Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FWYJFHNjGTTZeS0aE_bbAzZXL9k.roa
File: FWYJFHNjGTTZeS0aE_bbAzZXL9k.roa (raw, json)
Hash identifier: nyOXOO/xXgPT03ns+1CkDLPRK6Db808C9IlxvtL4eLk=
Subject key identifier: 15:66:09:14:73:63:19:34:D9:79:2D:1A:13:F6:DB:03:36:57:2F:D9
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019468F4A7AC986666A2FB3A155D2554C44B
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FWYJFHNjGTTZeS0aE_bbAzZXL9k.roa
Signing time: Wed 15 Jan 2025 07:54:11 +0000
ROA not before: Wed 15 Jan 2025 07:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.168.0/24 maxlen: 24
62.72.185.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 12:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:f4:a7:ac:98:66:66:a2:fb:3a:15:5d:25:54:c4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 15 07:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1566091473631934d9792d1a13f6db0336572fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:33:41:ba:9c:6c:60:2e:76:93:4c:25:98:
99:df:6a:ec:8d:5a:68:08:45:24:66:af:48:e4:20:
55:b8:fc:db:04:0b:6f:8b:08:80:99:6c:22:f3:dc:
fb:4b:d7:78:f1:92:2c:a4:1c:0d:94:56:f9:25:4d:
a6:e6:05:e4:27:b2:74:2d:4a:13:8c:2a:bc:cf:86:
b6:f4:f3:c0:5b:64:64:be:54:98:c3:8c:2a:33:d6:
8d:cb:11:a8:35:71:23:6b:56:ee:ea:29:12:07:d8:
de:ec:aa:f3:80:65:60:8b:31:37:0d:41:4d:da:bb:
c1:8b:24:67:71:d2:a7:0c:04:a4:b6:b2:de:aa:c2:
91:b2:58:ec:b8:0c:04:8a:75:fa:24:48:59:f0:5b:
18:3e:ed:1d:20:01:bf:a3:17:50:83:62:ae:01:c5:
d7:07:f7:d3:98:0f:61:0d:4a:96:01:92:f2:e9:64:
0a:17:83:9d:38:5a:80:fc:91:e4:93:75:63:6e:49:
53:6f:10:17:88:4f:88:d1:98:2a:25:b1:c2:b6:99:
2b:1e:6c:c1:35:f3:0e:82:37:08:79:82:f0:99:af:
2a:a4:43:76:a1:9e:a7:37:12:a5:98:64:0a:68:ef:
4a:31:04:87:a0:11:59:20:a9:40:c9:d1:e2:d3:e2:
3f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:66:09:14:73:63:19:34:D9:79:2D:1A:13:F6:DB:03:36:57:2F:D9
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FWYJFHNjGTTZeS0aE_bbAzZXL9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.168.255
62.72.185.0/24
81.21.2.0-81.21.7.255
176.57.56.0/23
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f6:18:3f:63:d0:a1:99:74:6d:59:63:d9:4b:b5:3c:56:c4:
5c:7a:41:ee:4f:d6:b0:0e:15:07:89:a5:3c:2d:83:77:dc:bc:
15:d4:97:86:35:e0:60:0e:4d:29:21:7c:d6:f1:26:d4:d8:b6:
d7:92:e6:40:31:ed:dd:da:2c:16:a8:10:a1:49:d1:7f:fc:14:
da:7b:3b:db:d0:f8:9e:55:2e:d5:c7:20:fc:d9:0e:b2:77:22:
28:f9:f5:f5:c5:94:a9:1a:6a:81:0e:bb:24:43:68:37:10:99:
0e:73:b5:53:c1:67:4b:49:11:57:81:1f:86:69:a2:ac:4d:c0:
b7:a2:8a:da:0d:16:57:bb:24:fa:2e:3e:c8:f9:22:ce:01:77:
37:a9:05:b8:95:4f:61:98:71:5d:49:9e:1e:3d:86:f4:fa:b9:
75:f2:93:c9:f1:0e:8a:e6:4f:5e:2c:17:1f:31:23:7d:23:73:
30:83:55:f2:a2:62:5f:b9:0f:f5:7e:4f:85:c0:53:77:f0:68:
ee:38:9e:5e:2a:c0:b9:f9:fc:f8:27:00:d0:b8:6b:e7:7c:7a:
31:ab:86:0e:b9:3c:c2:67:3b:86:66:99:13:e8:12:5d:7b:ba:
66:1d:29:19:be:77:16:32:b6:8d:ce:db:1a:76:8a:df:c7:6b:
f2:d7:d3:f0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZRo9KesmGZmovs6FV0lVMRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMTE1MDc1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTY2MDkxNDczNjMxOTM0ZDk3OTJkMWExM2Y2ZGIwMzM2NTcyZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvUzQbqcbGAudpNMJZiZ32rsjVpo
CEUkZq9I5CBVuPzbBAtviwiAmWwi89z7S9d48ZIspBwNlFb5JU2m5gXkJ7J0LUoT
jCq8z4a29PPAW2RkvlSYw4wqM9aNyxGoNXEja1bu6ikSB9je7KrzgGVgizE3DUFN
2rvBiyRncdKnDASktrLeqsKRsljsuAwEinX6JEhZ8FsYPu0dIAG/oxdQg2KuAcXX
B/fTmA9hDUqWAZLy6WQKF4OdOFqA/JHkk3VjbklTbxAXiE+I0ZgqJbHCtpkrHmzB
NfMOgjcIeYLwma8qpEN2oZ6nNxKlmGQKaO9KMQSHoBFZIKlAydHi0+I/AQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBVmCRRzYxk02XktGhP22wM2Vy/ZMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRldZSkZITmpHVFRaZVMwYUVfYmJBelpYTDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAA+SKgDBAA+SLkwDAMEAVEVAgMEA1EVAAMEAbA5OAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAXvYYP2PQoZl0bVlj2Uu1PFbEXHpB7k/WsA4VB4mlPC2Dd9y8FdSX
hjXgYA5NKSF81vEm1Ni215LmQDHt3dosFqgQoUnRf/wU2ns729D4nlUu1ccg/NkO
snciKPn19cWUqRpqgQ67JENoNxCZDnO1U8FnS0kRV4EfhmmirE3At6KK2g0WV7sk
+i4+yPkizgF3N6kFuJVPYZhxXUmeHj2G9Pq5dfKTyfEOiuZPXiwXHzEjfSNzMINV
8qJiX7kP9X5PhcBTd/Bo7jieXirAufn8+CcA0Lhr53x6MauGDrk8wmc7hmaZE+gS
XXu6Zh0pGb53FjK2jc7bGnaK38dr8tfT8A==
-----END CERTIFICATE-----
Generated at Wed Mar 12 20:08:26 2025 by rpki-client