Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/7oXGXKthQdTZTvz_qPRR5E7UeWM.roa
File: 7oXGXKthQdTZTvz_qPRR5E7UeWM.roa (raw, json)
Hash identifier: PmnHNNnjeT50E7zjN7C51KSK3ekOLpxAarCXd3IPHt0=
Subject key identifier: EE:85:C6:5C:AB:61:41:D4:D9:4E:FC:FF:A8:F4:51:E4:4E:D4:79:63
Certificate issuer: /CN=715b885c3b302fd50e6c22647a33dc47727fea95
Certificate serial: 018CC7943A802E941FFF616F924386072A79
Authority key identifier: 71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/7oXGXKthQdTZTvz_qPRR5E7UeWM.roa
Signing time: Tue 02 Jan 2024 00:30:29 +0000
ROA not before: Tue 02 Jan 2024 00:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36351
IP address blocks: 5.62.35.0/24 maxlen: 24
5.62.33.0/24 maxlen: 24
5.62.23.0/24 maxlen: 24
5.62.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:3a:80:2e:94:1f:ff:61:6f:92:43:86:07:2a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715b885c3b302fd50e6c22647a33dc47727fea95
Validity
Not Before: Jan 2 00:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee85c65cab6141d4d94efcffa8f451e44ed47963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0d:9a:09:0d:53:30:17:9b:37:30:f3:c9:bd:
5a:2a:d3:4a:28:41:f7:e7:b2:23:01:e4:da:f5:63:
50:52:7a:22:69:b0:ed:69:78:c6:42:d5:01:93:6e:
02:ee:c5:76:9e:47:da:19:3a:2e:cb:42:84:15:c6:
71:45:fc:db:09:55:dd:a2:2a:a8:0b:0b:29:eb:8a:
f1:2a:65:26:fd:7c:b8:c2:18:08:12:ca:73:63:c9:
31:fc:02:9c:6c:ce:da:74:ed:7a:7c:34:46:d6:55:
d7:75:53:c6:d0:d2:e9:5d:5f:66:31:4e:f7:62:7c:
11:8d:60:05:02:4c:39:ea:d9:86:79:d3:ae:ba:af:
c7:92:9c:6c:dc:a2:fa:61:49:94:99:48:7c:4b:46:
f9:73:49:1a:18:2e:80:7b:73:ab:8d:3e:ba:e2:7f:
50:5e:b3:eb:f1:5f:ce:26:bd:f1:25:df:3e:e6:70:
bc:85:0e:be:3c:9a:84:56:21:d3:aa:fe:f9:64:4b:
3e:af:71:25:f7:c8:9d:d6:46:6a:24:3b:eb:ea:ff:
98:96:c9:af:fb:74:d2:9d:29:20:79:19:5a:bf:85:
42:12:b1:6c:eb:53:28:cd:8d:9a:a9:20:44:94:87:
2d:44:f1:c7:00:81:18:39:f9:01:ca:4a:07:be:d9:
35:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:85:C6:5C:AB:61:41:D4:D9:4E:FC:FF:A8:F4:51:E4:4E:D4:79:63
X509v3 Authority Key Identifier:
keyid:71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/7oXGXKthQdTZTvz_qPRR5E7UeWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/cVuIXDswL9UObCJkejPcR3J_6pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.22.0/23
5.62.33.0/24
5.62.35.0/24
Signature Algorithm: sha256WithRSAEncryption
46:57:f0:3b:3c:ec:1c:6a:2d:8d:9b:30:13:c2:3d:a8:aa:40:
91:dd:5d:58:b0:5c:5e:91:9e:32:ac:1d:1f:15:9c:d4:af:ca:
8a:ba:0d:ad:31:a5:5b:a2:be:28:82:4a:e8:1e:6c:98:c6:19:
71:8c:0c:05:fa:f5:42:af:d7:5c:50:39:f9:d5:60:00:ad:19:
41:d2:ab:b0:34:d8:c8:39:fb:b4:40:b2:a2:96:cf:15:5c:65:
bf:d1:63:78:16:40:9a:1c:12:2e:d5:f9:4f:38:3b:88:bb:eb:
27:0d:b0:91:2f:ae:81:03:2a:02:1a:84:33:0c:81:ca:5a:9e:
18:55:41:3e:b9:e6:63:ae:ea:0d:d9:1b:b3:78:5b:93:7d:5f:
0f:e5:3f:0d:a5:a2:cc:88:69:ec:1f:1d:f5:ab:3f:fa:30:89:
1f:7f:c9:fd:7e:20:a1:27:35:ee:17:46:da:cf:69:a8:d0:1c:
0d:14:8a:0b:f9:6f:73:d7:e8:10:3d:d7:23:6c:d5:f7:7d:82:
c5:10:a1:59:f3:04:aa:63:57:81:09:60:bd:3c:11:fa:06:8c:
d6:96:87:c2:68:52:7d:3e:ef:85:82:98:ea:58:7a:75:1e:cf:
80:25:a3:5d:d9:6f:dd:3f:c2:11:b9:6f:6d:a7:01:f9:9c:f4:
14:fd:59:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlDqALpQf/2FvkkOGByp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWI4ODVjM2IzMDJmZDUwZTZjMjI2NDdhMzNkYzQ3NzI3
ZmVhOTUwHhcNMjQwMTAyMDAzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg1YzY1Y2FiNjE0MWQ0ZDk0ZWZjZmZhOGY0NTFlNDRlZDQ3OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw2aCQ1TMBebNzDzyb1aKtNKKEH3
57IjAeTa9WNQUnoiabDtaXjGQtUBk24C7sV2nkfaGTouy0KEFcZxRfzbCVXdoiqo
Cwsp64rxKmUm/Xy4whgIEspzY8kx/AKcbM7adO16fDRG1lXXdVPG0NLpXV9mMU73
YnwRjWAFAkw56tmGedOuuq/Hkpxs3KL6YUmUmUh8S0b5c0kaGC6Ae3OrjT664n9Q
XrPr8V/OJr3xJd8+5nC8hQ6+PJqEViHTqv75ZEs+r3El98id1kZqJDvr6v+Ylsmv
+3TSnSkgeRlav4VCErFs61MozY2aqSBElIctRPHHAIEYOfkBykoHvtk1/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO6FxlyrYUHU2U78/6j0UeRO1HljMB8GA1UdIwQY
MBaAFHFbiFw7MC/VDmwiZHoz3Edyf+qVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYt
MmE5MjMzM2Y5ZGY2LzEvN29YR1hLdGhRZFRaVHZ6X3FQUlI1RTdVZVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYtMmE5MjMzM2Y5ZGY2
LzEvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBT4WAwQA
BT4hAwQABT4jMA0GCSqGSIb3DQEBCwUAA4IBAQBGV/A7POwcai2NmzATwj2oqkCR
3V1YsFxekZ4yrB0fFZzUr8qKug2tMaVbor4ogkroHmyYxhlxjAwF+vVCr9dcUDn5
1WAArRlB0quwNNjIOfu0QLKils8VXGW/0WN4FkCaHBIu1flPODuIu+snDbCRL66B
AyoCGoQzDIHKWp4YVUE+ueZjruoN2RuzeFuTfV8P5T8NpaLMiGnsHx31qz/6MIkf
f8n9fiChJzXuF0baz2mo0BwNFIoL+W9z1+gQPdcjbNX3fYLFEKFZ8wSqY1eBCWC9
PBH6BozWlofCaFJ9Pu+FgpjqWHp1Hs+AJaNd2W/dP8IRuW9tpwH5nPQU/Vlg
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:47 2025 by rpki-client