Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rHwTSkJQqP9qIYPMT_4GFY9O3F0.roa
File: rHwTSkJQqP9qIYPMT_4GFY9O3F0.roa (raw, json)
Hash identifier: 5A+onYC0AThJtPzKQjP7rST/BEI0Su1mDJdzt+0QeFQ=
Subject key identifier: AC:7C:13:4A:42:50:A8:FF:6A:21:83:CC:4F:FE:06:15:8F:4E:DC:5D
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0193636B3294A1DA257AE6FC4CD215C1C017
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rHwTSkJQqP9qIYPMT_4GFY9O3F0.roa
Signing time: Mon 25 Nov 2024 13:03:09 +0000
ROA not before: Mon 25 Nov 2024 13:03:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51088
IP address blocks: 170.62.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 15:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:6b:32:94:a1:da:25:7a:e6:fc:4c:d2:15:c1:c0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Nov 25 13:03:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac7c134a4250a8ff6a2183cc4ffe06158f4edc5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b6:8d:f5:d0:31:a5:53:bd:ee:bf:14:fd:34:
d9:0e:e5:3f:31:2c:dd:2e:b0:f2:52:31:0c:20:07:
0c:b9:c0:5b:3f:48:3e:49:9a:0d:dc:94:c7:fc:5c:
d5:c9:4c:f3:96:7c:1f:c7:c6:af:7b:3c:ac:97:81:
ec:a4:37:ef:50:0f:0b:03:69:13:e3:6a:6b:fe:a8:
bc:0a:52:cb:e3:1f:2b:b7:53:75:d5:9b:fd:62:4e:
fe:6a:5c:f3:6c:87:82:4b:0c:28:63:e8:9a:7b:f2:
52:88:da:db:cd:e1:41:76:5e:d2:00:ca:ee:04:5c:
6f:b9:bb:5f:8c:e0:44:40:e3:3b:31:ad:e4:c6:f3:
08:f3:23:d6:96:89:d4:2f:85:09:9d:e4:c1:33:c9:
04:48:34:96:62:ec:5c:5e:08:05:62:09:35:2b:60:
46:40:84:4a:e3:68:ab:d3:12:0a:7d:2d:27:b4:a9:
13:fa:6b:64:55:56:eb:ce:43:b8:c0:fb:0b:13:52:
b0:68:4e:4a:eb:7d:fb:e6:2e:9e:c6:14:c6:08:96:
45:8d:d0:1d:92:01:c4:14:af:ca:f6:0e:93:c2:ff:
f1:ac:b9:78:64:b4:f2:86:5b:e5:ee:52:dc:6b:8d:
db:75:30:74:2a:f4:91:7d:79:60:8e:b7:9e:2c:ec:
79:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7C:13:4A:42:50:A8:FF:6A:21:83:CC:4F:FE:06:15:8F:4E:DC:5D
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rHwTSkJQqP9qIYPMT_4GFY9O3F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.203.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:61:1c:3a:39:4d:91:3e:d6:8e:44:cc:df:95:a3:76:6c:a1:
c5:f4:e3:d6:90:45:e5:90:f2:0c:3f:73:be:79:8d:c5:43:a5:
82:4a:6a:80:16:45:c5:e6:6f:e7:9a:28:b1:9b:6c:55:6a:b8:
6a:a1:99:a8:9e:2b:1b:5e:a5:65:98:49:14:b1:39:bb:02:9a:
da:1e:38:b2:3d:bc:49:e7:96:12:50:f5:15:13:33:5a:cb:a1:
9d:0a:66:de:48:bd:6a:90:aa:7b:79:4e:93:ae:d3:f0:91:bf:
c6:6d:4a:1d:3f:23:03:e5:b1:b6:49:58:e6:92:f0:77:ba:bf:
0e:95:da:ee:ab:af:c2:04:b1:fb:80:ea:96:80:02:32:09:fc:
ae:c7:73:7d:2d:67:f8:d9:e5:d0:d3:19:55:be:ca:d1:05:e5:
a2:09:3d:0f:83:a8:1b:23:3f:aa:07:23:74:cc:b8:01:05:75:
14:c5:4a:51:e7:f7:63:9f:a0:70:f5:ca:b9:fe:7c:c4:6a:09:
57:6a:d6:a0:25:3c:89:3a:aa:69:e7:e7:34:53:ac:6a:11:b4:
fe:66:f6:c7:ed:61:eb:92:f1:3a:ad:3b:c9:a1:cf:2e:5a:c3:
86:27:69:f2:be:79:07:5e:07:75:1b:55:95:ed:31:53:43:2d:
3f:28:77:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNjazKUodoleub8TNIVwcAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMTI1MTMwMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdjMTM0YTQyNTBhOGZmNmEyMTgzY2M0ZmZlMDYxNThmNGVkYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8raN9dAxpVO97r8U/TTZDuU/MSzd
LrDyUjEMIAcMucBbP0g+SZoN3JTH/FzVyUzzlnwfx8avezysl4HspDfvUA8LA2kT
42pr/qi8ClLL4x8rt1N11Zv9Yk7+alzzbIeCSwwoY+iae/JSiNrbzeFBdl7SAMru
BFxvubtfjOBEQOM7Ma3kxvMI8yPWlonUL4UJneTBM8kESDSWYuxcXggFYgk1K2BG
QIRK42ir0xIKfS0ntKkT+mtkVVbrzkO4wPsLE1KwaE5K63375i6exhTGCJZFjdAd
kgHEFK/K9g6Twv/xrLl4ZLTyhlvl7lLca43bdTB0KvSRfXlgjreeLOx5vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKx8E0pCUKj/aiGDzE/+BhWPTtxdMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvckh3VFNrSlFxUDlxSVlQTVRfNEdGWTlPM0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj7LMA0G
CSqGSIb3DQEBCwUAA4IBAQC5YRw6OU2RPtaORMzflaN2bKHF9OPWkEXlkPIMP3O+
eY3FQ6WCSmqAFkXF5m/nmiixm2xVarhqoZmonisbXqVlmEkUsTm7ApraHjiyPbxJ
55YSUPUVEzNay6GdCmbeSL1qkKp7eU6TrtPwkb/GbUodPyMD5bG2SVjmkvB3ur8O
ldruq6/CBLH7gOqWgAIyCfyux3N9LWf42eXQ0xlVvsrRBeWiCT0Pg6gbIz+qByN0
zLgBBXUUxUpR5/djn6Bw9cq5/nzEaglXatagJTyJOqpp5+c0U6xqEbT+ZvbH7WHr
kvE6rTvJoc8uWsOGJ2nyvnkHXgd1G1WV7TFTQy0/KHcs
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:56:35 2025 by rpki-client