Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/BOpOti0IKne8iOgbWtBr9uM0iIs.roa
File: BOpOti0IKne8iOgbWtBr9uM0iIs.roa (raw, json)
Hash identifier: jyNe4T6wT9HZP6bV6Y9tEW1ziFrtMNBimZ8/l0j0BKA=
Subject key identifier: 04:EA:4E:B6:2D:08:2A:77:BC:88:E8:1B:5A:D0:6B:F6:E3:34:88:8B
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01939C04F9B5543FCF65A8E5231B20A6E1F3
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/BOpOti0IKne8iOgbWtBr9uM0iIs.roa
Signing time: Fri 06 Dec 2024 12:49:51 +0000
ROA not before: Fri 06 Dec 2024 12:49:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211192
IP address blocks: 62.171.249.0/24 maxlen: 24
217.180.39.0/24 maxlen: 24
217.180.56.0/24 maxlen: 24
217.180.62.0/24 maxlen: 24
217.180.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 10:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:04:f9:b5:54:3f:cf:65:a8:e5:23:1b:20:a6:e1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 6 12:49:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04ea4eb62d082a77bc88e81b5ad06bf6e334888b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c3:3b:08:18:6b:86:98:53:21:34:e8:91:cd:
26:82:fd:ca:fe:be:4c:3f:a6:30:12:d5:fd:5a:24:
9b:f8:d0:94:de:f4:9c:aa:45:5a:b7:bf:8b:f9:4a:
3d:a0:b1:03:9e:59:ba:e5:8b:6b:5a:24:97:43:a7:
1b:34:63:99:60:c5:90:5f:69:b4:d7:0e:1a:50:13:
06:b1:cc:4f:7f:b4:97:d5:ac:42:d2:b2:04:a1:25:
b1:e9:aa:13:ea:db:91:95:c7:ab:cd:35:93:2b:25:
65:99:cd:e8:b1:4e:a7:18:51:2c:4a:ac:b4:01:e4:
54:5d:39:20:a1:45:54:41:16:71:7c:cb:6b:a9:fa:
94:21:ce:51:d3:57:a4:c3:a5:20:05:eb:31:9f:c6:
89:45:c0:f6:40:19:36:02:d2:c8:fb:bf:57:03:f4:
a0:5a:c5:58:1c:e1:ad:1b:38:4b:7b:8a:da:ca:e4:
52:9f:d0:85:c7:f8:95:0c:c3:43:95:9a:43:af:5e:
bc:f9:78:fd:8b:48:ef:d9:95:0f:60:cf:10:aa:4d:
37:88:cf:fa:8b:e1:10:c5:00:44:f4:e6:ba:98:56:
9a:11:d9:57:8a:9f:67:25:45:66:4f:57:48:5b:f6:
05:68:d2:1a:1d:e6:77:61:ef:de:36:cd:d4:db:09:
b6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EA:4E:B6:2D:08:2A:77:BC:88:E8:1B:5A:D0:6B:F6:E3:34:88:8B
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/BOpOti0IKne8iOgbWtBr9uM0iIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.249.0/24
217.180.39.0/24
217.180.56.0/24
217.180.62.0/23
Signature Algorithm: sha256WithRSAEncryption
af:f4:23:53:42:1c:62:83:36:2e:3b:99:b3:97:08:1d:e2:5e:
86:f1:71:7e:b8:84:69:ea:fc:5f:bb:2c:b3:8c:b7:b3:81:cd:
41:81:3d:44:22:9e:7b:97:fe:00:34:d3:df:ad:c0:a0:a4:38:
a1:88:67:19:67:4d:44:bd:51:e1:c5:35:a0:57:c0:b0:37:f0:
52:a8:ce:84:f6:3c:d8:e9:8b:6a:83:e6:05:57:e4:f5:fd:c2:
5b:6c:ef:0e:ba:79:68:5e:20:d6:4b:96:61:07:b8:7c:40:88:
3f:2b:b0:7a:3a:61:a6:08:31:48:ac:9c:a4:ad:2a:fd:65:50:
11:9b:ea:a3:de:7e:04:10:10:fa:43:c3:d2:7d:fb:46:e1:6a:
a9:45:2f:f9:11:ae:a0:9a:f2:d0:03:02:5b:2d:b8:09:1c:f6:
0a:b4:2d:78:30:84:70:27:8c:ad:62:cd:7c:6c:72:a3:5a:5e:
e0:b8:3b:7b:bc:ec:31:65:91:d0:8b:ae:69:e3:07:4e:1e:54:
1c:d5:96:6d:b1:a6:07:e8:31:02:85:1b:28:56:eb:82:a0:e0:
0c:d2:83:f2:ae:22:d4:aa:1b:89:01:19:4c:93:6b:9b:54:ba:
c2:9d:b4:a8:45:aa:a9:ff:90:cd:f4:90:aa:4d:ef:5f:96:80:
a2:b6:96:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOcBPm1VD/PZajlIxsgpuHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjA2MTI0OTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVhNGViNjJkMDgyYTc3YmM4OGU4MWI1YWQwNmJmNmUzMzQ4ODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08M7CBhrhphTITTokc0mgv3K/r5M
P6YwEtX9WiSb+NCU3vScqkVat7+L+Uo9oLEDnlm65YtrWiSXQ6cbNGOZYMWQX2m0
1w4aUBMGscxPf7SX1axC0rIEoSWx6aoT6tuRlcerzTWTKyVlmc3osU6nGFEsSqy0
AeRUXTkgoUVUQRZxfMtrqfqUIc5R01ekw6UgBesxn8aJRcD2QBk2AtLI+79XA/Sg
WsVYHOGtGzhLe4rayuRSn9CFx/iVDMNDlZpDr168+Xj9i0jv2ZUPYM8Qqk03iM/6
i+EQxQBE9Oa6mFaaEdlXip9nJUVmT1dIW/YFaNIaHeZ3Ye/eNs3U2wm23wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFATqTrYtCCp3vIjoG1rQa/bjNIiLMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvQk9wT3RpMElLbmU4aU9nYld0QnI5dU0waUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPqv5AwQA
2bQnAwQA2bQ4AwQB2bQ+MA0GCSqGSIb3DQEBCwUAA4IBAQCv9CNTQhxigzYuO5mz
lwgd4l6G8XF+uIRp6vxfuyyzjLezgc1BgT1EIp57l/4ANNPfrcCgpDihiGcZZ01E
vVHhxTWgV8CwN/BSqM6E9jzY6Ytqg+YFV+T1/cJbbO8OunloXiDWS5ZhB7h8QIg/
K7B6OmGmCDFIrJykrSr9ZVARm+qj3n4EEBD6Q8PSfftG4WqpRS/5Ea6gmvLQAwJb
LbgJHPYKtC14MIRwJ4ytYs18bHKjWl7guDt7vOwxZZHQi65p4wdOHlQc1ZZtsaYH
6DEChRsoVuuCoOAM0oPyriLUqhuJARlMk2ubVLrCnbSoRaqp/5DN9JCqTe9floCi
tpZD
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:52:28 2025 by rpki-client