Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/M61ylxR2SYHym-60P4ERRcJrQOQ.roa
File: M61ylxR2SYHym-60P4ERRcJrQOQ.roa (raw, json)
Hash identifier: R/e8ORJl8hifGxtaYmejq4iDJ0aARpeM15BfFUkorzk=
Subject key identifier: 33:AD:72:97:14:76:49:81:F2:9B:EE:B4:3F:81:11:45:C2:6B:40:E4
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01914B9FA6B0108A986AF71AB4EDB1A1B6AD
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/M61ylxR2SYHym-60P4ERRcJrQOQ.roa
Signing time: Tue 13 Aug 2024 12:03:59 +0000
ROA not before: Tue 13 Aug 2024 12:03:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 62.72.173.0/24 maxlen: 24
62.72.180.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
176.57.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:9f:a6:b0:10:8a:98:6a:f7:1a:b4:ed:b1:a1:b6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Aug 13 12:03:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33ad729714764981f29beeb43f811145c26b40e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:66:09:7b:a6:09:3e:75:aa:5a:14:09:e9:
e0:4c:ad:ae:6a:14:0a:fb:f5:6f:dd:09:37:31:96:
cf:fa:61:b2:3b:cd:1c:89:05:61:3d:83:ad:5c:b2:
0c:97:cc:dc:57:9e:55:cb:aa:99:84:69:d6:3f:7f:
19:09:fb:9b:e9:93:7f:5d:97:84:73:e5:7f:a6:c6:
9a:b4:d4:90:e3:b3:cd:51:f4:34:da:59:6e:24:63:
3c:74:77:a8:5a:6f:0a:2d:b4:1d:48:eb:55:b7:55:
8e:56:61:06:2d:a1:b7:75:27:82:62:35:92:4d:1b:
f8:ad:a8:2c:95:34:7a:c3:4c:97:cb:a8:0b:ee:24:
b8:be:27:ca:4c:eb:85:d0:e2:0e:2b:7c:6d:5a:5d:
80:0d:8f:0d:29:15:82:eb:a5:30:39:13:a9:44:28:
f9:0b:c7:c0:74:c4:25:50:b8:25:01:1c:f3:2f:28:
ae:3f:80:6e:cc:8f:69:32:4c:49:19:f6:68:2c:a7:
94:4f:45:34:62:aa:6d:f5:f2:25:27:60:4b:a9:ca:
0c:26:b9:58:7b:d0:b9:0c:a5:28:68:cc:65:d6:55:
76:49:2f:2c:ce:58:81:fe:f7:b5:8d:91:9c:39:d0:
da:d6:e4:fb:ff:20:00:e6:3d:28:0b:98:e1:2c:c6:
38:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AD:72:97:14:76:49:81:F2:9B:EE:B4:3F:81:11:45:C2:6B:40:E4
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/M61ylxR2SYHym-60P4ERRcJrQOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.173.0/24
62.72.180.0/24
62.72.184.0/24
176.57.53.0/24
Signature Algorithm: sha256WithRSAEncryption
48:e2:fd:12:7c:a9:2f:f0:fe:02:7d:a7:1f:cc:7b:5f:4e:dc:
92:e0:6b:e7:89:d3:95:d0:84:55:8c:d4:88:85:82:c1:d7:f7:
72:44:ce:10:a0:6b:50:27:41:bd:91:35:8c:7d:a3:20:cc:e5:
4e:3e:54:60:48:57:1e:90:84:6f:7e:81:35:10:2a:53:cc:94:
b1:1c:5c:99:df:a9:9e:76:22:d2:a5:8f:e9:51:20:e5:54:57:
3b:2c:53:fe:54:b3:c0:3c:d9:90:ce:64:58:b9:6e:6e:35:70:
9c:b2:54:56:91:0c:60:55:8e:df:43:01:24:79:09:a8:79:02:
24:50:cb:65:1d:61:ec:de:6e:7a:5c:80:75:43:38:91:b8:49:
31:25:7f:ba:41:41:7a:44:6a:98:00:60:67:1e:99:ab:2e:df:
c7:bd:53:c4:31:a2:45:97:63:25:1c:c0:69:fa:13:63:1e:e3:
19:11:3b:88:18:1a:ba:f0:75:58:fd:ad:cb:5c:7d:40:a2:a1:
5e:6e:24:44:fd:65:08:a0:1e:82:93:b3:51:a8:9d:46:6e:b1:
20:04:03:11:51:c5:af:8f:3a:55:06:e4:21:8f:84:7c:67:93:
f7:23:a4:65:ef:89:7b:cf:e8:e6:48:ea:f1:78:14:91:2a:d1:
74:32:d2:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFLn6awEIqYavcatO2xobatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwODEzMTIwMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2FkNzI5NzE0NzY0OTgxZjI5YmVlYjQzZjgxMTE0NWMyNmI0MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqBmCXumCT51qloUCengTK2uahQK
+/Vv3Qk3MZbP+mGyO80ciQVhPYOtXLIMl8zcV55Vy6qZhGnWP38ZCfub6ZN/XZeE
c+V/psaatNSQ47PNUfQ02lluJGM8dHeoWm8KLbQdSOtVt1WOVmEGLaG3dSeCYjWS
TRv4ragslTR6w0yXy6gL7iS4vifKTOuF0OIOK3xtWl2ADY8NKRWC66UwOROpRCj5
C8fAdMQlULglARzzLyiuP4BuzI9pMkxJGfZoLKeUT0U0Yqpt9fIlJ2BLqcoMJrlY
e9C5DKUoaMxl1lV2SS8szliB/ve1jZGcOdDa1uT7/yAA5j0oC5jhLMY4nQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDOtcpcUdkmB8pvutD+BEUXCa0DkMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvTTYxeWx4UjJTWUh5bS02MFA0RVJSY0pyUU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkitAwQA
Pki0AwQAPki4AwQAsDk1MA0GCSqGSIb3DQEBCwUAA4IBAQBI4v0SfKkv8P4Cfacf
zHtfTtyS4GvnidOV0IRVjNSIhYLB1/dyRM4QoGtQJ0G9kTWMfaMgzOVOPlRgSFce
kIRvfoE1ECpTzJSxHFyZ36mediLSpY/pUSDlVFc7LFP+VLPAPNmQzmRYuW5uNXCc
slRWkQxgVY7fQwEkeQmoeQIkUMtlHWHs3m56XIB1QziRuEkxJX+6QUF6RGqYAGBn
HpmrLt/HvVPEMaJFl2MlHMBp+hNjHuMZETuIGBq68HVY/a3LXH1AoqFebiRE/WUI
oB6Ck7NRqJ1GbrEgBAMRUcWvjzpVBuQhj4R8Z5P3I6Rl74l7z+jmSOrxeBSRKtF0
MtLE
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:14 2025 by rpki-client