Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/l8K951yQLltpS_8LweQjTRdXqvQ.roa
File: l8K951yQLltpS_8LweQjTRdXqvQ.roa (raw, json)
Hash identifier: bnRaSJCUZ/ehcalwozicSkM5kriXCrKvz6NaljlVkqc=
Subject key identifier: 97:C2:BD:E7:5C:90:2E:5B:69:4B:FF:0B:C1:E4:23:4D:17:57:AA:F4
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019421B1A63AECC09DC2B53793A18A70C025
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/l8K951yQLltpS_8LweQjTRdXqvQ.roa
Signing time: Wed 01 Jan 2025 11:47:58 +0000
ROA not before: Wed 01 Jan 2025 11:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 62.72.191.0/24 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
176.57.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 12:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a6:3a:ec:c0:9d:c2:b5:37:93:a1:8a:70:c0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 11:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97c2bde75c902e5b694bff0bc1e4234d1757aaf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:b9:ad:4f:7d:40:59:fd:d3:35:86:03:93:
ab:5e:b9:1a:7d:49:36:ef:2f:7c:0b:14:b7:16:f2:
d6:e0:d1:24:c9:f3:97:50:21:f2:49:42:e6:84:b3:
cf:5d:e9:4d:0a:ec:36:48:1a:16:b1:cc:a3:6e:7c:
3d:de:c4:86:55:7c:19:21:af:e6:de:5e:a8:0c:57:
0a:ac:2f:80:5f:d6:dd:92:78:7d:e8:ca:36:47:cc:
d2:1f:27:e1:55:32:9a:e9:ef:d4:9a:8c:bf:ac:bc:
15:dd:50:b6:4b:0f:d8:b1:0c:db:94:07:f3:79:4f:
0c:12:3b:2e:0a:4d:08:b3:6e:e8:e6:37:a7:35:6b:
46:90:8d:38:3a:c1:a6:da:5c:c5:1b:b0:47:ec:71:
be:9a:6c:73:53:38:65:1a:47:fa:27:43:fa:ad:37:
84:2c:d3:d7:87:71:7d:95:7f:b2:9a:4d:4c:6f:7c:
ca:f9:27:68:d6:67:4e:6d:3e:9a:05:6b:59:ad:02:
bd:17:71:ac:dd:1f:eb:fd:5c:c6:2a:66:2e:3c:f6:
07:68:5b:a1:19:9f:47:59:e2:a0:cc:b2:83:1d:5d:
ca:e5:37:71:8c:7c:9e:d9:04:85:b7:e0:0d:bc:2e:
8e:d3:0e:b8:33:df:b1:35:5e:74:99:04:6f:d3:cd:
94:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C2:BD:E7:5C:90:2E:5B:69:4B:FF:0B:C1:E4:23:4D:17:57:AA:F4
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/l8K951yQLltpS_8LweQjTRdXqvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.191.0/24
81.21.5.0-81.21.7.255
176.57.51.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:2c:2e:ec:a9:a7:21:bd:5c:bb:cc:67:95:9b:3f:69:5a:8f:
51:1a:dc:be:b8:42:47:e6:9a:53:47:a5:4c:d6:87:18:ed:f7:
f2:e5:72:9d:ab:b6:2e:0b:60:3c:cd:5e:9b:76:ab:c9:f6:b7:
f5:27:eb:8b:69:3f:75:d8:bd:66:d5:63:68:a6:85:25:83:ce:
6c:c9:91:82:99:01:ab:9f:0e:4e:39:45:fc:2a:1c:e4:a6:d1:
65:8d:6d:77:f2:81:00:e3:9e:1c:e7:e7:7c:d5:82:7d:3e:e2:
f4:c3:05:04:6d:94:1c:dd:7b:e7:79:dc:a3:0e:13:8e:14:1d:
39:28:b6:93:c0:fe:f9:19:df:ad:07:9d:cf:f3:5c:7b:c2:74:
02:eb:c8:7e:88:e4:58:4e:dc:d0:4f:73:b6:6c:eb:7f:76:46:
7f:f7:40:78:01:f3:51:00:d9:e7:0b:cd:62:fe:2d:a5:b0:9e:
a9:24:e9:4f:e1:12:78:b4:c7:6b:3d:ed:87:fe:4c:4b:79:e9:
c2:05:83:b6:f6:b6:ea:11:f4:34:4b:7e:30:87:ad:91:cf:68:
44:c9:84:98:fa:9a:33:a1:ee:42:a4:39:fb:46:d5:18:c1:41:
76:22:41:cf:09:91:a2:5a:04:38:9f:65:20:25:b6:f4:f0:a1:
be:59:3c:9f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQhsaY67MCdwrU3k6GKcMAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMTAxMTE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2MyYmRlNzVjOTAyZTViNjk0YmZmMGJjMWU0MjM0ZDE3NTdhYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9O5rU99QFn90zWGA5OrXrkafUk2
7y98CxS3FvLW4NEkyfOXUCHySULmhLPPXelNCuw2SBoWscyjbnw93sSGVXwZIa/m
3l6oDFcKrC+AX9bdknh96Mo2R8zSHyfhVTKa6e/Umoy/rLwV3VC2Sw/YsQzblAfz
eU8MEjsuCk0Is27o5jenNWtGkI04OsGm2lzFG7BH7HG+mmxzUzhlGkf6J0P6rTeE
LNPXh3F9lX+ymk1Mb3zK+Sdo1mdObT6aBWtZrQK9F3Gs3R/r/VzGKmYuPPYHaFuh
GZ9HWeKgzLKDHV3K5TdxjHye2QSFt+ANvC6O0w64M9+xNV50mQRv082UiwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJfCvedckC5baUv/C8HkI00XV6r0MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvbDhLOTUxeVFMbHRwU184THdlUWpUUmRYcXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAPki/MAwD
BABRFQUDBANRFQADBACwOTMwDQYJKoZIhvcNAQELBQADggEBALksLuyppyG9XLvM
Z5WbP2laj1Ea3L64QkfmmlNHpUzWhxjt9/Llcp2rti4LYDzNXpt2q8n2t/Un64tp
P3XYvWbVY2imhSWDzmzJkYKZAaufDk45RfwqHOSm0WWNbXfygQDjnhzn53zVgn0+
4vTDBQRtlBzde+d53KMOE44UHTkotpPA/vkZ360Hnc/zXHvCdALryH6I5FhO3NBP
c7Zs6392Rn/3QHgB81EA2ecLzWL+LaWwnqkk6U/hEni0x2s97Yf+TEt56cIFg7b2
tuoR9DRLfjCHrZHPaETJhJj6mjOh7kKkOftG1RjBQXYiQc8JkaJaBDifZSAltvTw
ob5ZPJ8=
-----END CERTIFICATE-----
Generated at Wed Mar 12 19:53:31 2025 by rpki-client