Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1ywMU6KU6MEhFA2AZ7zrC6WWA5o.roa
File: 1ywMU6KU6MEhFA2AZ7zrC6WWA5o.roa (raw, json)
Hash identifier: kNI2svbOSENo/TptLQprxDDiE4luJy1yLfrXzgOKQyU=
Subject key identifier: D7:2C:0C:53:A2:94:E8:C1:21:14:0D:80:67:BC:EB:0B:A5:96:03:9A
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019421B1A2982C8AE9E5508AE77E5A8BC363
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1ywMU6KU6MEhFA2AZ7zrC6WWA5o.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.168.0/24 maxlen: 24
62.72.185.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 07:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a2:98:2c:8a:e9:e5:50:8a:e7:7e:5a:8b:c3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d72c0c53a294e8c121140d8067bceb0ba596039a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f2:21:fe:9e:7c:06:c4:60:ec:25:aa:41:dc:
1e:08:10:c0:61:f3:d9:71:d0:23:71:ae:5c:7a:06:
53:c7:ab:cf:3e:80:a5:35:75:34:4a:e7:49:e5:4c:
47:bb:a0:bf:68:7f:ba:c7:c0:e3:39:12:e5:fc:d7:
bf:c1:55:e9:49:83:a2:9b:64:52:ba:0b:59:5a:47:
81:2a:dc:1c:e8:1e:2e:0d:3d:cd:21:63:da:50:9b:
c8:c4:15:4f:f2:0e:c0:80:c8:e1:55:9b:6c:7b:74:
ff:d3:06:c1:16:a5:f0:2e:09:fa:8e:bc:34:62:13:
ea:6f:86:64:89:63:11:c8:76:70:67:3d:64:67:61:
0e:e1:3b:20:75:90:6f:e9:c1:a6:80:dd:7e:d8:14:
ad:e0:83:de:00:98:72:f4:c2:ad:9e:90:d2:4b:e0:
66:a8:66:22:1b:a6:c9:2a:48:26:e9:e5:62:25:ac:
8a:9b:a2:c6:65:3e:d3:ad:dc:f0:69:f3:22:4f:85:
57:08:07:70:98:89:b8:69:6e:44:e2:47:b2:b9:68:
ea:12:19:a7:fd:a1:41:66:03:ad:f2:34:08:28:d2:
13:9f:69:41:23:89:7d:ad:12:e2:67:cd:bd:57:e4:
a4:1a:86:93:93:82:2a:a9:ea:22:c5:6d:aa:66:90:
da:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2C:0C:53:A2:94:E8:C1:21:14:0D:80:67:BC:EB:0B:A5:96:03:9A
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1ywMU6KU6MEhFA2AZ7zrC6WWA5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.168.255
62.72.185.0/24
81.21.2.0-81.21.7.255
176.57.56.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
23:91:98:82:41:6f:fd:e9:76:4f:db:0f:57:a1:c1:f0:17:ba:
76:41:f9:64:b1:c4:d2:f2:df:97:00:86:b5:37:d2:fc:e7:35:
62:d5:ee:14:f0:01:f7:23:58:5d:35:dd:1c:7a:1a:32:de:af:
3a:b8:3d:31:de:d2:b1:d5:6d:cc:16:71:fd:79:e7:19:80:32:
76:a2:d4:b7:7c:f2:4b:82:a2:e0:b4:0a:ae:89:64:29:7c:04:
57:64:73:30:a7:8f:4d:99:04:76:87:3e:00:9f:81:78:fe:c2:
aa:5b:08:43:98:5e:59:68:59:62:df:6f:9f:c3:9e:3f:a5:71:
c7:8b:0e:d2:fc:9e:cd:b5:69:7a:71:4f:f7:94:41:94:9e:79:
32:ab:58:fe:41:2a:81:40:f9:2f:80:eb:6a:2c:0b:c2:44:7a:
21:af:2c:c1:33:79:2a:db:2a:da:69:b0:20:5f:3c:2c:5a:f4:
6a:36:c3:21:b9:7f:6a:72:f4:ce:12:fb:c1:5e:57:98:d3:97:
f3:b9:f6:5b:ae:c0:f7:5a:2c:85:4b:17:c8:3c:0d:e0:23:a6:
8c:9f:32:6b:96:9e:ea:32:28:95:22:50:0d:1d:b1:83:2e:79:
4b:61:ea:48:e6:c2:83:0a:0e:13:7f:04:bd:ac:07:5e:7a:47:
6d:9e:e8:27
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQhsaKYLIrp5VCK535ai8NjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJjMGM1M2EyOTRlOGMxMjExNDBkODA2N2JjZWIwYmE1OTYwMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/Ih/p58BsRg7CWqQdweCBDAYfPZ
cdAjca5cegZTx6vPPoClNXU0SudJ5UxHu6C/aH+6x8DjORLl/Ne/wVXpSYOim2RS
ugtZWkeBKtwc6B4uDT3NIWPaUJvIxBVP8g7AgMjhVZtse3T/0wbBFqXwLgn6jrw0
YhPqb4ZkiWMRyHZwZz1kZ2EO4TsgdZBv6cGmgN1+2BSt4IPeAJhy9MKtnpDSS+Bm
qGYiG6bJKkgm6eViJayKm6LGZT7TrdzwafMiT4VXCAdwmIm4aW5E4keyuWjqEhmn
/aFBZgOt8jQIKNITn2lBI4l9rRLiZ829V+SkGoaTk4IqqeoixW2qZpDaMwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNcsDFOilOjBIRQNgGe86wullgOaMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMXl3TVU2S1U2TUVoRkEyQVo3enJDNldXQTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAA+SKgDBAA+SLkwDAMEAVEVAgMEA1EVAAMEALA5OAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAI5GYgkFv/el2T9sPV6HB8Be6dkH5ZLHE0vLflwCGtTfS/Oc1YtXu
FPAB9yNYXTXdHHoaMt6vOrg9Md7SsdVtzBZx/XnnGYAydqLUt3zyS4Ki4LQKrolk
KXwEV2RzMKePTZkEdoc+AJ+BeP7CqlsIQ5heWWhZYt9vn8OeP6Vxx4sO0vyezbVp
enFP95RBlJ55MqtY/kEqgUD5L4DraiwLwkR6Ia8swTN5Ktsq2mmwIF88LFr0ajbD
Ibl/anL0zhL7wV5XmNOX87n2W67A91oshUsXyDwN4COmjJ8ya5ae6jIolSJQDR2x
gy55S2HqSObCgwoOE38EvawHXnpHbZ7oJw==
-----END CERTIFICATE-----
Generated at Wed Mar 12 20:08:48 2025 by rpki-client