Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/Xqt62T6MWVGqGZS_CHPEP4uaGj4.roa
File: Xqt62T6MWVGqGZS_CHPEP4uaGj4.roa (raw, json)
Hash identifier: OWfSj++fmJkTMdvj+21JLK/NfJNfi20A6UqD3Pd0wm8=
Subject key identifier: 5E:AB:7A:D9:3E:8C:59:51:AA:19:94:BF:08:73:C4:3F:8B:9A:1A:3E
Certificate issuer: /CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Certificate serial: 01934A176ED5DE596585E62678DAD13F0DAB
Authority key identifier: 1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/Xqt62T6MWVGqGZS_CHPEP4uaGj4.roa
Signing time: Wed 20 Nov 2024 15:01:09 +0000
ROA not before: Wed 20 Nov 2024 15:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43608
IP address blocks: 62.77.132.0/22 maxlen: 24
62.77.132.0/24 maxlen: 24
78.24.104.0/21 maxlen: 21
78.24.108.0/24 maxlen: 24
185.61.56.0/22 maxlen: 24
185.61.57.0/24 maxlen: 24
2a00:9500::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:17:6e:d5:de:59:65:85:e6:26:78:da:d1:3f:0d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Validity
Not Before: Nov 20 15:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5eab7ad93e8c5951aa1994bf0873c43f8b9a1a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c6:b5:f0:ec:ac:b5:e3:ec:1d:e9:2e:22:ec:
8a:ad:34:32:3b:f4:5b:96:5f:28:7d:6a:64:f9:51:
e0:2c:40:75:f1:e2:9d:dc:b0:cb:c6:38:85:37:5b:
1c:17:29:81:43:9a:2b:da:93:e1:99:2f:3f:98:d6:
74:c7:41:cf:11:d5:ba:7e:e7:81:26:4e:28:a7:1c:
07:9d:25:36:9c:2d:b8:30:76:85:0e:85:6c:c8:77:
42:c1:06:a0:4e:70:32:6c:18:e6:e8:86:42:a4:75:
42:82:05:19:b0:78:42:52:cc:8e:c7:c8:03:d3:e6:
9f:6b:04:d9:0e:f0:ce:11:0a:73:72:8c:8a:ae:d1:
1d:b8:bc:5f:02:2c:db:f8:f6:6c:7b:8c:5e:8a:cf:
02:c6:bf:d9:80:1e:8a:c4:ab:ca:43:f0:fd:1f:59:
e6:08:58:85:6f:e4:1d:cf:60:7e:9f:22:69:77:f4:
6f:b7:aa:a2:20:35:f9:03:04:83:ed:ee:77:9b:e3:
62:60:e5:24:29:b0:85:12:0e:60:e4:aa:7f:93:37:
8c:1e:d9:18:93:f1:1f:9e:dc:a0:ee:12:99:bd:e8:
ba:37:32:95:63:76:d3:f8:d8:bd:31:1f:e3:57:c1:
99:09:aa:fe:b4:ca:f5:28:62:d4:c6:bd:10:98:e2:
3f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AB:7A:D9:3E:8C:59:51:AA:19:94:BF:08:73:C4:3F:8B:9A:1A:3E
X509v3 Authority Key Identifier:
keyid:1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/Xqt62T6MWVGqGZS_CHPEP4uaGj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/HJe0gj08nhIexkmCHgDwp5rrm40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.132.0/22
78.24.104.0/21
185.61.56.0/22
IPv6:
2a00:9500::/32
Signature Algorithm: sha256WithRSAEncryption
8a:b7:18:47:00:47:4a:22:dc:b2:e9:08:fd:64:5d:9a:8f:2d:
ca:d6:a2:32:d2:66:b6:81:ed:ee:12:51:bb:76:40:88:97:96:
61:ab:24:8e:4c:7c:16:bb:b6:d0:42:cf:8a:c7:69:3a:10:8c:
7d:22:a6:71:a8:34:60:eb:89:65:c2:66:6a:bc:1d:a7:53:45:
90:6b:2c:2b:d4:c9:3d:0f:09:a9:d7:1a:c8:93:54:25:ae:78:
78:19:e8:2a:1b:3d:c6:f0:38:76:e3:0a:a2:07:9b:95:6a:e6:
1d:21:05:31:ab:59:7d:ea:ce:55:e0:66:2d:6a:d6:79:08:cb:
ea:9e:1c:57:8d:3a:de:49:29:f5:a1:69:95:c1:60:32:ca:3c:
fd:16:d9:81:b8:fc:d9:33:8a:a2:83:b5:ef:35:93:ab:78:20:
48:a8:0d:50:d4:6d:85:2c:2d:fb:08:b9:d9:b8:57:f5:7a:4a:
29:dd:69:16:e3:da:e7:0a:29:13:7c:55:63:a7:7e:49:90:f8:
2c:80:5b:b0:7b:4c:83:da:09:d0:7a:11:a8:26:cf:89:a0:3e:
07:51:e3:84:a8:f5:33:bc:5e:7c:1f:9f:67:35:1a:dc:47:29:
bf:b4:2f:3e:1a:3a:be:3b:9a:4f:0c:9c:f3:da:1c:23:31:37:
8a:cd:fd:31
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZNKF27V3lllheYmeNrRPw2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTdiNDgyM2QzYzllMTIxZWM2NDk4MjFlMDBmMGE3OWFl
YjliOGQwHhcNMjQxMTIwMTUwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFiN2FkOTNlOGM1OTUxYWExOTk0YmYwODczYzQzZjhiOWExYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ma18OystePsHekuIuyKrTQyO/Rb
ll8ofWpk+VHgLEB18eKd3LDLxjiFN1scFymBQ5or2pPhmS8/mNZ0x0HPEdW6fueB
Jk4opxwHnSU2nC24MHaFDoVsyHdCwQagTnAybBjm6IZCpHVCggUZsHhCUsyOx8gD
0+afawTZDvDOEQpzcoyKrtEduLxfAizb+PZse4xeis8Cxr/ZgB6KxKvKQ/D9H1nm
CFiFb+Qdz2B+nyJpd/Rvt6qiIDX5AwSD7e53m+NiYOUkKbCFEg5g5Kp/kzeMHtkY
k/Efntyg7hKZvei6NzKVY3bT+Ni9MR/jV8GZCar+tMr1KGLUxr0QmOI/8QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF6retk+jFlRqhmUvwhzxD+Lmho+MB8GA1UdIwQY
MBaAFByXtII9PJ4SHsZJgh4A8Kea65uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTkt
OWI5Y2Q4OTY1OWUwLzEvWHF0NjJUNk1XVkdxR1pTX0NIUEVQNHVhR2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTktOWI5Y2Q4OTY1OWUw
LzEvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCPk2EAwQD
ThhoAwQCuT04MA0EAgACMAcDBQAqAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQCKtxhH
AEdKItyy6Qj9ZF2ajy3K1qIy0ma2ge3uElG7dkCIl5ZhqySOTHwWu7bQQs+Kx2k6
EIx9IqZxqDRg64llwmZqvB2nU0WQaywr1Mk9Dwmp1xrIk1Qlrnh4GegqGz3G8Dh2
4wqiB5uVauYdIQUxq1l96s5V4GYtatZ5CMvqnhxXjTreSSn1oWmVwWAyyjz9FtmB
uPzZM4qig7XvNZOreCBIqA1Q1G2FLC37CLnZuFf1ekop3WkW49rnCikTfFVjp35J
kPgsgFuwe0yD2gnQehGoJs+JoD4HUeOEqPUzvF58H59nNRrcRym/tC8+Gjq+O5pP
DJzz2hwjMTeKzf0x
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:30 2025 by rpki-client