Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/cZhCQY3KQKPuWFzyVC7cHgVDgWQ.roa
File: cZhCQY3KQKPuWFzyVC7cHgVDgWQ.roa (raw, json)
Hash identifier: vBaoOnJWk3azhtlBEGVYX1WUfSi878gvJBKhpMCHhf0=
Subject key identifier: 71:98:42:41:8D:CA:40:A3:EE:58:5C:F2:54:2E:DC:1E:05:43:81:64
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194CCE6D1AEC87EF93B662725DD3F6F5A23
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/cZhCQY3KQKPuWFzyVC7cHgVDgWQ.roa
Signing time: Mon 03 Feb 2025 17:41:06 +0000
ROA not before: Mon 03 Feb 2025 17:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 62.171.228.0/24 maxlen: 24
217.179.7.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:e6:d1:ae:c8:7e:f9:3b:66:27:25:dd:3f:6f:5a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 3 17:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=719842418dca40a3ee585cf2542edc1e05438164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:04:4e:85:72:a9:d0:42:c8:13:44:78:ca:35:
c0:c5:9e:cd:cb:ec:96:b1:37:8e:0c:c4:1f:a3:b5:
2b:4a:05:3a:d2:bd:d5:e0:07:eb:cb:c2:35:6a:3e:
dc:0d:8e:7c:36:7c:a5:8d:f0:a3:93:05:1c:d8:15:
68:27:88:80:d8:46:c7:92:84:c9:0d:4c:56:7d:ac:
72:6f:dc:22:8a:03:28:61:91:3b:94:a2:60:8c:44:
59:ba:5a:ee:72:ef:22:3c:59:85:51:41:99:d1:c4:
18:d8:c5:c2:e8:06:c7:a0:df:6f:77:8e:a3:bd:50:
0c:2e:70:dd:f8:4a:db:b5:77:18:ed:73:7e:e0:7c:
53:a1:3a:4a:f8:af:5f:1d:d9:dc:a4:89:f4:45:a6:
0c:71:db:fd:0b:1f:7a:da:27:9e:bf:77:a4:ae:e5:
21:51:3c:09:09:11:c4:8d:db:e6:41:7b:74:aa:d6:
85:64:40:c4:90:10:87:a5:a4:50:32:60:11:14:56:
10:70:90:c9:bc:ac:37:bd:7d:df:42:c1:39:67:95:
57:2d:a8:f2:58:3f:aa:9d:d6:30:2b:4f:4c:1c:4e:
ca:aa:54:fa:fa:17:71:1d:60:9a:ba:74:b2:a4:5a:
e1:c7:95:d0:ae:34:d9:c0:2f:0e:cb:cb:bb:8c:4d:
a2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:98:42:41:8D:CA:40:A3:EE:58:5C:F2:54:2E:DC:1E:05:43:81:64
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/cZhCQY3KQKPuWFzyVC7cHgVDgWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.228.0/24
217.179.7.0/24
217.180.13.0-217.180.14.255
217.180.20.0/24
217.180.38.0/24
217.180.45.0/24
217.180.59.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:3c:e2:64:a1:85:5c:fc:8f:77:5c:76:0f:39:06:7a:d8:5d:
5c:75:61:03:13:65:94:39:b4:47:a6:8e:29:20:16:3f:78:3c:
ca:c8:cd:52:d4:dc:2c:52:78:34:04:13:2b:27:f1:31:48:66:
b6:16:d4:60:c9:85:7b:81:0b:ea:e8:ea:46:c2:23:13:7c:a9:
60:ad:21:f0:fd:bf:88:a3:a5:84:27:66:3f:37:f9:54:48:b9:
b3:75:aa:db:d4:06:90:43:75:a4:dd:8a:f1:58:39:9e:a6:8a:
0f:42:35:78:54:e8:ad:66:74:a8:98:16:67:57:c3:31:db:54:
36:5d:8b:50:00:cd:a0:d1:17:fc:72:57:94:03:cd:c6:09:75:
b7:28:72:8f:46:d9:e3:44:5c:dd:55:6e:d4:25:c4:18:44:2d:
a8:7c:08:51:b5:e3:eb:91:ea:17:b8:02:a6:84:7f:4d:6f:c7:
a6:88:84:d9:9a:b1:b0:a8:23:29:fa:8a:87:98:7a:f1:32:f4:
32:d5:2d:93:24:ff:bb:be:e4:df:23:fb:56:b7:d4:d5:ac:9f:
f2:ae:8d:a6:5c:b3:80:44:d5:37:b4:2a:37:d8:43:01:f6:e2:
e5:dd:71:79:7f:94:7a:7b:f1:bd:8d:bb:5a:51:ff:09:cb:8e:
1e:af:a3:32
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZTM5tGuyH75O2YnJd0/b1ojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjAzMTc0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk4NDI0MThkY2E0MGEzZWU1ODVjZjI1NDJlZGMxZTA1NDM4MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAROhXKp0ELIE0R4yjXAxZ7Ny+yW
sTeODMQfo7UrSgU60r3V4Afry8I1aj7cDY58NnyljfCjkwUc2BVoJ4iA2EbHkoTJ
DUxWfaxyb9wiigMoYZE7lKJgjERZulrucu8iPFmFUUGZ0cQY2MXC6AbHoN9vd46j
vVAMLnDd+ErbtXcY7XN+4HxToTpK+K9fHdncpIn0RaYMcdv9Cx962ieev3ekruUh
UTwJCRHEjdvmQXt0qtaFZEDEkBCHpaRQMmARFFYQcJDJvKw3vX3fQsE5Z5VXLajy
WD+qndYwK09MHE7KqlT6+hdxHWCaunSypFrhx5XQrjTZwC8Oy8u7jE2i9QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHGYQkGNykCj7lhc8lQu3B4FQ4FkMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvY1poQ1FZM0tRS1B1V0Z6eVZDN2NIZ1ZEZ1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAPqvkAwQA
2bMHMAwDBADZtA0DBADZtA4DBADZtBQDBADZtCYDBADZtC0DBADZtDswDQYJKoZI
hvcNAQELBQADggEBAG884mShhVz8j3dcdg85BnrYXVx1YQMTZZQ5tEemjikgFj94
PMrIzVLU3CxSeDQEEysn8TFIZrYW1GDJhXuBC+ro6kbCIxN8qWCtIfD9v4ijpYQn
Zj83+VRIubN1qtvUBpBDdaTdivFYOZ6mig9CNXhU6K1mdKiYFmdXwzHbVDZdi1AA
zaDRF/xyV5QDzcYJdbcoco9G2eNEXN1VbtQlxBhELah8CFG14+uR6he4AqaEf01v
x6aIhNmasbCoIyn6ioeYevEy9DLVLZMk/7u+5N8j+1a31NWsn/KujaZcs4BE1Te0
KjfYQwH24uXdcXl/lHp78b2Nu1pR/wnLjh6vozI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:25:32 2025 by rpki-client