Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/UooPwNs3PfISE0aetYYeK4ThsU0.roa
File: UooPwNs3PfISE0aetYYeK4ThsU0.roa (raw, json)
Hash identifier: 5+QeqV23phzM8VDs0BlqGqqL/ZRKlmTO0qTfaEvlyfU=
Subject key identifier: 52:8A:0F:C0:DB:37:3D:F2:12:13:46:9E:B5:86:1E:2B:84:E1:B1:4D
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 018CC5DBE4CF4B09F4BAA71554AE7FBA9402
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/UooPwNs3PfISE0aetYYeK4ThsU0.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206585
IP address blocks: 62.181.60.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e4:cf:4b:09:f4:ba:a7:15:54:ae:7f:ba:94:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=528a0fc0db373df21213469eb5861e2b84e1b14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:07:83:f2:0f:07:97:b9:13:56:e8:89:d2:87:
8c:42:dc:29:b6:c1:a8:ba:fb:69:b0:58:cc:a7:ff:
29:d9:9b:ae:80:b9:7a:71:cc:fd:2f:a7:63:85:bd:
bc:05:22:4a:af:8c:93:5f:56:f4:92:7f:f4:38:f3:
ae:61:7d:80:da:17:0d:7d:df:12:42:8e:c1:71:70:
7f:af:0b:1d:c1:86:6f:5d:59:0a:bb:41:b9:83:d9:
66:b3:97:a8:9f:38:dd:67:8b:72:33:4f:06:bc:a9:
db:13:ca:12:9d:59:17:6c:a6:96:5a:fa:54:af:77:
ac:7c:c1:29:a4:4a:0d:0d:b8:59:21:e5:b1:61:d8:
e3:89:b2:d5:6f:63:82:15:44:c1:ea:4c:b5:1a:72:
16:38:96:21:4b:f8:64:c2:e1:17:72:8b:ce:b0:a9:
38:d7:6f:10:f9:af:8e:ba:04:c9:57:21:3d:7b:9b:
ba:fa:ac:8b:df:04:20:20:42:0d:84:8a:41:52:94:
c5:21:0f:42:6f:ef:18:5d:bc:38:c3:bd:80:0f:23:
f5:e0:bb:6b:03:26:e1:45:4e:a8:26:71:0a:c6:da:
f3:88:6f:24:cd:9e:9c:7f:a4:d1:1f:47:0e:f1:36:
d0:f6:a1:9c:b4:af:d4:ce:09:f1:bd:e0:fc:2f:ee:
ed:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:8A:0F:C0:DB:37:3D:F2:12:13:46:9E:B5:86:1E:2B:84:E1:B1:4D
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/UooPwNs3PfISE0aetYYeK4ThsU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.60.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:7b:98:58:e5:6d:bb:5b:48:cf:2f:a2:46:43:ef:e3:53:aa:
a3:1b:09:9d:c9:6f:5f:00:37:6f:1f:f5:f0:b5:81:44:16:80:
de:c6:0d:30:7f:12:ef:15:1d:bd:ed:62:3a:5f:8b:17:45:28:
9a:2f:61:17:24:f5:de:ee:3b:4e:4f:7b:f9:98:9b:cd:d9:fd:
86:57:58:c6:05:04:ef:40:b3:0b:51:12:e5:7e:84:f7:a8:df:
cf:7c:eb:a8:7b:f3:d2:7c:c6:af:2a:c6:a2:0c:48:d7:0d:c1:
78:c0:dd:35:5a:55:a1:74:ab:5b:e9:cf:c1:4f:0e:98:09:a4:
2a:92:b1:90:f2:4f:ee:f6:49:35:8d:b8:c9:93:e5:d4:5b:a3:
57:db:61:e2:65:93:6c:f2:4d:6b:a9:5a:28:8f:41:df:9d:4d:
34:d5:05:cc:43:d2:e7:a2:ac:a6:5e:86:e9:46:d9:50:cf:b1:
2b:e6:75:6f:72:da:2c:be:17:fb:47:30:52:e0:de:85:13:62:
f9:67:8e:ea:2e:ec:20:72:e0:2b:2e:ea:b9:37:ad:60:a2:b9:
3b:3b:54:83:b8:9b:70:49:ee:78:73:5b:02:55:2b:c5:b3:29:
26:34:27:69:c2:33:a9:d8:0a:1e:ad:8b:d1:da:c0:c9:ab:90:
12:d1:ce:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2+TPSwn0uqcVVK5/upQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjhhMGZjMGRiMzczZGYyMTIxMzQ2OWViNTg2MWUyYjg0ZTFiMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQeD8g8Hl7kTVuiJ0oeMQtwptsGo
uvtpsFjMp/8p2ZuugLl6ccz9L6djhb28BSJKr4yTX1b0kn/0OPOuYX2A2hcNfd8S
Qo7BcXB/rwsdwYZvXVkKu0G5g9lms5eonzjdZ4tyM08GvKnbE8oSnVkXbKaWWvpU
r3esfMEppEoNDbhZIeWxYdjjibLVb2OCFUTB6ky1GnIWOJYhS/hkwuEXcovOsKk4
128Q+a+OugTJVyE9e5u6+qyL3wQgIEINhIpBUpTFIQ9Cb+8YXbw4w72ADyP14Ltr
AybhRU6oJnEKxtrziG8kzZ6cf6TRH0cO8TbQ9qGctK/UzgnxveD8L+7tpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKKD8DbNz3yEhNGnrWGHiuE4bFNMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvVW9vUHdOczNQZklTRTBhZXRZWWVLNFRoc1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPrU8MA0G
CSqGSIb3DQEBCwUAA4IBAQBce5hY5W27W0jPL6JGQ+/jU6qjGwmdyW9fADdvH/Xw
tYFEFoDexg0wfxLvFR297WI6X4sXRSiaL2EXJPXe7jtOT3v5mJvN2f2GV1jGBQTv
QLMLURLlfoT3qN/PfOuoe/PSfMavKsaiDEjXDcF4wN01WlWhdKtb6c/BTw6YCaQq
krGQ8k/u9kk1jbjJk+XUW6NX22HiZZNs8k1rqVooj0HfnU001QXMQ9LnoqymXobp
RtlQz7Er5nVvctosvhf7RzBS4N6FE2L5Z47qLuwgcuArLuq5N61gork7O1SDuJtw
Se54c1sCVSvFsykmNCdpwjOp2AoerYvR2sDJq5AS0c7w
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:39 2025 by rpki-client