Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/6NHQ0pXIfbkilf3_kYU07jGKROs.roa
File: 6NHQ0pXIfbkilf3_kYU07jGKROs.roa (raw, json)
Hash identifier: jcRs8Gf+cLrLsR8bBn/5ULjTgC9LcsS0CZrIhsGA3CI=
Subject key identifier: E8:D1:D0:D2:95:C8:7D:B9:22:95:FD:FF:91:85:34:EE:31:8A:44:EB
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0193BF868524B778B0C6508086D51B3DFC12
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/6NHQ0pXIfbkilf3_kYU07jGKROs.roa
Signing time: Fri 13 Dec 2024 10:18:04 +0000
ROA not before: Fri 13 Dec 2024 10:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.252.92.0/24 maxlen: 24
5.253.158.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.231.0/24 maxlen: 24
185.218.160.0/24 maxlen: 24
185.218.161.0/24 maxlen: 24
185.218.162.0/24 maxlen: 24
185.218.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:86:85:24:b7:78:b0:c6:50:80:86:d5:1b:3d:fc:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 13 10:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8d1d0d295c87db92295fdff918534ee318a44eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:08:a9:10:dd:a3:e6:98:9a:35:f8:1a:23:af:
f2:a3:31:85:ae:2a:03:07:20:89:70:ce:42:85:94:
ca:93:83:bc:9e:0b:f4:7b:de:08:b4:52:ac:f5:98:
52:bc:7c:c4:64:7c:3d:b5:64:d8:09:11:a9:6a:f4:
4f:03:b5:ad:ff:09:c5:ea:1c:6c:9a:4e:6f:b3:17:
3a:08:a9:3d:fe:bf:ee:b5:ae:a8:b8:ca:c2:39:54:
12:87:7f:77:fd:eb:c8:bc:7b:5e:db:9f:42:54:2b:
ae:72:a6:06:49:24:12:57:8b:ba:69:ea:63:f1:73:
31:d0:8c:5a:6a:ae:0f:1b:30:e2:1d:6a:03:8a:ca:
a1:9e:d7:d4:a5:9e:e9:96:b3:ee:fb:4e:5d:7c:cd:
7e:99:0d:df:ef:b7:56:5d:75:a0:b0:b6:7d:15:f4:
c2:cd:dc:99:43:7c:de:77:9b:a4:44:67:65:38:85:
e7:24:8c:7b:ab:5f:82:63:5a:cd:c5:ba:f2:0d:c3:
89:46:c4:8e:bb:ee:18:cf:68:4b:82:72:58:72:46:
33:9c:01:54:7a:a7:1b:c2:7b:f4:e4:27:c2:56:a5:
11:b6:81:9e:3f:fc:6b:26:df:87:bc:60:c8:18:63:
40:d5:e9:3e:ef:a5:75:c4:09:64:4b:f7:e8:34:be:
c9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D1:D0:D2:95:C8:7D:B9:22:95:FD:FF:91:85:34:EE:31:8A:44:EB
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/6NHQ0pXIfbkilf3_kYU07jGKROs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.92.0/24
5.253.158.0/23
62.122.228.0/22
185.218.160.0/22
Signature Algorithm: sha256WithRSAEncryption
45:ec:83:9f:0f:0b:42:1d:a8:58:9f:82:a7:f4:9a:06:ca:26:
88:e7:cb:41:18:2e:39:3f:d2:bf:a2:1f:04:26:14:7c:ab:fd:
13:f0:e0:0b:99:d5:3a:09:64:9b:8d:87:f2:07:eb:cf:52:b1:
af:24:04:22:fe:4f:ee:29:48:f7:ae:88:a1:86:22:b0:30:3d:
f7:2a:0f:09:08:ec:f9:5e:bd:ef:14:dd:29:64:a2:d3:e1:42:
e7:95:df:c3:97:f1:0d:b0:85:e6:d8:44:4d:fd:3b:2e:b3:4f:
23:68:42:eb:f2:66:ce:f1:24:b9:d5:db:08:5e:0b:97:2e:97:
b6:0d:76:05:24:a3:41:21:63:fc:23:5d:02:fd:c6:0e:9c:be:
40:f1:a6:fd:b1:f5:53:0a:66:b9:ab:14:7e:8c:ab:56:b2:ab:
f9:40:2e:6a:06:7c:83:84:11:1e:fe:87:aa:86:dc:0c:d9:14:
3d:fd:ea:de:1a:f5:70:67:85:fc:27:8b:52:f0:64:9f:1f:e6:
a5:ad:ca:25:05:f0:1a:55:70:42:ac:a6:ae:42:79:40:a6:69:
3a:82:45:96:4f:1e:e8:7f:de:98:73:4a:76:b0:4f:97:93:6a:
3d:08:2d:92:9a:59:f4:4d:55:da:55:a5:4d:45:62:d9:0d:e9:
d5:d8:f1:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZO/hoUkt3iwxlCAhtUbPfwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjQxMjEzMTAxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGQxZDBkMjk1Yzg3ZGI5MjI5NWZkZmY5MTg1MzRlZTMxOGE0NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywipEN2j5piaNfgaI6/yozGFrioD
ByCJcM5ChZTKk4O8ngv0e94ItFKs9ZhSvHzEZHw9tWTYCRGpavRPA7Wt/wnF6hxs
mk5vsxc6CKk9/r/uta6ouMrCOVQSh393/evIvHte259CVCuucqYGSSQSV4u6aepj
8XMx0Ixaaq4PGzDiHWoDisqhntfUpZ7plrPu+05dfM1+mQ3f77dWXXWgsLZ9FfTC
zdyZQ3zed5ukRGdlOIXnJIx7q1+CY1rNxbryDcOJRsSOu+4Yz2hLgnJYckYznAFU
eqcbwnv05CfCVqURtoGeP/xrJt+HvGDIGGNA1ek+76V1xAlkS/foNL7JBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOjR0NKVyH25IpX9/5GFNO4xikTrMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvNk5IUTBwWElmYmtpbGYzX2tZVTA3akdLUk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABfxcAwQB
Bf2eAwQCPnrkAwQCudqgMA0GCSqGSIb3DQEBCwUAA4IBAQBF7IOfDwtCHahYn4Kn
9JoGyiaI58tBGC45P9K/oh8EJhR8q/0T8OALmdU6CWSbjYfyB+vPUrGvJAQi/k/u
KUj3roihhiKwMD33Kg8JCOz5Xr3vFN0pZKLT4ULnld/Dl/ENsIXm2ERN/Tsus08j
aELr8mbO8SS51dsIXguXLpe2DXYFJKNBIWP8I10C/cYOnL5A8ab9sfVTCma5qxR+
jKtWsqv5QC5qBnyDhBEe/oeqhtwM2RQ9/ereGvVwZ4X8J4tS8GSfH+alrcolBfAa
VXBCrKauQnlApmk6gkWWTx7of96Yc0p2sE+Xk2o9CC2Smln0TVXaVaVNRWLZDenV
2PEp
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:24:54 2025 by rpki-client