9d:67:69:8e:43:cf:e3:ab:9b:b9:1e:cd:cc:0b:98:39:72:58:
12:17:f1:3c:f8:2e:7c:22:e1:e6:75:b4:eb:74:69:12:29:0b:
62:c4:19:16:50:9d:31:cc:f1:59:18:68:2d:97:4a:98:46:70:
ad:b6:4c:30:0d:50:ea:69:6b:42:42:bb:eb:40:eb:2d:fb:8a:
ed:10:25:a9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZXEUmhfmMjQtVtycbM37f5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjUwMzIzMTg0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg2YTNmYWI4ZDEwNGYxNzEyNjFiZWUwOWM3YzFkMjRmYmE3NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMjqW/HmoFZGWhtWSR4xSqD9oQTN
eAVNRLgbfMB+ykSEJTFa9IfxxbZmL+n3Lt50QQwjJ4p4EkAiHCEdE2WH0Efe5KFY
o2tcF7QmdqjUo/qzHz2sMRtL1m6b93Rf4PbIU0cc7bBZBBd86t7JBExPC9aWOUl+
izqM8/800KuuvtYFe6m/fF2w5IbKvfPsNLNc6/Ya9o5Lsk85m2cQpCVE+SVscPHd
+ieQaI2PrXY5XKyRkS0Lio/KspnA+byncmCWtVzQJ7M9la6Qq3AktMS8/MF6fnwi
Mm7V+U42CZoomD8qF95pWcbGs48a/rxguQ20fYxBf4Xy6ZLf+n8OOg1tRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKCGo/q40QTxcSYb7gnHwdJPunSMMB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEvb0lhai1yalJCUEZ4Smh2dUNjZkIway02ZEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPgM4AwQA
uUH/MA0EAgACMAcDBQMqEgEAMA0GCSqGSIb3DQEBCwUAA4IBAQAX9hA5nsKBsBtv
2EMFD4xUd+q/g35YrXxDOg5ExeAHOc8WhWIMLIEVAjVgsIbGDFNCpCG5uFK6Zbux
jex8Yqd1JxbSQn33+ThMYjT4s7nVYO77nXLKCEHk0539A0wgZWG2oCVeymH2lhDf
J/N7qOH2c07NRIWxR6+0e4EsAFPSP5pLjeBvq6IiHLuWQjeplLuKWXHgP22c7skA
e8GHFFGHzfZJ20kvb63ukG95XJnvQYY8Ac2dZ2mOQ8/jq5u5Hs3MC5g5clgSF/E8
+C58IuHmdbTrdGkSKQtixBkWUJ0xzPFZGGgtl0qYRnCttkwwDVDqaWtCQrvrQOst
+4rtECWp
-----END CERTIFICATE-----
Generated at Tue Apr 15 06:13:19 2025 by rpki-client