Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/hzoD6fqkk9cSTV_5bk7ujH9IqOo.roa
File: hzoD6fqkk9cSTV_5bk7ujH9IqOo.roa (raw, json)
Hash identifier: VuLm4abDutRdrlo+nkIoEYt0+wJrJKSXKnbRaKLIke8=
Subject key identifier: 87:3A:03:E9:FA:A4:93:D7:12:4D:5F:F9:6E:4E:EE:8C:7F:48:A8:EA
Certificate issuer: /CN=c088b56bd9e016f9bc521af4dc249e6d1256b1df
Certificate serial: 018CC87091CBC09D2CDB958C8488D604D572
Authority key identifier: C0:88:B5:6B:D9:E0:16:F9:BC:52:1A:F4:DC:24:9E:6D:12:56:B1:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIi1a9ngFvm8Uhr03CSebRJWsd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/hzoD6fqkk9cSTV_5bk7ujH9IqOo.roa
Signing time: Tue 02 Jan 2024 04:31:09 +0000
ROA not before: Tue 02 Jan 2024 04:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15388
IP address blocks: 185.62.64.0/22 maxlen: 22
212.77.224.0/19 maxlen: 19
2a02:2800::/32 maxlen: 32
2a02:2800::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:91:cb:c0:9d:2c:db:95:8c:84:88:d6:04:d5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c088b56bd9e016f9bc521af4dc249e6d1256b1df
Validity
Not Before: Jan 2 04:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=873a03e9faa493d7124d5ff96e4eee8c7f48a8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fc:68:6c:20:91:15:25:a1:0b:3a:4b:f0:af:
90:c4:43:ea:f7:b8:76:87:af:ef:c8:e4:2f:af:ac:
12:f1:51:42:d8:84:6e:8e:7d:e5:a7:5e:36:7d:ce:
3a:95:25:b8:2c:9a:d0:44:5f:88:12:c7:da:32:63:
83:79:25:1c:47:46:1d:3a:87:24:95:66:c0:f2:6b:
b7:3f:48:1c:15:70:95:d1:de:0d:a3:9a:4b:af:94:
65:07:74:06:61:e8:f3:00:56:18:88:ac:1b:bd:9f:
a0:d5:7d:b4:85:27:db:c2:81:22:1c:b3:98:2b:26:
44:2c:d2:2b:fd:c6:35:23:3a:6b:6a:60:8a:93:5f:
2a:a7:0d:7f:14:7a:fa:e7:50:b3:d9:36:f5:6e:82:
38:d7:2e:a0:41:f0:28:af:50:a3:0a:92:1e:ef:96:
64:71:59:04:4f:53:e5:1a:dc:2c:32:d9:3d:2f:1e:
48:ae:d6:dd:30:9d:d8:0d:7f:4a:83:d6:93:e7:c9:
61:5d:d2:4e:c5:92:7f:dc:71:ef:16:19:8e:05:c3:
fc:ff:b5:c6:e0:ad:ae:d0:ef:58:78:6d:29:d4:b2:
2d:dc:3a:6d:bb:05:55:26:8e:18:a6:2d:8d:a6:fb:
bb:b7:86:0b:83:92:f7:13:6c:d1:63:be:67:a2:48:
fd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3A:03:E9:FA:A4:93:D7:12:4D:5F:F9:6E:4E:EE:8C:7F:48:A8:EA
X509v3 Authority Key Identifier:
keyid:C0:88:B5:6B:D9:E0:16:F9:BC:52:1A:F4:DC:24:9E:6D:12:56:B1:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIi1a9ngFvm8Uhr03CSebRJWsd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/hzoD6fqkk9cSTV_5bk7ujH9IqOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/wIi1a9ngFvm8Uhr03CSebRJWsd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.64.0/22
212.77.224.0/19
IPv6:
2a02:2800::/29
Signature Algorithm: sha256WithRSAEncryption
79:a7:33:70:4b:8e:90:67:ea:4b:2c:10:1c:10:42:c5:4f:7d:
72:e4:73:0e:47:9f:58:fd:c8:fe:10:e5:69:01:3a:de:28:a9:
86:ee:9d:71:e3:92:38:99:cb:0f:cf:14:9e:70:61:7d:4f:37:
f6:39:cf:44:f4:21:eb:3d:bb:76:b4:cf:85:bc:ac:c3:4f:5a:
64:24:8d:77:a0:68:cc:54:a3:59:72:12:a9:a5:ae:b0:88:07:
ed:be:96:14:70:e6:98:75:59:23:25:5b:ad:6e:66:b4:17:bc:
90:4c:cc:eb:a2:92:90:05:ef:98:0c:c3:ec:4a:fa:f8:66:ee:
43:fc:b5:46:76:5e:08:82:ad:c9:33:cb:7e:6a:ff:05:38:a7:
e6:09:5f:66:73:c8:3e:14:68:4d:ee:dc:fc:11:d5:dd:57:ed:
76:c3:6b:ed:cf:01:bb:99:a4:d1:63:6b:0b:22:25:da:5a:b4:
bd:a6:0a:69:19:70:7f:2e:0b:b1:86:a2:09:9b:2f:b3:f5:c2:
71:aa:a7:7b:06:71:b5:7f:3c:c4:53:91:a4:5b:2c:a0:f3:21:
26:e7:a9:a9:88:86:e7:93:a9:5b:93:84:ab:9c:3e:44:16:87:
34:4d:30:14:51:cb:78:1a:78:c2:9e:e6:7b:74:2d:31:61:40:
6f:1c:f7:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIcJHLwJ0s25WMhIjWBNVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODhiNTZiZDllMDE2ZjliYzUyMWFmNGRjMjQ5ZTZkMTI1
NmIxZGYwHhcNMjQwMTAyMDQzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNhMDNlOWZhYTQ5M2Q3MTI0ZDVmZjk2ZTRlZWU4YzdmNDhhOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPxobCCRFSWhCzpL8K+QxEPq97h2
h6/vyOQvr6wS8VFC2IRujn3lp142fc46lSW4LJrQRF+IEsfaMmODeSUcR0YdOock
lWbA8mu3P0gcFXCV0d4No5pLr5RlB3QGYejzAFYYiKwbvZ+g1X20hSfbwoEiHLOY
KyZELNIr/cY1IzpramCKk18qpw1/FHr651Cz2Tb1boI41y6gQfAor1CjCpIe75Zk
cVkET1PlGtwsMtk9Lx5IrtbdMJ3YDX9Kg9aT58lhXdJOxZJ/3HHvFhmOBcP8/7XG
4K2u0O9YeG0p1LIt3DptuwVVJo4Ypi2Npvu7t4YLg5L3E2zRY75nokj9GQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIc6A+n6pJPXEk1f+W5O7ox/SKjqMB8GA1UdIwQY
MBaAFMCItWvZ4Bb5vFIa9Nwknm0SVrHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lpMWE5bmdGdm04VWhyMDNDU2ViUkpXc2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNWFjNDYtNGM1OS00YjNlLWI3MWUt
YmVjZjEyODYyNDk3LzEvaHpvRDZmcWtrOWNTVFZfNWJrN3VqSDlJcU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNWFjNDYtNGM1OS00YjNlLWI3MWUtYmVjZjEyODYyNDk3
LzEvd0lpMWE5bmdGdm04VWhyMDNDU2ViUkpXc2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuT5AAwQF
1E3gMA0EAgACMAcDBQMqAigAMA0GCSqGSIb3DQEBCwUAA4IBAQB5pzNwS46QZ+pL
LBAcEELFT31y5HMOR59Y/cj+EOVpATreKKmG7p1x45I4mcsPzxSecGF9Tzf2Oc9E
9CHrPbt2tM+FvKzDT1pkJI13oGjMVKNZchKppa6wiAftvpYUcOaYdVkjJVutbma0
F7yQTMzropKQBe+YDMPsSvr4Zu5D/LVGdl4Igq3JM8t+av8FOKfmCV9mc8g+FGhN
7tz8EdXdV+12w2vtzwG7maTRY2sLIiXaWrS9pgppGXB/LguxhqIJmy+z9cJxqqd7
BnG1fzzEU5GkWyyg8yEm56mpiIbnk6lbk4SrnD5EFoc0TTAUUct4GnjCnuZ7dC0x
YUBvHPdB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:26 2025 by rpki-client