Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/tDTqWI2GEE5BjC7fQ6ZFhvSiYv8.roa
File: tDTqWI2GEE5BjC7fQ6ZFhvSiYv8.roa (raw, json)
Hash identifier: x1sHvUBvy8dhGgqyszztja9QXyaSHvE1uFpFcpmIQz8=
Subject key identifier: B4:34:EA:58:8D:86:10:4E:41:8C:2E:DF:43:A6:45:86:F4:A2:62:FF
Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Certificate serial: 018E0A0DD00E04C22DF81604A24623F3BF0E
Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/tDTqWI2GEE5BjC7fQ6ZFhvSiYv8.roa
Signing time: Mon 04 Mar 2024 15:21:01 +0000
ROA not before: Mon 04 Mar 2024 15:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39432
IP address blocks: 62.220.149.0/24 maxlen: 24
62.220.150.0/24 maxlen: 24
2001:789::/32 maxlen: 32
2001:789::/48 maxlen: 48
2001:78a::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:0d:d0:0e:04:c2:2d:f8:16:04:a2:46:23:f3:bf:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Validity
Not Before: Mar 4 15:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b434ea588d86104e418c2edf43a64586f4a262ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:80:16:1d:dd:a4:72:b0:ce:cf:39:61:28:9d:
ea:2d:66:97:28:34:64:38:e7:30:aa:62:4f:c6:bc:
d7:20:d1:c2:c5:be:56:da:ad:5f:e9:d3:66:ae:17:
4e:36:a6:25:7d:fe:7c:18:d5:c8:f2:23:20:d0:b8:
03:f9:93:b5:6c:05:17:1a:a2:47:6f:84:af:5f:c0:
05:0d:9c:0e:2e:07:5e:ab:98:03:b7:df:a0:fb:ee:
4d:c5:44:06:a8:42:9a:b3:b7:77:40:61:7e:f0:8f:
38:df:da:3e:02:60:dc:07:71:b4:5a:ba:5c:67:db:
26:d5:41:fd:16:86:9e:c2:f7:eb:3e:ff:26:a9:09:
90:4d:fa:2a:49:2e:97:98:99:48:90:34:67:be:b1:
89:5f:e7:0e:fd:19:55:27:ef:0b:99:df:ec:ee:76:
2c:75:ff:bb:c8:13:90:df:5f:35:f0:8f:ac:69:aa:
5c:df:f8:a0:61:64:a5:8e:af:27:1a:3e:1d:c2:11:
fc:4a:3a:6a:53:34:ef:59:62:1e:81:51:57:01:40:
58:89:c8:12:98:60:26:e0:ae:ad:07:c1:3e:66:ef:
07:f4:4d:75:f7:31:c8:0d:47:d2:64:8a:ab:01:a7:
8c:6c:51:72:e2:5a:8c:1a:11:16:77:02:eb:52:7b:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:34:EA:58:8D:86:10:4E:41:8C:2E:DF:43:A6:45:86:F4:A2:62:FF
X509v3 Authority Key Identifier:
keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/tDTqWI2GEE5BjC7fQ6ZFhvSiYv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.149.0-62.220.150.255
IPv6:
2001:789::-2001:78a:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8a:ca:dd:43:79:9f:d8:ce:df:80:3b:cd:fb:a1:0a:dc:48:89:
ac:44:4c:4f:a8:53:63:ea:2c:0d:5f:2d:8e:0c:47:cd:9b:81:
54:6e:e9:9b:19:7f:1c:70:4a:f4:72:87:b6:0b:c6:5b:b2:e5:
87:4b:96:b7:82:1d:0f:63:ac:89:1b:8b:df:c3:c8:0d:ce:a7:
9b:bb:2e:c5:b5:17:63:0e:60:93:f0:69:4d:e3:20:de:d6:c9:
ca:b2:7a:2b:72:01:93:c0:5e:c4:56:da:6e:be:26:e7:6d:0d:
ff:02:8c:52:4c:fe:13:34:50:cc:da:20:11:69:35:36:5d:6d:
22:82:c2:08:a9:0d:1c:ce:de:d0:63:be:53:cb:b6:27:f3:4d:
26:1f:a7:44:59:89:4a:bf:95:b3:0e:78:e8:90:8b:b7:39:b1:
53:dd:05:f1:5e:22:95:84:3e:e7:da:2c:b5:17:eb:39:84:cb:
24:ee:7d:47:91:cb:22:b6:29:ff:56:b6:ad:34:97:76:15:8b:
c3:3c:cc:da:90:2c:7e:17:b7:da:43:02:4b:a4:f8:53:22:ec:
89:6a:1b:22:c8:17:21:55:88:ee:77:26:39:14:cd:07:84:24:
a4:c8:22:d8:7b:7a:00:21:07:59:72:2e:c1:21:c0:9a:3f:ad:
f9:d9:bf:34
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY4KDdAOBMIt+BYEokYj878OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZThjNzhmMTYxMzk3YWUxZGJkMGFjMzIyNTg0ZjYyZmI3
NDAwOTcwHhcNMjQwMzA0MTUyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM0ZWE1ODhkODYxMDRlNDE4YzJlZGY0M2E2NDU4NmY0YTI2MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYAWHd2kcrDOzzlhKJ3qLWaXKDRk
OOcwqmJPxrzXINHCxb5W2q1f6dNmrhdONqYlff58GNXI8iMg0LgD+ZO1bAUXGqJH
b4SvX8AFDZwOLgdeq5gDt9+g++5NxUQGqEKas7d3QGF+8I8439o+AmDcB3G0Wrpc
Z9sm1UH9FoaewvfrPv8mqQmQTfoqSS6XmJlIkDRnvrGJX+cO/RlVJ+8Lmd/s7nYs
df+7yBOQ31818I+saapc3/igYWSljq8nGj4dwhH8SjpqUzTvWWIegVFXAUBYicgS
mGAm4K6tB8E+Zu8H9E119zHIDUfSZIqrAaeMbFFy4lqMGhEWdwLrUnu/cwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLQ06liNhhBOQYwu30OmRYb0omL/MB8GA1UdIwQY
MBaAFFrox48WE5euHb0KwyJYT2L7dACXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMt
NDdiY2QzOWMzZDg2LzEvdERUcVdJMkdFRTVCakM3ZlE2WkZodlNpWXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMtNDdiY2QzOWMzZDg2
LzEvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAA+3JUD
BAA+3JYwFwQCAAIwETAPAwUAIAEHiQMGACABB4oAMA0GCSqGSIb3DQEBCwUAA4IB
AQCKyt1DeZ/Yzt+AO837oQrcSImsRExPqFNj6iwNXy2ODEfNm4FUbumbGX8ccEr0
coe2C8ZbsuWHS5a3gh0PY6yJG4vfw8gNzqebuy7FtRdjDmCT8GlN4yDe1snKsnor
cgGTwF7EVtpuvibnbQ3/AoxSTP4TNFDM2iARaTU2XW0igsIIqQ0czt7QY75Ty7Yn
800mH6dEWYlKv5WzDnjokIu3ObFT3QXxXiKVhD7n2iy1F+s5hMsk7n1Hkcsitin/
VratNJd2FYvDPMzakCx+F7faQwJLpPhTIuyJahsiyBchVYjudyY5FM0HhCSkyCLY
e3oAIQdZci7BIcCaP6352b80
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:50 2025 by rpki-client