Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/FG9xYPjSzI4AtphLiuYvf_nNzDs.roa
File: FG9xYPjSzI4AtphLiuYvf_nNzDs.roa (raw, json)
Hash identifier: O6WMoGJ1IGW5ImMlyQKZOG5ew7VPBMl6e0r3c3tiIPs=
Subject key identifier: 14:6F:71:60:F8:D2:CC:8E:00:B6:98:4B:8A:E6:2F:7F:F9:CD:CC:3B
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0195DC88873DF844C1B815E109D59A2256F3
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/FG9xYPjSzI4AtphLiuYvf_nNzDs.roa
Signing time: Fri 28 Mar 2025 11:34:49 +0000
ROA not before: Fri 28 Mar 2025 11:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60068
IP address blocks: 62.93.164.0/22 maxlen: 24
62.93.176.0/22 maxlen: 24
84.20.4.0/22 maxlen: 24
84.20.16.0/22 maxlen: 24
84.20.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 12:44:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:88:87:3d:f8:44:c1:b8:15:e1:09:d5:9a:22:56:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Mar 28 11:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=146f7160f8d2cc8e00b6984b8ae62f7ff9cdcc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:4a:bd:2e:25:34:08:04:90:f0:3f:8c:84:
de:34:5b:d0:c0:96:b4:55:c2:db:34:52:ad:a7:7e:
f7:a0:43:8c:1c:47:24:75:3e:4c:9a:74:2f:e8:ac:
ce:87:3e:19:63:71:47:d7:b6:81:6a:5d:66:0f:55:
bb:70:76:a6:30:39:f3:33:87:ff:12:a0:94:03:b8:
f3:f6:f7:41:89:be:3b:48:9f:f9:66:45:35:b1:de:
38:13:3f:94:60:54:8e:79:5c:90:4d:8e:1a:89:e4:
c5:18:ac:4c:6b:1f:e9:0e:16:a3:3f:17:d4:5c:4e:
c3:a1:3a:39:03:12:80:43:6d:c4:b1:54:6d:51:97:
6f:47:9b:7f:bb:a1:c1:4f:3c:59:a0:7a:f6:8a:d7:
1e:bd:b4:a1:95:da:34:53:01:24:6e:07:ea:06:91:
35:70:9a:37:e4:09:cd:44:c8:d9:d7:6e:92:0f:fd:
66:db:a0:91:2b:0b:d1:47:47:26:a1:7d:17:2d:d9:
8c:6d:e4:3b:56:0f:31:e5:c9:06:2b:64:ef:b1:9e:
bc:ee:11:60:28:cf:7d:a7:97:bf:a1:2b:a8:1b:cd:
e4:54:a9:d1:f0:c8:90:37:00:78:8c:5a:da:d8:af:
5c:d0:97:19:39:4d:10:aa:c6:9d:ea:0d:30:01:6a:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:6F:71:60:F8:D2:CC:8E:00:B6:98:4B:8A:E6:2F:7F:F9:CD:CC:3B
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/FG9xYPjSzI4AtphLiuYvf_nNzDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.164.0/22
62.93.176.0/22
84.20.4.0/22
84.20.16.0/22
84.20.24.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:be:3b:49:5e:80:5f:95:9d:e4:90:b5:b5:2e:98:eb:b4:65:
be:39:ad:b7:75:09:b3:32:b0:2d:48:72:ce:2f:38:d3:4c:81:
3d:75:c0:d3:8e:d7:ba:34:76:0d:64:ea:c9:3b:5e:a8:01:5b:
cf:99:1d:62:cb:0b:54:a5:50:3e:11:d0:9f:15:19:1f:16:3c:
fb:a2:c1:3e:3b:77:6c:91:2f:98:7f:8b:ca:99:a7:52:15:2e:
1d:92:43:70:37:12:63:7d:7f:4b:89:e2:50:a3:6b:8a:35:be:
c2:ef:3f:d8:e7:48:4c:2f:ac:fe:87:79:06:ea:b8:3b:45:81:
05:c5:0c:de:61:50:09:0c:42:b7:40:97:2b:e0:ec:fa:d7:2d:
74:74:84:a8:5d:7e:fa:a5:bf:ad:c1:10:21:db:95:f1:19:b5:
e1:b3:f3:3a:8a:e8:2c:c6:4a:aa:1c:b8:5d:4c:75:82:a1:2a:
c9:b8:d4:21:0b:58:4e:45:80:86:e9:13:ee:35:39:2e:ae:1b:
47:85:ac:15:ac:52:38:42:eb:74:d9:f0:bc:c9:f8:70:73:b2:
de:10:b7:3e:fc:b3:ac:7f:fc:f0:28:00:44:8b:bd:79:b0:27:
63:cd:62:89:47:e5:be:ac:6a:7c:5a:5c:c5:61:0a:41:22:fe:
3b:ff:7f:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXciIc9+ETBuBXhCdWaIlbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMzI4MTEzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDZmNzE2MGY4ZDJjYzhlMDBiNjk4NGI4YWU2MmY3ZmY5Y2RjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA1KvS4lNAgEkPA/jITeNFvQwJa0
VcLbNFKtp373oEOMHEckdT5MmnQv6KzOhz4ZY3FH17aBal1mD1W7cHamMDnzM4f/
EqCUA7jz9vdBib47SJ/5ZkU1sd44Ez+UYFSOeVyQTY4aieTFGKxMax/pDhajPxfU
XE7DoTo5AxKAQ23EsVRtUZdvR5t/u6HBTzxZoHr2itcevbShldo0UwEkbgfqBpE1
cJo35AnNRMjZ126SD/1m26CRKwvRR0cmoX0XLdmMbeQ7Vg8x5ckGK2TvsZ687hFg
KM99p5e/oSuoG83kVKnR8MiQNwB4jFra2K9c0JcZOU0Qqsad6g0wAWqhdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBRvcWD40syOALaYS4rmL3/5zcw7MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvRkc5eFlQalN6STRBdHBoTGl1WXZmX25OekRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCPl2kAwQC
Pl2wAwQCVBQEAwQCVBQQAwQCVBQYMA0GCSqGSIb3DQEBCwUAA4IBAQBbvjtJXoBf
lZ3kkLW1LpjrtGW+Oa23dQmzMrAtSHLOLzjTTIE9dcDTjte6NHYNZOrJO16oAVvP
mR1iywtUpVA+EdCfFRkfFjz7osE+O3dskS+Yf4vKmadSFS4dkkNwNxJjfX9LieJQ
o2uKNb7C7z/Y50hML6z+h3kG6rg7RYEFxQzeYVAJDEK3QJcr4Oz61y10dISoXX76
pb+twRAh25XxGbXhs/M6iugsxkqqHLhdTHWCoSrJuNQhC1hORYCG6RPuNTkurhtH
hawVrFI4Qut02fC8yfhwc7LeELc+/LOsf/zwKABEi715sCdjzWKJR+W+rGp8WlzF
YQpBIv47/3+c
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:22:23 2025 by rpki-client