Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/2fGYsQ2p-erYJDs8qD9w62HBmjE.roa
File: 2fGYsQ2p-erYJDs8qD9w62HBmjE.roa (raw, json)
Hash identifier: t/5y8g4i31/Z9kl6zGDu1iv/a/9qXrzQCrAFOItuOXM=
Subject key identifier: D9:F1:98:B1:0D:A9:F9:EA:D8:24:3B:3C:A8:3F:70:EB:61:C1:9A:31
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019421B1A79B1699CFF7BADA22CA036220B5
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/2fGYsQ2p-erYJDs8qD9w62HBmjE.roa
Signing time: Wed 01 Jan 2025 11:47:58 +0000
ROA not before: Wed 01 Jan 2025 11:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 62.72.173.0/24 maxlen: 24
62.72.180.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
176.57.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 08:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a7:9b:16:99:cf:f7:ba:da:22:ca:03:62:20:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 11:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9f198b10da9f9ead8243b3ca83f70eb61c19a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c2:1d:d8:2d:29:97:de:a7:bf:e4:14:84:7d:
15:48:1d:f2:9f:18:5f:40:63:5e:4c:75:55:f2:60:
9b:af:4e:2b:b1:d6:49:6e:34:0d:40:c5:0c:a5:d0:
ad:a6:a6:a3:58:57:2d:43:62:30:13:35:c5:e4:f2:
1d:d3:00:fb:66:95:93:1b:75:78:0c:d6:a2:ca:8c:
fa:9f:44:e6:d7:eb:8c:9b:11:43:a9:bd:43:18:c4:
af:11:ca:14:7e:ce:9f:c3:f6:2b:85:06:33:1b:1d:
01:88:cb:96:c4:5a:ed:8e:6c:5c:82:5b:2c:49:f0:
42:f5:70:0f:8a:c8:4d:2a:16:40:ea:19:46:f9:61:
b8:4a:bc:f2:b1:6f:64:c9:52:c4:d0:be:be:db:ac:
9b:92:9a:d2:68:17:54:28:33:67:e1:92:37:c2:56:
a6:2e:8a:2d:ba:9c:de:03:61:5c:a1:a2:26:eb:79:
ac:fc:98:dc:b8:be:07:02:c2:c5:90:90:27:69:63:
42:c4:24:45:25:8a:5c:7e:2e:9e:ed:61:10:1f:ea:
2b:1f:b2:dc:97:f1:af:af:77:23:b2:ca:43:b2:3e:
cb:b5:1a:a8:9f:a0:69:1a:e2:fb:c6:80:3d:58:49:
ea:4d:4e:b9:2e:31:82:df:7e:8e:e5:1e:e7:4f:72:
3e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F1:98:B1:0D:A9:F9:EA:D8:24:3B:3C:A8:3F:70:EB:61:C1:9A:31
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/2fGYsQ2p-erYJDs8qD9w62HBmjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.173.0/24
62.72.180.0/24
62.72.184.0/24
176.57.53.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c5:fa:33:69:3e:44:cf:35:6f:7e:9f:82:99:0f:43:65:bf:
cd:68:72:d8:e2:dd:da:1f:d6:bb:68:ac:69:1b:79:86:31:66:
15:23:4f:ed:eb:b2:b7:8b:a8:1f:40:ea:b8:c9:24:dc:2d:31:
9d:25:58:ec:7b:43:4c:58:a3:f9:80:0d:15:a9:6e:cc:1c:f8:
ae:9d:5c:25:d7:a6:6c:76:c3:20:f6:0d:64:cf:f9:f2:33:dd:
47:b8:5a:b3:8d:a5:17:8a:bc:d7:e0:d2:56:1d:66:56:fd:ea:
e5:9b:88:46:3a:a9:95:2c:86:84:c0:5f:20:ab:8b:4d:74:f5:
9b:70:4b:d8:ee:58:48:e6:a0:c6:5c:bd:59:46:99:2f:8d:ae:
ad:90:22:5c:e8:2d:2b:bd:be:f8:f1:63:ad:21:0a:db:d6:a8:
b9:83:cb:a1:b6:de:d3:c2:5f:84:5a:79:94:b0:b0:d5:42:30:
00:89:7e:1f:7f:dd:9e:24:b7:54:df:99:3f:9d:4b:36:6a:ab:
1e:40:59:69:24:80:b6:78:ee:b8:5b:71:23:6a:ff:c1:38:a4:
85:b0:4b:4f:0a:e1:5c:38:61:d5:eb:ec:2b:d4:48:66:29:8a:
60:12:b9:1d:a7:cb:6e:38:8e:a9:ae:23:28:82:8a:55:17:6f:
63:3e:6d:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsaebFpnP97raIsoDYiC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMTAxMTE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWYxOThiMTBkYTlmOWVhZDgyNDNiM2NhODNmNzBlYjYxYzE5YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28Id2C0pl96nv+QUhH0VSB3ynxhf
QGNeTHVV8mCbr04rsdZJbjQNQMUMpdCtpqajWFctQ2IwEzXF5PId0wD7ZpWTG3V4
DNaiyoz6n0Tm1+uMmxFDqb1DGMSvEcoUfs6fw/YrhQYzGx0BiMuWxFrtjmxcglss
SfBC9XAPishNKhZA6hlG+WG4SrzysW9kyVLE0L6+26ybkprSaBdUKDNn4ZI3wlam
LootupzeA2FcoaIm63ms/JjcuL4HAsLFkJAnaWNCxCRFJYpcfi6e7WEQH+orH7Lc
l/Gvr3cjsspDsj7LtRqon6BpGuL7xoA9WEnqTU65LjGC336O5R7nT3I+xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNnxmLENqfnq2CQ7PKg/cOthwZoxMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMmZHWXNRMnAtZXJZSkRzOHFEOXc2MkhCbWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkitAwQA
Pki0AwQAPki4AwQAsDk1MA0GCSqGSIb3DQEBCwUAA4IBAQBCxfozaT5EzzVvfp+C
mQ9DZb/NaHLY4t3aH9a7aKxpG3mGMWYVI0/t67K3i6gfQOq4ySTcLTGdJVjse0NM
WKP5gA0VqW7MHPiunVwl16ZsdsMg9g1kz/nyM91HuFqzjaUXirzX4NJWHWZW/erl
m4hGOqmVLIaEwF8gq4tNdPWbcEvY7lhI5qDGXL1ZRpkvja6tkCJc6C0rvb748WOt
IQrb1qi5g8uhtt7Twl+EWnmUsLDVQjAAiX4ff92eJLdU35k/nUs2aqseQFlpJIC2
eO64W3Ejav/BOKSFsEtPCuFcOGHV6+wr1EhmKYpgErkdp8tuOI6priMogopVF29j
Pm3h
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:53 2025 by rpki-client