Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/04M0bcjTlsy74D5hukCD5Q9EUlE.roa
File: 04M0bcjTlsy74D5hukCD5Q9EUlE.roa (raw, json)
Hash identifier: h0jX6MOl6AuKvJ/XPVeO5+EV8q5BxXxZFwPIi84KlfM=
Subject key identifier: D3:83:34:6D:C8:D3:96:CC:BB:E0:3E:61:BA:40:83:E5:0F:44:52:51
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0195222E6CC1B41452384C0AB7639F4393D0
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/04M0bcjTlsy74D5hukCD5Q9EUlE.roa
Signing time: Thu 20 Feb 2025 07:07:02 +0000
ROA not before: Thu 20 Feb 2025 07:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.172.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
62.72.185.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 08:46:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:2e:6c:c1:b4:14:52:38:4c:0a:b7:63:9f:43:93:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Feb 20 07:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d383346dc8d396ccbbe03e61ba4083e50f445251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:ce:9e:29:7d:50:ba:1d:74:4b:89:08:75:
49:0b:a2:4d:dc:a1:95:39:b4:63:5d:d9:8f:08:9d:
a0:38:1e:69:1a:a9:1a:48:86:a0:d8:8a:67:09:8a:
61:bd:4a:17:b8:97:f4:80:d7:87:36:69:ba:11:53:
46:37:f6:66:35:c1:db:dc:16:04:a2:e7:d2:51:e2:
ce:9b:46:b0:46:fc:68:e1:a5:00:af:39:7a:f7:13:
02:c7:bf:b9:2e:f0:af:3c:a3:66:6a:8a:ea:91:fa:
57:c8:f9:9d:88:ad:a6:fe:5e:e8:d2:e1:cd:7e:1d:
68:c9:a7:a5:3c:49:d4:ee:af:93:a5:61:d7:29:7a:
9c:84:e7:1a:5e:5b:cb:93:6c:a2:38:5f:1f:61:77:
11:9c:a9:2d:9a:c9:d7:1a:a7:95:54:f5:75:a8:53:
24:86:d0:be:63:22:30:5d:b1:db:ad:c1:76:0f:7b:
39:0b:25:69:43:9d:6a:84:e9:7a:5c:45:ca:b7:1c:
06:9f:b6:b3:3e:05:79:0d:90:f8:9d:d0:62:d9:b9:
7c:78:50:d6:56:36:f6:16:3d:70:d6:c0:0d:54:4b:
4f:61:65:fb:e6:7e:6a:55:36:95:c8:de:2a:ff:a8:
b5:d3:17:71:84:0e:71:ea:88:78:5d:76:14:3e:bd:
fa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:83:34:6D:C8:D3:96:CC:BB:E0:3E:61:BA:40:83:E5:0F:44:52:51
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/04M0bcjTlsy74D5hukCD5Q9EUlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.172.0/24
62.72.184.0/23
62.72.191.0/24
81.21.2.0-81.21.7.255
176.57.51.0/24
176.57.56.0/23
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:4e:49:6b:95:4e:b9:fa:01:29:ef:b9:7b:98:55:04:2d:26:
cb:73:92:0a:22:d2:15:c4:7b:98:13:6d:a5:ee:53:05:81:14:
48:2d:5b:18:c4:eb:a7:b5:e3:11:32:4f:dd:76:fd:85:ae:5b:
af:79:af:45:2c:47:dc:a3:66:dd:10:41:9c:fe:60:de:ab:78:
66:e8:74:9b:e2:5e:39:df:fb:06:9e:86:b5:bc:07:61:c8:2b:
de:65:83:05:58:69:77:ca:c7:9f:25:e9:43:32:d4:4e:1d:fa:
fb:ab:04:fc:d9:76:9b:4d:67:3f:35:a3:3f:2e:22:d3:d5:53:
61:77:21:13:7c:b2:5f:7b:33:93:b3:21:bd:88:9e:4b:ae:92:
79:99:84:d5:85:8a:bc:fa:43:59:47:95:a6:c1:e8:58:d8:a6:
d4:11:8e:41:5f:d3:41:55:01:04:ce:1b:65:9d:23:14:a9:fd:
fb:f1:37:97:e7:de:ba:25:90:c3:8d:9b:5b:6a:83:5d:75:34:
84:96:fd:9a:5a:cf:7e:6c:8e:2e:b0:bb:32:95:79:30:22:59:
2f:87:bb:57:52:ce:77:1d:02:da:40:92:c3:d6:1b:9b:fd:93:
8e:6d:8a:75:f8:47:6e:63:6f:6d:a6:8b:f8:15:28:1a:d9:27:
af:6b:30:15
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZUiLmzBtBRSOEwKt2OfQ5PQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMjIwMDcwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzgzMzQ2ZGM4ZDM5NmNjYmJlMDNlNjFiYTQwODNlNTBmNDQ1MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX/Onil9ULoddEuJCHVJC6JN3KGV
ObRjXdmPCJ2gOB5pGqkaSIag2IpnCYphvUoXuJf0gNeHNmm6EVNGN/ZmNcHb3BYE
oufSUeLOm0awRvxo4aUArzl69xMCx7+5LvCvPKNmaorqkfpXyPmdiK2m/l7o0uHN
fh1oyaelPEnU7q+TpWHXKXqchOcaXlvLk2yiOF8fYXcRnKktmsnXGqeVVPV1qFMk
htC+YyIwXbHbrcF2D3s5CyVpQ51qhOl6XEXKtxwGn7azPgV5DZD4ndBi2bl8eFDW
Vjb2Fj1w1sANVEtPYWX75n5qVTaVyN4q/6i10xdxhA5x6oh4XXYUPr360QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNODNG3I05bMu+A+YbpAg+UPRFJRMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMDRNMGJjalRsc3k3NEQ1aHVrQ0Q1UTlFVWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAE+SKID
BAM+SKADBAA+SKwDBAE+SLgDBAA+SL8wDAMEAVEVAgMEA1EVAAMEALA5MwMEAbA5
OAMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEAL05Ja5VOufoBKe+5e5hVBC0my3OS
CiLSFcR7mBNtpe5TBYEUSC1bGMTrp7XjETJP3Xb9ha5br3mvRSxH3KNm3RBBnP5g
3qt4Zuh0m+JeOd/7Bp6GtbwHYcgr3mWDBVhpd8rHnyXpQzLUTh36+6sE/Nl2m01n
PzWjPy4i09VTYXchE3yyX3szk7MhvYieS66SeZmE1YWKvPpDWUeVpsHoWNim1BGO
QV/TQVUBBM4bZZ0jFKn9+/E3l+feuiWQw42bW2qDXXU0hJb9mlrPfmyOLrC7MpV5
MCJZL4e7V1LOdx0C2kCSw9Ybm/2Tjm2KdfhHbmNvbaaL+BUoGtknr2swFQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:47:15 2025 by rpki-client