Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/zYFeRTn8s76_qG8vYVC9gNtm9os.roa
File: zYFeRTn8s76_qG8vYVC9gNtm9os.roa (raw, json)
Hash identifier: Bz8aSJoMkx4h3LWX/rA7nz9cEX5quhF9MT7KcMzOc44=
Subject key identifier: CD:81:5E:45:39:FC:B3:BE:BF:A8:6F:2F:61:50:BD:80:DB:66:F6:8B
Certificate issuer: /CN=6fd60d9b943b08c447cf7e54989f52b0dec5f7e7
Certificate serial: 018CC56EB8105E21D91C04E69DAF829461C8
Authority key identifier: 6F:D6:0D:9B:94:3B:08:C4:47:CF:7E:54:98:9F:52:B0:DE:C5:F7:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/zYFeRTn8s76_qG8vYVC9gNtm9os.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13267
IP address blocks: 62.240.192.0/23 maxlen: 23
62.240.192.0/22 maxlen: 22
62.240.196.0/22 maxlen: 22
62.240.196.0/23 maxlen: 23
62.240.194.0/23 maxlen: 23
62.240.200.0/21 maxlen: 21
62.240.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b8:10:5e:21:d9:1c:04:e6:9d:af:82:94:61:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fd60d9b943b08c447cf7e54989f52b0dec5f7e7
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd815e4539fcb3bebfa86f2f6150bd80db66f68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ad:e4:68:89:d6:91:95:ea:d2:eb:96:69:3f:
eb:f7:00:d2:87:76:5e:6b:bc:c0:a9:de:19:76:d0:
db:03:87:54:d0:03:6f:21:16:23:0b:cd:6a:9a:2c:
c6:47:b1:a2:0f:9e:b3:28:4b:91:9e:d5:0e:ce:f3:
5b:3a:ae:2c:52:cb:a0:64:2e:44:82:57:f1:66:3f:
51:e1:29:fd:78:b6:b4:a8:08:01:9e:e7:d4:fc:7f:
2d:87:07:ee:7c:bb:c9:da:99:8f:b7:5b:4e:38:0a:
70:c1:75:a4:c8:e0:9a:38:5f:52:40:d0:26:79:a6:
73:93:c2:e4:c4:60:8f:c6:5f:1c:af:1c:4d:a0:fa:
89:70:02:f2:cf:e6:c3:d1:29:76:52:48:ba:47:4e:
cc:94:68:c7:e5:47:b7:fd:ad:55:18:37:a9:14:62:
d3:fb:e1:07:f6:19:27:dd:ff:43:3a:b3:eb:88:c0:
a8:a4:6e:16:60:1b:41:bb:a8:d8:d1:de:52:0f:ef:
cf:6b:53:4a:cf:0c:bc:9c:8c:c3:fa:00:13:50:cc:
ed:03:d9:ea:99:bf:f5:e4:19:29:64:47:c2:04:63:
36:86:32:c4:b3:64:17:f5:a0:6b:0b:df:ea:d5:55:
53:d7:55:8c:f4:45:b4:e4:dc:b8:87:f8:7a:0c:ab:
d7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:81:5E:45:39:FC:B3:BE:BF:A8:6F:2F:61:50:BD:80:DB:66:F6:8B
X509v3 Authority Key Identifier:
keyid:6F:D6:0D:9B:94:3B:08:C4:47:CF:7E:54:98:9F:52:B0:DE:C5:F7:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/zYFeRTn8s76_qG8vYVC9gNtm9os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.192.0/19
Signature Algorithm: sha256WithRSAEncryption
61:48:98:b8:08:bc:4f:d8:41:df:92:9f:e3:71:9e:3a:f9:ba:
c3:bd:c1:f7:74:2b:a9:e6:38:87:d5:23:b9:ca:2f:e2:28:92:
4a:d3:84:4d:29:93:e0:c4:3b:26:90:c2:c5:6a:f5:72:7f:08:
df:0c:da:f9:5b:51:50:e1:17:b5:65:f9:81:01:2a:bd:ec:5e:
0e:37:97:43:c9:09:65:d2:da:17:e4:d6:84:b0:32:98:a1:11:
b0:41:02:bc:1b:b4:4a:66:03:d1:bf:17:fa:84:1a:8d:4c:c0:
45:5d:c9:7e:26:16:85:94:30:0e:07:ac:e2:f4:37:27:43:7b:
4e:dc:c6:b6:b8:0a:7a:20:ff:94:1f:69:12:8a:c0:60:61:e8:
87:7c:63:d6:29:24:85:38:ce:ec:66:c5:e3:da:40:83:78:cb:
4b:ce:44:09:6a:95:83:b6:3a:f8:47:80:b4:ef:d4:fa:bf:46:
2a:bb:1f:3d:1d:3b:b2:f2:ff:40:c6:3a:cf:54:03:78:cd:b5:
fb:c9:e5:bd:4d:13:95:07:c5:24:a0:cb:61:6b:b8:c4:bb:ca:
79:2f:1a:d9:87:38:4e:37:c0:d3:b2:8f:04:4d:de:79:d7:fe:
d8:58:93:1f:30:64:68:b7:a2:0d:6c:e8:c7:6c:08:8f:cb:99:
7e:4f:67:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbrgQXiHZHATmna+ClGHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZDYwZDliOTQzYjA4YzQ0N2NmN2U1NDk4OWY1MmIwZGVj
NWY3ZTcwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDgxNWU0NTM5ZmNiM2JlYmZhODZmMmY2MTUwYmQ4MGRiNjZmNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq3kaInWkZXq0uuWaT/r9wDSh3Ze
a7zAqd4ZdtDbA4dU0ANvIRYjC81qmizGR7GiD56zKEuRntUOzvNbOq4sUsugZC5E
glfxZj9R4Sn9eLa0qAgBnufU/H8thwfufLvJ2pmPt1tOOApwwXWkyOCaOF9SQNAm
eaZzk8LkxGCPxl8crxxNoPqJcALyz+bD0Sl2Uki6R07MlGjH5Ue3/a1VGDepFGLT
++EH9hkn3f9DOrPriMCopG4WYBtBu6jY0d5SD+/Pa1NKzwy8nIzD+gATUMztA9nq
mb/15BkpZEfCBGM2hjLEs2QX9aBrC9/q1VVT11WM9EW05Ny4h/h6DKvXEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2BXkU5/LO+v6hvL2FQvYDbZvaLMB8GA1UdIwQY
MBaAFG/WDZuUOwjER89+VJifUrDexffnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjlZTm01UTdDTVJIejM1VW1KOVNzTjdGOS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wZGY1NmMtNjhhOS00ZmViLWJmNTMt
ZDdmMTFkNjg0NzM3LzEvellGZVJUbjhzNzZfcUc4dllWQzlnTnRtOW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wZGY1NmMtNjhhOS00ZmViLWJmNTMtZDdmMTFkNjg0NzM3
LzEvYjlZTm01UTdDTVJIejM1VW1KOVNzTjdGOS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPvDAMA0G
CSqGSIb3DQEBCwUAA4IBAQBhSJi4CLxP2EHfkp/jcZ46+brDvcH3dCup5jiH1SO5
yi/iKJJK04RNKZPgxDsmkMLFavVyfwjfDNr5W1FQ4Re1ZfmBASq97F4ON5dDyQll
0toX5NaEsDKYoRGwQQK8G7RKZgPRvxf6hBqNTMBFXcl+JhaFlDAOB6zi9DcnQ3tO
3Ma2uAp6IP+UH2kSisBgYeiHfGPWKSSFOM7sZsXj2kCDeMtLzkQJapWDtjr4R4C0
79T6v0Yqux89HTuy8v9AxjrPVAN4zbX7yeW9TROVB8UkoMtha7jEu8p5LxrZhzhO
N8DTso8ETd551/7YWJMfMGRot6INbOjHbAiPy5l+T2fG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:30 2025 by rpki-client