Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/9sFNirWo_5FOpRGEZaxb-5GWcJ4.roa
File: 9sFNirWo_5FOpRGEZaxb-5GWcJ4.roa (raw, json)
Hash identifier: JkxmCu2h3qjSSAdwfayxQ6pjy2PUdVrx/RrkqZ0Bju0=
Subject key identifier: F6:C1:4D:8A:B5:A8:FF:91:4E:A5:11:84:65:AC:5B:FB:91:96:70:9E
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01936CA19857CBB186434707DEAB34E89444
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/9sFNirWo_5FOpRGEZaxb-5GWcJ4.roa
Signing time: Wed 27 Nov 2024 07:59:09 +0000
ROA not before: Wed 27 Nov 2024 07:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20326
IP address blocks: 62.171.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:a1:98:57:cb:b1:86:43:47:07:de:ab:34:e8:94:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Nov 27 07:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6c14d8ab5a8ff914ea5118465ac5bfb9196709e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:f0:93:b6:e0:12:a2:f4:09:b2:35:e7:aa:
0c:43:f8:bf:59:e4:7f:07:03:44:d1:7a:4c:c5:d1:
f9:11:98:3a:a3:e4:56:a2:74:fc:81:67:49:1e:8e:
76:7d:02:08:2e:a8:95:c1:79:0f:bc:3a:2b:02:c5:
77:18:27:c0:98:54:c9:25:f0:ec:b9:67:a9:b8:cc:
79:ee:46:e5:3c:d2:f1:0e:3c:ce:30:b9:42:31:d5:
8c:da:55:27:ee:5c:e5:5c:6b:21:e0:55:33:ac:74:
31:c8:6e:de:22:6b:d6:ce:b0:2e:44:32:e8:65:ad:
06:64:ff:15:58:2a:cf:94:16:38:5f:89:1c:5f:38:
25:d3:10:dc:8a:74:5c:b4:39:67:96:2f:17:96:fd:
a1:fc:79:bf:a2:cf:bf:10:07:e5:df:c4:70:9c:f9:
96:28:da:fd:fa:96:a9:94:5a:c1:19:f0:c8:b4:32:
54:5f:37:8c:90:c1:0a:d1:08:bd:b9:d1:8d:31:3d:
c2:49:55:bc:1e:d9:cf:99:63:fd:79:2f:5e:d2:73:
2d:df:e1:fb:17:36:67:68:3d:b1:ba:a2:40:50:71:
f1:9b:ac:3e:f3:5b:0c:7b:81:ee:63:f1:e4:e7:19:
6b:a4:03:74:a9:43:b9:42:e3:5a:f0:0a:d7:58:b9:
68:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C1:4D:8A:B5:A8:FF:91:4E:A5:11:84:65:AC:5B:FB:91:96:70:9E
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/9sFNirWo_5FOpRGEZaxb-5GWcJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.232.0/21
Signature Algorithm: sha256WithRSAEncryption
73:24:a0:c0:d1:0f:22:c4:b6:5e:29:ed:6a:ab:aa:e1:c7:24:
2e:ba:da:d4:bc:7a:dc:a1:bf:38:72:dc:c3:cf:e6:cf:d0:6e:
7d:03:c3:cd:b9:05:7c:ac:b6:b7:7b:90:29:15:67:3d:64:97:
bb:c8:ea:7d:e0:1c:71:be:7c:9d:40:37:ec:5a:68:a4:e8:c3:
49:d6:db:3d:ac:ee:f7:fa:80:15:d4:bf:7b:3b:c7:5c:1d:69:
20:ed:08:35:20:17:80:ce:63:47:cc:29:ea:57:1e:77:5e:6a:
e4:76:4f:0b:89:8b:b4:5a:00:3c:18:f1:82:f6:bb:a2:dc:78:
ce:fe:30:fc:95:49:ac:c0:e3:fd:94:f1:0f:15:85:c5:4e:1d:
2a:27:55:5f:11:7f:b1:73:51:45:cf:80:93:5d:aa:fb:12:3b:
bc:fe:46:cb:4d:44:40:68:e1:af:99:dd:f4:b3:98:25:51:67:
3e:3a:e9:4c:c7:79:8c:26:d2:f3:c2:fe:e5:1b:4d:93:f7:b5:
65:2c:57:67:32:b2:f8:32:3d:a6:cb:30:1b:1c:89:41:db:3b:
11:4c:ef:f0:65:2c:c7:3c:11:2b:1c:51:77:fd:1c:31:69:67:
35:48:c4:72:af:6e:55:ea:85:d6:44:91:11:a9:d6:05:d6:65:
46:c5:3e:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNsoZhXy7GGQ0cH3qs06JREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMTI3MDc1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMxNGQ4YWI1YThmZjkxNGVhNTExODQ2NWFjNWJmYjkxOTY3MDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjjwk7bgEqL0CbI156oMQ/i/WeR/
BwNE0XpMxdH5EZg6o+RWonT8gWdJHo52fQIILqiVwXkPvDorAsV3GCfAmFTJJfDs
uWepuMx57kblPNLxDjzOMLlCMdWM2lUn7lzlXGsh4FUzrHQxyG7eImvWzrAuRDLo
Za0GZP8VWCrPlBY4X4kcXzgl0xDcinRctDlnli8Xlv2h/Hm/os+/EAfl38RwnPmW
KNr9+paplFrBGfDItDJUXzeMkMEK0Qi9udGNMT3CSVW8HtnPmWP9eS9e0nMt3+H7
FzZnaD2xuqJAUHHxm6w+81sMe4HuY/Hk5xlrpAN0qUO5QuNa8ArXWLloCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbBTYq1qP+RTqURhGWsW/uRlnCeMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvOXNGTmlyV29fNUZPcFJHRVpheGItNUdXY0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPqvoMA0G
CSqGSIb3DQEBCwUAA4IBAQBzJKDA0Q8ixLZeKe1qq6rhxyQuutrUvHrcob84ctzD
z+bP0G59A8PNuQV8rLa3e5ApFWc9ZJe7yOp94BxxvnydQDfsWmik6MNJ1ts9rO73
+oAV1L97O8dcHWkg7Qg1IBeAzmNHzCnqVx53Xmrkdk8LiYu0WgA8GPGC9rui3HjO
/jD8lUmswOP9lPEPFYXFTh0qJ1VfEX+xc1FFz4CTXar7Eju8/kbLTURAaOGvmd30
s5glUWc+OulMx3mMJtLzwv7lG02T97VlLFdnMrL4Mj2myzAbHIlB2zsRTO/wZSzH
PBErHFF3/RwxaWc1SMRyr25V6oXWRJERqdYF1mVGxT6r
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:13:22 2025 by rpki-client