Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/0gqBO9kw9wemfDWdRCCO5HSexdA.roa
File: 0gqBO9kw9wemfDWdRCCO5HSexdA.roa (raw, json)
Hash identifier: KMNWvQ44j/l567GfHuoGoF/whZT3s5XsAtLJpDh5hAo=
Subject key identifier: D2:0A:81:3B:D9:30:F7:07:A6:7C:35:9D:44:20:8E:E4:74:9E:C5:D0
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 0194252176CA4645ED5EF1CA0F49B14BBE8E
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/0gqBO9kw9wemfDWdRCCO5HSexdA.roa
Signing time: Thu 02 Jan 2025 03:48:57 +0000
ROA not before: Thu 02 Jan 2025 03:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20668
IP address blocks: 62.3.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 12:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:76:ca:46:45:ed:5e:f1:ca:0f:49:b1:4b:be:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d20a813bd930f707a67c359d44208ee4749ec5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bd:60:9d:a5:5c:13:1f:35:34:04:df:9d:1f:
f6:f5:e2:b4:be:82:e1:e2:51:16:d0:71:31:e6:d2:
a9:ce:05:38:80:6f:d0:11:ee:ec:5d:80:c2:24:93:
a9:09:98:f3:6b:ff:db:3d:e2:5f:60:cc:e0:ba:21:
82:d5:9b:01:01:a8:ae:69:11:5c:74:b1:b8:70:9c:
0a:a1:f9:9e:62:2a:ca:d4:db:3c:5f:15:ad:d7:0b:
ae:2c:ac:34:42:b0:47:bb:73:79:96:01:74:82:82:
6d:ee:56:06:cf:ab:3f:a1:04:16:0c:23:8d:4d:2c:
5a:85:8a:e8:9f:a5:9a:79:fe:0f:48:3c:ec:11:14:
54:7a:6c:ee:9d:f5:a7:f7:74:b8:3c:94:15:c7:80:
8d:8d:7d:73:3d:c0:de:ec:39:b6:26:78:ad:37:80:
c8:24:5b:94:30:fb:86:e9:a4:af:e4:b5:17:87:6e:
67:e6:87:a2:17:92:85:84:76:aa:26:5c:2f:93:9b:
aa:9d:52:a4:76:0a:8b:2b:d4:d1:31:5f:2e:5d:77:
ce:1d:38:16:72:1f:3e:8d:67:71:de:cb:42:08:ee:
68:d7:58:d2:22:31:96:85:28:37:9a:ca:81:22:16:
45:e9:83:f2:12:b7:aa:a6:49:17:3c:75:84:00:a3:
57:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0A:81:3B:D9:30:F7:07:A6:7C:35:9D:44:20:8E:E4:74:9E:C5:D0
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/0gqBO9kw9wemfDWdRCCO5HSexdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.28.0/24
Signature Algorithm: sha256WithRSAEncryption
90:34:88:52:81:16:28:e5:08:61:04:27:ba:1d:84:77:09:7d:
aa:e8:f5:10:c9:a9:0a:4c:7a:f4:c2:a0:88:0e:6b:da:fe:06:
0c:b8:6f:80:ad:53:9f:83:ea:29:e5:bb:53:8e:74:1a:a4:76:
83:db:f9:91:72:87:95:69:6e:20:11:b6:4e:7f:6a:30:f9:da:
1d:97:c1:a3:a1:a7:a9:20:f6:79:28:f7:b7:da:50:09:0b:76:
f5:2f:8f:97:e3:bb:24:e5:51:22:86:2b:94:da:c6:82:7b:01:
45:dd:4e:f8:46:76:b8:06:92:3f:c8:2e:50:39:04:9a:5d:f0:
db:fc:56:f6:d9:d6:8a:52:3d:0e:f6:59:4a:c4:3d:f5:86:ae:
63:e8:df:0f:73:ac:ff:f9:7b:d8:62:63:f0:93:89:00:47:62:
55:5c:ac:7f:97:ca:fe:e8:13:d6:7a:8b:ad:2e:9c:5d:9e:c0:
d7:7b:52:6a:8a:35:7a:9c:46:eb:92:a4:96:67:39:c4:a5:12:
ed:1f:82:6b:3b:2a:b1:2d:a7:46:f6:67:2f:ff:27:6d:84:e1:
81:f7:ff:43:57:d0:15:98:9b:5c:9a:11:6e:8e:f0:ec:d6:bc:
16:08:66:be:bc:6c:de:95:b4:12:23:ee:d1:9a:f9:63:c3:00:
03:92:a2:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIXbKRkXtXvHKD0mxS76OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBhODEzYmQ5MzBmNzA3YTY3YzM1OWQ0NDIwOGVlNDc0OWVjNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx71gnaVcEx81NATfnR/29eK0voLh
4lEW0HEx5tKpzgU4gG/QEe7sXYDCJJOpCZjza//bPeJfYMzguiGC1ZsBAaiuaRFc
dLG4cJwKofmeYirK1Ns8XxWt1wuuLKw0QrBHu3N5lgF0goJt7lYGz6s/oQQWDCON
TSxahYron6Waef4PSDzsERRUemzunfWn93S4PJQVx4CNjX1zPcDe7Dm2JnitN4DI
JFuUMPuG6aSv5LUXh25n5oeiF5KFhHaqJlwvk5uqnVKkdgqLK9TRMV8uXXfOHTgW
ch8+jWdx3stCCO5o11jSIjGWhSg3msqBIhZF6YPyEreqpkkXPHWEAKNXLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIKgTvZMPcHpnw1nUQgjuR0nsXQMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvMGdxQk85a3c5d2VtZkRXZFJDQ081SFNleGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMcMA0G
CSqGSIb3DQEBCwUAA4IBAQCQNIhSgRYo5QhhBCe6HYR3CX2q6PUQyakKTHr0wqCI
Dmva/gYMuG+ArVOfg+op5btTjnQapHaD2/mRcoeVaW4gEbZOf2ow+dodl8Gjoaep
IPZ5KPe32lAJC3b1L4+X47sk5VEihiuU2saCewFF3U74Rna4BpI/yC5QOQSaXfDb
/Fb22daKUj0O9llKxD31hq5j6N8Pc6z/+XvYYmPwk4kAR2JVXKx/l8r+6BPWeout
LpxdnsDXe1JqijV6nEbrkqSWZznEpRLtH4JrOyqxLadG9mcv/ydthOGB9/9DV9AV
mJtcmhFujvDs1rwWCGa+vGzelbQSI+7RmvljwwADkqJM
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:37:57 2025 by rpki-client