Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/z3DWBeZRL-dtOl6KNNEga6cC5Wg.roa
File: z3DWBeZRL-dtOl6KNNEga6cC5Wg.roa (raw, json)
Hash identifier: 2GcKLJBIvbLUM6dqVgSok/KtUIdA+7ORlvCTKthKaus=
Subject key identifier: CF:70:D6:05:E6:51:2F:E7:6D:3A:5E:8A:34:D1:20:6B:A7:02:E5:68
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D681F6F9A2E2D96473C128CA2F7DE
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/z3DWBeZRL-dtOl6KNNEga6cC5Wg.roa
Signing time: Mon 01 Jan 2024 00:29:59 +0000
ROA not before: Mon 01 Jan 2024 00:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203484
IP address blocks: 62.73.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:68:1f:6f:9a:2e:2d:96:47:3c:12:8c:a2:f7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf70d605e6512fe76d3a5e8a34d1206ba702e568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:33:00:41:c0:2e:fb:7f:e7:66:87:e8:59:8f:
19:e3:e3:ad:ad:46:a5:b8:9a:6d:1a:56:a1:b0:8e:
03:64:af:24:a7:64:2b:77:05:ab:30:1a:20:59:b8:
bd:85:f9:0d:f0:f2:a1:62:00:ac:15:09:2d:07:7d:
02:8f:a4:f0:97:ae:d0:c2:eb:29:21:25:15:17:59:
c1:2a:c6:80:5a:d6:41:53:a3:e8:40:2c:44:d1:87:
8c:3e:42:4a:9d:89:9a:06:ce:23:3b:59:73:c6:16:
99:4a:97:c8:2f:84:76:13:c9:7b:a4:ec:19:7d:27:
4c:3a:2e:25:31:49:90:f5:09:68:24:08:d9:44:9c:
c7:4f:a7:16:f9:50:93:a5:27:38:3c:00:34:68:c3:
27:e1:58:ca:ee:d0:c8:a1:37:60:5d:d1:54:e1:fa:
e6:ad:d4:9d:40:af:50:1f:99:58:9d:a9:c0:f1:4f:
ee:15:9f:73:44:bc:1b:df:3b:56:a7:2f:42:c2:e1:
71:95:ff:1c:79:13:2d:7e:39:7e:ed:00:bc:68:30:
9c:64:69:98:80:ee:0d:44:2c:d9:3f:9b:c8:8e:ed:
93:e1:4d:e7:87:a7:f5:5e:d6:ff:e4:a4:27:d9:c5:
e5:9c:46:19:fd:cc:ea:20:71:63:c2:86:4c:5c:ef:
39:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:70:D6:05:E6:51:2F:E7:6D:3A:5E:8A:34:D1:20:6B:A7:02:E5:68
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/z3DWBeZRL-dtOl6KNNEga6cC5Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.73.114.0/24
Signature Algorithm: sha256WithRSAEncryption
75:9a:b0:2a:f0:c1:0a:85:b1:eb:f6:97:60:b2:b5:0d:c8:c1:
35:5d:3b:2e:e4:cb:a3:cc:5f:57:39:6b:42:eb:c5:24:d7:0b:
15:55:e1:5a:88:a1:54:a4:5c:c2:cb:22:ae:bb:89:95:5a:83:
7b:56:d4:72:4f:83:f8:26:85:f2:f6:6d:fe:a8:51:a5:ec:97:
20:81:68:34:5a:97:59:6d:7f:10:20:19:c3:8e:33:85:06:26:
e4:69:66:a0:5c:a2:01:9b:06:70:21:69:15:3c:57:33:e4:8f:
f3:8a:27:c2:79:50:4d:41:75:13:94:6a:3b:c9:ef:df:22:9e:
71:2a:91:5d:ad:9a:88:3e:87:8a:5e:41:59:60:5a:82:c0:13:
3f:2c:3b:da:11:34:ae:70:b3:fd:12:3b:5d:58:05:8a:99:5c:
bc:5e:c4:ad:7d:cb:9b:ef:82:ec:bf:99:b6:26:64:7c:72:0c:
19:9c:94:ec:e0:b8:ca:11:62:1a:d3:35:71:af:c7:89:69:81:
ea:81:5f:f0:ae:db:84:84:6e:58:79:7d:e8:ca:70:f1:e0:ec:
59:78:12:6c:34:70:ad:b9:e1:44:6d:2f:9f:a8:a2:a1:52:8f:
ed:78:4d:cd:95:b4:98:51:47:8b:66:b5:aa:39:a2:dc:3c:b4:
01:1d:89:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbWgfb5ouLZZHPBKMovfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjcwZDYwNWU2NTEyZmU3NmQzYTVlOGEzNGQxMjA2YmE3MDJlNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDMAQcAu+3/nZofoWY8Z4+OtrUal
uJptGlahsI4DZK8kp2QrdwWrMBogWbi9hfkN8PKhYgCsFQktB30Cj6Twl67Qwusp
ISUVF1nBKsaAWtZBU6PoQCxE0YeMPkJKnYmaBs4jO1lzxhaZSpfIL4R2E8l7pOwZ
fSdMOi4lMUmQ9QloJAjZRJzHT6cW+VCTpSc4PAA0aMMn4VjK7tDIoTdgXdFU4frm
rdSdQK9QH5lYnanA8U/uFZ9zRLwb3ztWpy9CwuFxlf8ceRMtfjl+7QC8aDCcZGmY
gO4NRCzZP5vIju2T4U3nh6f1Xtb/5KQn2cXlnEYZ/czqIHFjwoZMXO85oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9w1gXmUS/nbTpeijTRIGunAuVoMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvejNEV0JlWlJMLWR0T2w2S05ORWdhNmNDNVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPklyMA0G
CSqGSIb3DQEBCwUAA4IBAQB1mrAq8MEKhbHr9pdgsrUNyME1XTsu5MujzF9XOWtC
68Uk1wsVVeFaiKFUpFzCyyKuu4mVWoN7VtRyT4P4JoXy9m3+qFGl7JcggWg0WpdZ
bX8QIBnDjjOFBibkaWagXKIBmwZwIWkVPFcz5I/ziifCeVBNQXUTlGo7ye/fIp5x
KpFdrZqIPoeKXkFZYFqCwBM/LDvaETSucLP9EjtdWAWKmVy8XsStfcub74Lsv5m2
JmR8cgwZnJTs4LjKEWIa0zVxr8eJaYHqgV/wrtuEhG5YeX3oynDx4OxZeBJsNHCt
ueFEbS+fqKKhUo/teE3NlbSYUUeLZrWqOaLcPLQBHYn3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:53 2025 by rpki-client