Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/y-XlK5vh_MD0iEOpXvXxTC1_qcs.roa
File: y-XlK5vh_MD0iEOpXvXxTC1_qcs.roa (raw, json)
Hash identifier: 21D4PQ8ZE3gzDxqe3W2gS0RPTOxgF/ssScUbNyvS0J0=
Subject key identifier: CB:E5:E5:2B:9B:E1:FC:C0:F4:88:43:A9:5E:F5:F1:4C:2D:7F:A9:CB
Certificate issuer: /CN=fba0ed92ec94321dcb219d37f38d907e183244bd
Certificate serial: 018CC80165A040AC3CD0D42F2DF703AA7230
Authority key identifier: FB:A0:ED:92:EC:94:32:1D:CB:21:9D:37:F3:8D:90:7E:18:32:44:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6DtkuyUMh3LIZ03842QfhgyRL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/y-XlK5vh_MD0iEOpXvXxTC1_qcs.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26114
IP address blocks: 62.115.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:65:a0:40:ac:3c:d0:d4:2f:2d:f7:03:aa:72:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fba0ed92ec94321dcb219d37f38d907e183244bd
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbe5e52b9be1fcc0f48843a95ef5f14c2d7fa9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:65:1c:d0:30:91:db:40:75:65:12:da:09:48:
32:02:79:f8:50:08:0f:11:eb:3a:d5:fb:bd:88:67:
6b:3a:26:06:4a:e1:39:d3:c0:f3:ed:02:80:ee:89:
d6:95:4b:f4:24:4a:68:87:fa:c2:cf:2f:74:c8:d7:
25:90:72:7a:70:9a:bc:28:fb:61:80:9c:e0:67:d9:
86:2e:3c:b2:e7:ff:98:0b:56:8e:b9:2b:79:04:dd:
f8:77:86:2c:fd:e1:ad:f7:0b:99:eb:ff:a1:6e:be:
8f:26:b2:67:c9:db:b9:2e:b2:20:59:ef:52:49:a6:
37:25:98:34:71:11:f6:fd:bd:23:fc:be:f6:d0:04:
2f:7c:ce:57:79:10:0f:ef:01:49:01:f7:94:45:74:
59:d1:5b:07:aa:57:ea:96:3a:8a:cc:5a:61:20:fc:
10:6a:4a:81:13:e0:f3:45:3e:ce:bb:1a:1d:d3:77:
97:a0:fd:30:4c:7a:f6:0d:d5:0e:8f:11:ea:21:9a:
25:c5:46:11:e3:a5:08:c0:d5:3f:ef:0b:cb:2e:45:
a5:54:3e:5f:cc:30:44:80:1b:24:70:20:b8:b2:ba:
48:1f:70:9a:40:f7:22:ba:d3:3f:c0:73:f1:df:43:
2b:84:93:b2:84:b7:9f:48:27:b4:0b:42:0f:fb:6c:
a6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E5:E5:2B:9B:E1:FC:C0:F4:88:43:A9:5E:F5:F1:4C:2D:7F:A9:CB
X509v3 Authority Key Identifier:
keyid:FB:A0:ED:92:EC:94:32:1D:CB:21:9D:37:F3:8D:90:7E:18:32:44:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6DtkuyUMh3LIZ03842QfhgyRL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/y-XlK5vh_MD0iEOpXvXxTC1_qcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/1-6DtkuyUMh3LIZ03842QfhgyRL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.115.244.0/24
Signature Algorithm: sha256WithRSAEncryption
63:de:61:b4:1e:62:a6:33:dd:46:63:26:86:b1:3e:18:4b:fd:
56:26:f0:bf:32:99:72:ed:c5:60:6f:44:ea:74:8b:18:41:a4:
c4:76:ec:2a:11:6f:51:5d:53:f7:f1:15:6e:32:ef:a1:21:6c:
fd:a8:39:c9:d9:1a:7e:4f:a8:be:24:3f:a5:0e:ec:cb:cd:80:
e0:e8:9b:6c:99:d9:db:c3:32:6a:4e:95:b1:37:e4:7b:32:44:
99:23:c1:5f:dc:12:b9:32:13:b5:29:29:01:62:89:7c:87:97:
ba:08:d9:35:ad:3b:bb:f8:89:bf:f2:58:71:77:fd:0c:58:69:
df:cc:f5:f0:e1:78:5d:90:be:f5:09:4f:08:26:74:e4:a2:93:
9b:ba:3f:e8:ec:22:c8:15:16:4e:73:ee:c6:3d:f3:92:87:cf:
8a:01:03:7a:e0:62:9b:d7:08:00:25:e2:14:2d:49:f9:d1:9d:
6b:e3:81:46:31:0b:8c:57:92:a4:ab:41:07:0b:f5:cb:67:0c:
f1:a7:ea:34:9e:e9:bc:fe:94:ec:2a:6e:31:8f:dc:cd:f1:62:
0b:ab:b8:61:e9:55:15:79:cc:6b:fa:c3:ab:59:1a:99:06:40:
ad:61:b5:05:c4:99:f8:2a:0e:a1:07:b9:0c:c5:0f:81:a4:1b:
b3:1d:2c:e2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAWWgQKw80NQvLfcDqnIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYTBlZDkyZWM5NDMyMWRjYjIxOWQzN2YzOGQ5MDdlMTgz
MjQ0YmQwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmU1ZTUyYjliZTFmY2MwZjQ4ODQzYTk1ZWY1ZjE0YzJkN2ZhOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2Uc0DCR20B1ZRLaCUgyAnn4UAgP
Ees61fu9iGdrOiYGSuE508Dz7QKA7onWlUv0JEpoh/rCzy90yNclkHJ6cJq8KPth
gJzgZ9mGLjyy5/+YC1aOuSt5BN34d4Ys/eGt9wuZ6/+hbr6PJrJnydu5LrIgWe9S
SaY3JZg0cRH2/b0j/L720AQvfM5XeRAP7wFJAfeURXRZ0VsHqlfqljqKzFphIPwQ
akqBE+DzRT7Ouxod03eXoP0wTHr2DdUOjxHqIZolxUYR46UIwNU/7wvLLkWlVD5f
zDBEgBskcCC4srpIH3CaQPciutM/wHPx30MrhJOyhLefSCe0C0IP+2ymOQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMvl5Sub4fzA9IhDqV718Uwtf6nLMB8GA1UdIwQY
MBaAFPug7ZLslDIdyyGdN/ONkH4YMkS9MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS02RHRrdXlVTWgzTElaMDM4NDJRZmhneVJMMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvNTkzNDgyLWQ3NjItNDQwOS1iODUw
LTIwYzQ0YTgxZjk3Ny8xL3ktWGxLNXZoX01EMGlFT3BYdlh4VEMxX3Fjcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvNTkzNDgyLWQ3NjItNDQwOS1iODUwLTIwYzQ0YTgxZjk3
Ny8xLzEtNkR0a3V5VU1oM0xJWjAzODQyUWZoZ3lSTDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA+c/Qw
DQYJKoZIhvcNAQELBQADggEBAGPeYbQeYqYz3UZjJoaxPhhL/VYm8L8ymXLtxWBv
ROp0ixhBpMR27CoRb1FdU/fxFW4y76EhbP2oOcnZGn5PqL4kP6UO7MvNgODom2yZ
2dvDMmpOlbE35HsyRJkjwV/cErkyE7UpKQFiiXyHl7oI2TWtO7v4ib/yWHF3/QxY
ad/M9fDheF2QvvUJTwgmdOSik5u6P+jsIsgVFk5z7sY985KHz4oBA3rgYpvXCAAl
4hQtSfnRnWvjgUYxC4xXkqSrQQcL9ctnDPGn6jSe6bz+lOwqbjGP3M3xYguruGHp
VRV5zGv6w6tZGpkGQK1htQXEmfgqDqEHuQzFD4GkG7MdLOI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:16 2025 by rpki-client