Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2_hKIqeUlU4b9oK5TWGHkctFbeA.roa
File: 2_hKIqeUlU4b9oK5TWGHkctFbeA.roa (raw, json)
Hash identifier: 2VfgfGRinzOKLCKftpHMn/EG/K/7IzVgfR0xprJx6rw=
Subject key identifier: DB:F8:4A:22:A7:94:95:4E:1B:F6:82:B9:4D:61:87:91:CB:45:6D:E0
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0193B1F0B575D878D227B89DCFB07643E39C
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2_hKIqeUlU4b9oK5TWGHkctFbeA.roa
Signing time: Tue 10 Dec 2024 18:59:22 +0000
ROA not before: Tue 10 Dec 2024 18:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56488
IP address blocks: 170.62.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:f0:b5:75:d8:78:d2:27:b8:9d:cf:b0:76:43:e3:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Dec 10 18:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbf84a22a794954e1bf682b94d618791cb456de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:85:d6:ef:f2:2b:1d:f2:d9:6a:9a:92:b4:de:
0d:83:54:34:ad:0c:f2:70:4e:26:f3:be:13:c0:12:
43:96:53:15:54:6b:a7:49:4b:8d:74:e5:21:d4:71:
65:e8:32:96:5f:aa:8c:25:75:82:50:83:11:06:69:
99:28:c3:a6:46:83:0c:69:43:99:5f:8f:49:a6:04:
e6:d3:49:0d:16:b0:1a:8b:09:a8:35:02:fb:12:08:
b4:da:95:3c:b2:5d:a9:51:4d:b7:56:fc:18:d7:17:
24:8a:b4:d8:24:e6:71:ca:40:12:94:ed:3c:30:d0:
ff:c6:8f:66:55:5b:ad:7a:20:bd:ed:89:69:dc:14:
3d:9b:b5:7a:35:81:7c:50:78:81:34:ee:b8:71:af:
3b:8e:97:a9:94:13:65:ed:77:f4:bb:95:57:e4:d4:
6c:99:b2:ff:7f:33:d0:27:4e:a1:0c:af:09:05:70:
64:5b:c2:c0:02:01:f0:61:50:2c:8a:ce:38:6d:d5:
72:75:ff:f1:c4:b7:ae:a1:66:0d:43:c5:01:90:e6:
86:c8:dd:d5:0f:40:d6:83:0f:e1:87:7b:3a:ed:5d:
1e:04:bd:99:89:30:82:30:59:fb:8f:7b:91:54:10:
a4:e1:19:c8:9b:f9:2f:42:60:f3:fd:c4:44:89:e3:
13:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F8:4A:22:A7:94:95:4E:1B:F6:82:B9:4D:61:87:91:CB:45:6D:E0
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2_hKIqeUlU4b9oK5TWGHkctFbeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.206.0/24
Signature Algorithm: sha256WithRSAEncryption
df:97:26:f6:75:98:ed:ce:80:3c:b3:b4:f7:3f:ed:ef:ea:ee:
3c:f0:ea:b8:ce:49:e1:d4:6a:b5:95:99:09:96:ec:ff:ca:73:
e4:9d:6a:89:e5:1c:23:be:7b:bd:49:74:da:5e:69:d7:a1:a1:
0a:e1:8c:df:50:bc:6e:fb:88:80:08:86:31:10:bd:fe:69:66:
3c:d1:e0:0a:95:40:38:14:9a:19:94:d8:73:f2:7c:8e:d5:3d:
50:ac:8f:ed:6a:77:e1:32:76:48:1b:f4:36:b7:2c:da:e5:a5:
d1:5b:2c:42:e4:8e:ae:aa:33:40:7b:18:02:f5:32:31:f0:74:
f5:fb:22:67:1c:00:06:c5:ff:d6:b6:27:12:a5:52:ba:2d:5d:
5b:04:8c:33:5b:20:0c:e7:35:24:46:a6:e9:36:29:99:ff:af:
26:39:37:b2:43:e7:30:bc:e3:26:51:15:f6:f1:a8:07:2f:36:
5a:7e:8b:21:c3:1c:64:28:1d:ab:a5:59:08:a9:b5:1c:ce:16:
b0:44:78:99:52:87:04:42:37:f5:7b:6a:2c:54:7e:d9:b4:f5:
f2:9e:84:c1:e3:9a:93:0c:af:56:21:64:c5:ff:c4:ef:78:f6:
b3:5a:bf:9b:1c:1e:79:e2:fc:d5:a8:69:d2:39:dc:4a:d8:5c:
b3:5a:b9:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOx8LV12HjSJ7idz7B2Q+OcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMjEwMTg1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY4NGEyMmE3OTQ5NTRlMWJmNjgyYjk0ZDYxODc5MWNiNDU2ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIXW7/IrHfLZapqStN4Ng1Q0rQzy
cE4m874TwBJDllMVVGunSUuNdOUh1HFl6DKWX6qMJXWCUIMRBmmZKMOmRoMMaUOZ
X49JpgTm00kNFrAaiwmoNQL7Egi02pU8sl2pUU23VvwY1xckirTYJOZxykASlO08
MND/xo9mVVuteiC97Ylp3BQ9m7V6NYF8UHiBNO64ca87jpeplBNl7Xf0u5VX5NRs
mbL/fzPQJ06hDK8JBXBkW8LAAgHwYVAsis44bdVydf/xxLeuoWYNQ8UBkOaGyN3V
D0DWgw/hh3s67V0eBL2ZiTCCMFn7j3uRVBCk4RnIm/kvQmDz/cREieMTBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNv4SiKnlJVOG/aCuU1hh5HLRW3gMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMl9oS0lxZVVsVTRiOW9LNVRXR0hrY3RGYmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj7OMA0G
CSqGSIb3DQEBCwUAA4IBAQDflyb2dZjtzoA8s7T3P+3v6u488Oq4zknh1Gq1lZkJ
luz/ynPknWqJ5Rwjvnu9SXTaXmnXoaEK4YzfULxu+4iACIYxEL3+aWY80eAKlUA4
FJoZlNhz8nyO1T1QrI/tanfhMnZIG/Q2tyza5aXRWyxC5I6uqjNAexgC9TIx8HT1
+yJnHAAGxf/WticSpVK6LV1bBIwzWyAM5zUkRqbpNimZ/68mOTeyQ+cwvOMmURX2
8agHLzZafoshwxxkKB2rpVkIqbUczhawRHiZUocEQjf1e2osVH7ZtPXynoTB45qT
DK9WIWTF/8TvePazWr+bHB554vzVqGnSOdxK2FyzWrlj
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:45 2025 by rpki-client