Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/kZGwhDNT9-ith533FpzgF0FqlOY.roa
File: kZGwhDNT9-ith533FpzgF0FqlOY.roa (raw, json)
Hash identifier: 489cyigJf9f6ywMSixU2qi9IsYOx5X/GcsWO1l178X8=
Subject key identifier: 91:91:B0:84:33:53:F7:E8:AD:87:9D:F7:16:9C:E0:17:41:6A:94:E6
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0195416F39FD81E8E51D2FCC24EE344AC772
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/kZGwhDNT9-ith533FpzgF0FqlOY.roa
Signing time: Wed 26 Feb 2025 08:46:03 +0000
ROA not before: Wed 26 Feb 2025 08:46:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 62.72.173.0/24 maxlen: 24
62.72.180.0/24 maxlen: 24
176.57.53.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 07:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:6f:39:fd:81:e8:e5:1d:2f:cc:24:ee:34:4a:c7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Feb 26 08:46:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9191b0843353f7e8ad879df7169ce017416a94e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0c:de:a6:19:db:3f:23:61:46:af:93:c1:5a:
72:ef:f9:3a:8c:48:58:31:8c:dd:d5:a7:e6:ed:07:
4f:02:63:55:4d:3c:da:a3:b7:b2:d3:9d:eb:21:4b:
1d:c5:2c:9b:9d:96:d5:4d:51:9c:5b:0a:79:5d:44:
26:7f:76:0c:b9:35:f7:7e:a3:93:df:a5:b4:93:0e:
03:d4:b4:de:f7:96:7b:5a:1a:22:4b:e8:68:47:ac:
80:13:c8:77:e7:84:01:14:45:16:aa:e9:bb:4e:d9:
e2:fe:3f:c6:e9:2f:09:6b:28:ba:c3:58:5f:87:5b:
95:b4:80:7d:61:e2:2b:95:32:29:e1:a5:dc:2c:6a:
55:76:eb:a2:c9:76:e3:3a:b0:32:53:ca:bd:a6:e2:
bf:d0:a4:91:ae:f8:a3:fc:33:48:91:9f:bb:46:2d:
37:7c:87:73:22:1e:57:5d:ef:ce:ec:f2:df:bc:95:
f2:43:76:b7:76:1f:3d:b9:7a:23:fd:3e:d7:5e:9d:
c3:ee:e2:18:e5:df:db:01:4d:b5:18:ad:34:07:55:
ee:5b:e1:5f:9b:66:71:1c:a9:ea:18:1d:c3:96:d1:
b1:67:f9:f6:0d:6c:a8:50:71:f6:17:9a:5b:c8:7e:
8f:04:79:3d:31:7e:f3:dd:83:ff:66:22:39:31:55:
47:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:91:B0:84:33:53:F7:E8:AD:87:9D:F7:16:9C:E0:17:41:6A:94:E6
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/kZGwhDNT9-ith533FpzgF0FqlOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.173.0/24
62.72.180.0/24
176.57.53.0/24
176.57.57.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c5:a8:2d:2d:75:85:93:f9:76:f6:12:68:64:3e:e5:b6:30:
f7:b6:88:d3:c1:e9:70:d6:34:ef:83:b8:b2:91:31:1a:22:2c:
9d:7c:e0:b2:18:ea:c8:37:c0:7d:e6:5c:28:8e:3c:b6:a2:ad:
f6:ba:02:d6:c5:15:f6:3d:be:a4:93:6e:4c:51:18:2a:54:b9:
ed:bb:13:25:c0:38:fc:1b:90:3c:0e:9b:6b:f2:47:e7:45:8f:
d9:cd:cc:fb:f4:05:55:c6:6e:5d:dd:06:5b:f4:99:1e:8c:f6:
02:b4:30:98:9e:a0:7c:39:9a:2a:4d:d6:15:3a:7f:47:c4:e7:
2a:c8:78:8d:e3:a9:46:c4:8d:ac:85:64:1b:8f:04:ea:eb:7b:
43:92:56:ea:a8:dc:dc:fa:f1:94:1f:58:59:17:33:f2:30:30:
83:04:85:cd:b2:13:73:c7:2d:d6:fe:60:cb:b1:1d:d3:c1:df:
45:bb:50:96:4e:5a:cc:8b:3b:af:8a:4e:86:59:52:e7:36:96:
a6:4f:3f:04:78:35:95:f1:fb:ff:5e:97:e3:f1:b5:23:0b:c9:
48:28:a9:8b:d6:d5:6b:71:fa:c1:24:d4:5b:c3:2a:29:6b:ba:
0e:ab:3b:85:64:d4:c8:a9:5b:f8:f4:25:8a:fa:87:be:65:2d:
42:b3:f3:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVBbzn9gejlHS/MJO40SsdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMjI2MDg0NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTkxYjA4NDMzNTNmN2U4YWQ4NzlkZjcxNjljZTAxNzQxNmE5NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgzephnbPyNhRq+TwVpy7/k6jEhY
MYzd1afm7QdPAmNVTTzao7ey053rIUsdxSybnZbVTVGcWwp5XUQmf3YMuTX3fqOT
36W0kw4D1LTe95Z7WhoiS+hoR6yAE8h354QBFEUWqum7Ttni/j/G6S8Jayi6w1hf
h1uVtIB9YeIrlTIp4aXcLGpVduuiyXbjOrAyU8q9puK/0KSRrvij/DNIkZ+7Ri03
fIdzIh5XXe/O7PLfvJXyQ3a3dh89uXoj/T7XXp3D7uIY5d/bAU21GK00B1XuW+Ff
m2ZxHKnqGB3DltGxZ/n2DWyoUHH2F5pbyH6PBHk9MX7z3YP/ZiI5MVVHywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJGRsIQzU/forYed9xac4BdBapTmMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEva1pHd2hETlQ5LWl0aDUzM0ZwemdGMEZxbE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkitAwQA
Pki0AwQAsDk1AwQAsDk5MA0GCSqGSIb3DQEBCwUAA4IBAQCmxagtLXWFk/l29hJo
ZD7ltjD3tojTwelw1jTvg7iykTEaIiydfOCyGOrIN8B95lwojjy2oq32ugLWxRX2
Pb6kk25MURgqVLntuxMlwDj8G5A8Dptr8kfnRY/Zzcz79AVVxm5d3QZb9JkejPYC
tDCYnqB8OZoqTdYVOn9HxOcqyHiN46lGxI2shWQbjwTq63tDklbqqNzc+vGUH1hZ
FzPyMDCDBIXNshNzxy3W/mDLsR3Twd9Fu1CWTlrMizuvik6GWVLnNpamTz8EeDWV
8fv/Xpfj8bUjC8lIKKmL1tVrcfrBJNRbwyopa7oOqzuFZNTIqVv49CWK+oe+ZS1C
s/O1
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:25:39 2025 by rpki-client