Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/Nv57qBE76yx4x6y49GkUjLAUC6U.roa
File: Nv57qBE76yx4x6y49GkUjLAUC6U.roa (raw, json)
Hash identifier: QJMleDyq1SsgGPqIGcfalA2l/GYK2dzurHR4C0+lI9M=
Subject key identifier: 36:FE:7B:A8:11:3B:EB:2C:78:C7:AC:B8:F4:69:14:8C:B0:14:0B:A5
Certificate issuer: /CN=68d24addcc3d5b77a099a907122252a47c8f6310
Certificate serial: 018CC793337206ED6D2B3D4E5F7B4090A623
Authority key identifier: 68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/Nv57qBE76yx4x6y49GkUjLAUC6U.roa
Signing time: Tue 02 Jan 2024 00:29:22 +0000
ROA not before: Tue 02 Jan 2024 00:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1902
IP address blocks: 62.152.128.0/20 maxlen: 20
62.152.142.0/24 maxlen: 24
62.152.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:33:72:06:ed:6d:2b:3d:4e:5f:7b:40:90:a6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d24addcc3d5b77a099a907122252a47c8f6310
Validity
Not Before: Jan 2 00:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36fe7ba8113beb2c78c7acb8f469148cb0140ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:58:af:2d:db:07:92:ca:64:a3:b6:cd:17:00:
7f:e0:c6:23:01:7e:10:3b:88:dc:c9:36:98:2d:60:
91:b2:ec:6a:1a:e4:33:84:82:21:82:52:fb:82:40:
d5:66:30:23:e3:81:c9:8d:0d:d9:87:ab:8f:b4:dd:
78:ed:87:eb:0e:bd:6b:ee:39:89:14:a7:b3:a5:4f:
c0:de:e7:cd:c2:c5:a0:fb:6b:73:98:c5:fa:1c:7c:
85:87:65:ed:9e:bd:8f:85:15:56:25:8a:04:0e:30:
97:ba:d4:2e:2b:8c:98:f9:e4:18:e5:d9:3f:38:d1:
c7:53:15:c5:fa:e2:08:d2:5a:fe:02:0d:ee:f7:11:
b7:6b:46:cc:08:fa:e3:77:01:42:8f:1b:ea:32:ee:
3d:0e:b5:b3:ee:c0:be:ad:38:8d:06:35:51:ea:01:
e9:4e:7a:fd:05:34:ec:32:fd:11:60:16:fb:a7:e1:
b7:a6:48:96:b4:ab:03:29:a9:a4:06:8b:7a:15:95:
d2:63:f4:d0:19:54:02:bf:70:39:2f:ab:fb:5b:46:
2b:53:a3:2a:b9:3a:0f:50:c3:06:a1:03:d2:97:ec:
7b:32:87:31:af:a6:5a:8b:a5:db:a7:89:82:da:a0:
6e:b6:4f:b5:f0:87:94:9a:b1:57:ac:75:1f:47:b6:
16:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FE:7B:A8:11:3B:EB:2C:78:C7:AC:B8:F4:69:14:8C:B0:14:0B:A5
X509v3 Authority Key Identifier:
keyid:68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/Nv57qBE76yx4x6y49GkUjLAUC6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.152.128.0/20
Signature Algorithm: sha256WithRSAEncryption
63:c1:37:16:4e:f6:c8:ce:25:b1:8e:94:97:82:58:dd:fc:9a:
0f:85:3b:30:41:24:ee:59:a1:98:8d:8f:89:fd:b9:8d:94:ad:
22:c7:a1:e9:9e:74:71:89:1a:c5:a4:89:f8:42:a2:26:b9:9f:
9d:64:69:e6:9d:85:d9:b2:74:e9:51:5c:68:c0:50:16:ca:6a:
91:dc:8e:d5:9a:a9:53:df:cd:1b:c1:d8:ed:ee:cb:64:c2:0d:
80:f9:47:22:2b:e3:63:ea:f3:a7:38:03:cc:08:3d:51:d7:2f:
22:0a:3f:a8:8c:88:61:39:da:28:d2:32:1b:a2:fc:85:97:ed:
b7:e0:91:9e:80:d1:82:0c:32:04:3d:6a:22:84:04:95:3f:67:
80:89:50:99:db:06:8a:eb:67:cc:af:34:5f:21:01:aa:a7:4c:
54:a3:b5:a3:ea:fc:90:2a:de:bb:df:12:9b:17:8f:a8:f4:17:
95:98:c0:cb:38:e5:ac:d1:b4:97:bd:20:1e:1f:ba:0f:77:13:
33:2e:e3:f3:77:31:8d:e6:3d:49:b3:7b:03:49:ce:a5:e4:b7:
69:77:41:e2:ab:72:db:28:31:d6:35:da:d9:69:ca:bd:3e:45:
22:6a:69:38:4a:d0:fc:14:93:36:07:bb:b5:ab:8b:bc:67:e6:
e2:b6:fb:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkzNyBu1tKz1OX3tAkKYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDI0YWRkY2MzZDViNzdhMDk5YTkwNzEyMjI1MmE0N2M4
ZjYzMTAwHhcNMjQwMTAyMDAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmZlN2JhODExM2JlYjJjNzhjN2FjYjhmNDY5MTQ4Y2IwMTQwYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFivLdsHkspko7bNFwB/4MYjAX4Q
O4jcyTaYLWCRsuxqGuQzhIIhglL7gkDVZjAj44HJjQ3Zh6uPtN147YfrDr1r7jmJ
FKezpU/A3ufNwsWg+2tzmMX6HHyFh2Xtnr2PhRVWJYoEDjCXutQuK4yY+eQY5dk/
ONHHUxXF+uII0lr+Ag3u9xG3a0bMCPrjdwFCjxvqMu49DrWz7sC+rTiNBjVR6gHp
Tnr9BTTsMv0RYBb7p+G3pkiWtKsDKamkBot6FZXSY/TQGVQCv3A5L6v7W0YrU6Mq
uToPUMMGoQPSl+x7Mocxr6Zai6Xbp4mC2qButk+18IeUmrFXrHUfR7YW0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDb+e6gRO+sseMesuPRpFIywFAulMB8GA1UdIwQY
MBaAFGjSSt3MPVt3oJmpBxIiUqR8j2MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5KSzNjdzlXM2VnbWFrSEVpSlNwSHlQWXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MWE2NTUtMjczNS00OWVmLTgwZGYt
YjMxNmRiNTkzOGZmLzEvTnY1N3FCRTc2eXg0eDZ5NDlHa1VqTEFVQzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MWE2NTUtMjczNS00OWVmLTgwZGYtYjMxNmRiNTkzOGZm
LzEvYU5KSzNjdzlXM2VnbWFrSEVpSlNwSHlQWXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPpiAMA0G
CSqGSIb3DQEBCwUAA4IBAQBjwTcWTvbIziWxjpSXgljd/JoPhTswQSTuWaGYjY+J
/bmNlK0ix6HpnnRxiRrFpIn4QqImuZ+dZGnmnYXZsnTpUVxowFAWymqR3I7VmqlT
380bwdjt7stkwg2A+UciK+Nj6vOnOAPMCD1R1y8iCj+ojIhhOdoo0jIbovyFl+23
4JGegNGCDDIEPWoihASVP2eAiVCZ2waK62fMrzRfIQGqp0xUo7Wj6vyQKt673xKb
F4+o9BeVmMDLOOWs0bSXvSAeH7oPdxMzLuPzdzGN5j1Js3sDSc6l5Ldpd0Hiq3Lb
KDHWNdrZacq9PkUiamk4StD8FJM2B7u1q4u8Z+bitvvG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:49 2025 by rpki-client