Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/IgC03uDbEbYq2IkBg0DK0GUjbyo.roa
File: IgC03uDbEbYq2IkBg0DK0GUjbyo.roa (raw, json)
Hash identifier: OLCtebB8S3YncFMATakEQ02s+HDr2qBYj3vSryLg4vs=
Subject key identifier: 22:00:B4:DE:E0:DB:11:B6:2A:D8:89:01:83:40:CA:D0:65:23:6F:2A
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019791D680E0DA84F8F315E3D977FD6CECE9
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/IgC03uDbEbYq2IkBg0DK0GUjbyo.roa
Signing time: Sat 21 Jun 2025 09:34:03 +0000
ROA not before: Sat 21 Jun 2025 09:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.170.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Jun 2025 07:06:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:91:d6:80:e0:da:84:f8:f3:15:e3:d9:77:fd:6c:ec:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jun 21 09:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2200b4dee0db11b62ad889018340cad065236f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e2:d1:87:df:ed:09:42:dc:06:f3:20:72:ff:
36:78:39:5b:36:b7:b9:17:3b:e9:83:cc:e2:80:ef:
58:47:ae:4d:42:6e:ec:8f:89:ae:fd:64:f5:cf:8d:
a8:74:a8:db:75:0b:f5:11:a3:ed:b3:45:14:ff:a9:
08:4a:e1:f2:7c:6a:37:4d:35:97:23:94:a0:64:67:
6c:37:e2:ad:dc:70:25:f6:f0:36:a1:75:5c:45:45:
25:71:d3:8b:58:ec:93:72:c9:f9:79:87:9e:7d:b4:
8f:40:cf:44:85:03:da:e2:40:0f:38:41:62:fc:34:
4c:a8:36:6a:df:6c:27:f4:5c:86:3d:29:1b:b7:8e:
c8:23:0d:52:17:8c:eb:5b:af:ac:e6:15:52:11:5e:
ce:83:01:55:2d:21:31:87:5f:f5:96:23:05:4d:29:
fd:bc:96:5a:e3:03:67:0f:6e:cd:00:ca:9a:fc:7a:
2f:27:5e:f3:c0:5a:24:00:5c:07:0e:4a:e3:31:b9:
3a:cb:b9:fa:f9:88:82:20:37:c8:f9:ab:03:ea:ca:
12:4a:15:c1:3c:6f:24:05:bb:06:19:05:22:c1:b2:
5c:fa:57:b4:34:96:68:43:3b:f4:43:da:ac:da:4e:
55:ec:72:46:c1:1a:f4:d0:bb:98:1a:65:d3:3c:2b:
59:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:00:B4:DE:E0:DB:11:B6:2A:D8:89:01:83:40:CA:D0:65:23:6F:2A
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/IgC03uDbEbYq2IkBg0DK0GUjbyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.170.0/24
81.21.2.0-81.21.7.255
176.57.51.0/24
176.57.56.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:d7:fe:08:af:6f:18:22:fa:aa:06:76:48:25:97:6d:c3:fb:
00:8b:cc:2c:71:62:c4:df:d7:47:e6:48:ef:62:43:1d:18:79:
42:81:7f:96:e8:31:89:c4:00:f6:30:b5:5f:00:b8:a5:0e:eb:
85:01:ea:40:60:fc:ce:3a:e6:fa:f1:77:ac:ad:40:99:38:d3:
9d:c1:5a:88:1d:b5:ca:d5:b6:65:25:e6:e9:ea:e2:c2:b9:c4:
40:a5:b6:12:fe:fa:5a:4f:67:38:6c:48:6d:98:c9:1b:ae:c9:
f4:8b:6e:60:1e:c8:c6:58:f0:76:97:bb:6a:7a:aa:e7:b9:b0:
57:bd:33:ff:1d:bc:48:ca:e8:12:63:fb:cc:85:e0:e8:5d:59:
7e:9a:6a:8c:09:0e:2d:eb:9c:4a:f5:66:34:54:ab:54:a8:b5:
a8:a7:3e:c0:fa:d7:3a:89:29:67:11:3e:f9:ee:7b:f5:7f:67:
e1:5a:66:1d:41:68:ac:c9:a8:6c:e7:3b:5f:d1:39:4e:12:18:
86:88:ee:2e:68:2c:ce:8c:03:84:01:92:fe:b2:19:c6:b5:69:
80:3a:c7:f6:c8:b7:b7:2f:dc:b0:09:f3:83:0a:12:a6:fd:90:
93:06:c6:0e:7d:71:86:16:74:96:4d:d9:9d:26:e6:cb:8f:da:
a3:75:c9:95
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZeR1oDg2oT48xXj2Xf9bOzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwNjIxMDkzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjAwYjRkZWUwZGIxMWI2MmFkODg5MDE4MzQwY2FkMDY1MjM2ZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eLRh9/tCULcBvMgcv82eDlbNre5
Fzvpg8zigO9YR65NQm7sj4mu/WT1z42odKjbdQv1EaPts0UU/6kISuHyfGo3TTWX
I5SgZGdsN+Kt3HAl9vA2oXVcRUUlcdOLWOyTcsn5eYeefbSPQM9EhQPa4kAPOEFi
/DRMqDZq32wn9FyGPSkbt47IIw1SF4zrW6+s5hVSEV7OgwFVLSExh1/1liMFTSn9
vJZa4wNnD27NAMqa/HovJ17zwFokAFwHDkrjMbk6y7n6+YiCIDfI+asD6soSShXB
PG8kBbsGGQUiwbJc+le0NJZoQzv0Q9qs2k5V7HJGwRr00LuYGmXTPCtZ+wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCIAtN7g2xG2KtiJAYNAytBlI28qMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSWdDMDN1RGJFYllxMklrQmcwREswR1VqYnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAE+SKID
BAM+SKADBAA+SKowDAMEAVEVAgMEA1EVAAMEALA5MwMEALA5OAMEALA5PzANBgkq
hkiG9w0BAQsFAAOCAQEAvNf+CK9vGCL6qgZ2SCWXbcP7AIvMLHFixN/XR+ZI72JD
HRh5QoF/lugxicQA9jC1XwC4pQ7rhQHqQGD8zjrm+vF3rK1AmTjTncFaiB21ytW2
ZSXm6eriwrnEQKW2Ev76Wk9nOGxIbZjJG67J9ItuYB7Ixljwdpe7anqq57mwV70z
/x28SMroEmP7zIXg6F1ZfppqjAkOLeucSvVmNFSrVKi1qKc+wPrXOokpZxE++e57
9X9n4VpmHUForMmobOc7X9E5ThIYhojuLmgszowDhAGS/rIZxrVpgDrH9si3ty/c
sAnzgwoSpv2QkwbGDn1xhhZ0lk3ZnSbmy4/ao3XJlQ==
-----END CERTIFICATE-----
Generated at Fri Jul 4 09:43:04 2025 by rpki-client