Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/cGOz5GuZhOhSi78IM6tbYPfov4A.roa
File: cGOz5GuZhOhSi78IM6tbYPfov4A.roa (raw, json)
Hash identifier: oBarnQXBvmb/HkHwF9UY095mtqBrVQcOU+rnFr9G73U=
Subject key identifier: 70:63:B3:E4:6B:99:84:E8:52:8B:BF:08:33:AB:5B:60:F7:E8:BF:80
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 019579DD95DCEB9206A8D4B1D62808F72C48
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/cGOz5GuZhOhSi78IM6tbYPfov4A.roa
Signing time: Sun 09 Mar 2025 07:45:19 +0000
ROA not before: Sun 09 Mar 2025 07:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41032
IP address blocks: 62.201.192.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
2a02:b60:1::/48 maxlen: 48
2a02:b60:2::/48 maxlen: 48
2a02:b60:3::/48 maxlen: 48
2a02:b60:4::/48 maxlen: 48
2a02:b60:5::/48 maxlen: 48
2a02:b60:6::/48 maxlen: 48
2a02:b60:7::/48 maxlen: 48
2a02:b60:8::/48 maxlen: 48
2a02:b60:9::/48 maxlen: 48
2a02:b60:a::/48 maxlen: 48
2a02:b60:b::/48 maxlen: 48
2a02:b60:c::/48 maxlen: 48
2a02:b60:d::/48 maxlen: 48
2a02:b60:e::/48 maxlen: 48
2a02:b60:f::/48 maxlen: 48
2a02:b60:10::/48 maxlen: 48
2a02:b60:11::/48 maxlen: 48
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Apr 2025 06:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:79:dd:95:dc:eb:92:06:a8:d4:b1:d6:28:08:f7:2c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Mar 9 07:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7063b3e46b9984e8528bbf0833ab5b60f7e8bf80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:08:0d:4c:88:6f:9c:f8:22:b7:45:fb:40:62:
48:23:70:96:9f:14:91:4a:45:f2:49:f8:01:f0:05:
33:58:6a:48:35:3c:e7:ad:e5:40:f7:14:ee:c1:39:
cd:11:aa:fc:b8:8c:d4:fd:91:fc:b9:a3:c1:c7:ce:
f1:84:4d:79:7b:88:98:e9:02:d3:27:80:3e:9a:4e:
39:27:19:08:45:3e:5f:88:e2:c3:7c:75:e7:28:a5:
42:4b:4a:73:de:ec:90:4f:8b:a4:ac:fb:a0:79:cf:
55:fb:00:88:72:2a:64:b7:ce:3b:93:87:bd:15:3d:
09:bd:83:09:54:c1:f2:ac:97:df:bf:f7:21:26:a1:
e8:51:20:8a:35:97:db:8f:c0:64:ef:a7:42:39:de:
86:ae:c5:f9:28:a2:34:33:c7:0d:7d:05:82:ab:ab:
d9:8d:cb:00:4e:de:93:65:5c:f8:f7:3a:d6:cb:8a:
a2:29:99:3a:b8:44:b9:80:94:34:0e:27:a5:4a:41:
0d:4d:d1:c4:ef:5d:8f:e1:4b:96:c5:4c:51:c6:da:
1f:a7:1f:cb:a3:ec:c8:14:06:fc:c8:70:1a:76:de:
be:03:6c:1d:9d:a8:4d:89:d1:9c:7a:3a:0a:b6:f7:
44:b0:2b:e9:2e:eb:ee:83:9b:4d:6d:0a:ef:1b:9c:
b0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:63:B3:E4:6B:99:84:E8:52:8B:BF:08:33:AB:5B:60:F7:E8:BF:80
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/cGOz5GuZhOhSi78IM6tbYPfov4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.199.0-62.201.205.255
62.201.207.0-62.201.208.255
62.201.210.0/24
62.201.237.0/24
62.201.248.0/24
62.201.250.0/24
185.90.104.0/22
IPv6:
2a02:b60:1::-2a02:b60:11:ffff:ffff:ffff:ffff:ffff
2a02:b60:2000::/35
Signature Algorithm: sha256WithRSAEncryption
67:5f:99:a8:af:6e:f8:bb:bb:f9:69:17:88:40:ba:0e:bc:cf:
ba:18:e3:71:74:3e:ec:83:84:1c:2e:8a:b7:af:bc:2f:20:12:
9d:be:1a:24:b4:34:f2:be:59:21:0d:d2:64:11:99:50:9b:43:
1a:ae:a8:aa:ef:f9:5c:2b:34:82:df:8c:b5:e2:d8:76:1f:a2:
b4:47:93:e2:d5:f2:3b:93:82:75:8a:a1:3f:c2:af:dd:44:3d:
cb:8b:59:ba:3a:39:0a:7d:1a:f7:05:03:b9:51:37:b9:84:32:
b5:52:a9:d8:07:5a:57:ec:d8:ec:63:48:86:db:76:ab:e2:55:
62:6f:cd:74:75:d6:f1:ba:73:78:59:e7:38:56:c4:41:a2:cf:
60:e1:39:5f:34:46:f1:63:ae:05:db:4c:03:15:64:7f:5f:dc:
21:e9:6f:48:59:aa:6a:a4:a6:33:c3:fd:c9:32:63:60:db:c0:
06:ff:83:dc:31:44:54:64:58:56:dc:a9:41:f9:9b:61:8e:47:
6f:77:ee:ca:db:cf:ce:35:06:65:4b:29:54:d9:c4:be:c3:e8:
a5:b7:be:30:ec:a1:37:ab:9b:c7:01:0d:23:cb:a8:87:7e:83:
06:b6:cc:d2:60:af:ea:31:25:b9:46:dd:06:da:46:40:a9:3e:
64:01:4a:81
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZV53ZXc65IGqNSx1igI9yxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjUwMzA5MDc0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDYzYjNlNDZiOTk4NGU4NTI4YmJmMDgzM2FiNWI2MGY3ZThiZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AgNTIhvnPgit0X7QGJII3CWnxSR
SkXySfgB8AUzWGpINTznreVA9xTuwTnNEar8uIzU/ZH8uaPBx87xhE15e4iY6QLT
J4A+mk45JxkIRT5fiOLDfHXnKKVCS0pz3uyQT4ukrPugec9V+wCIcipkt847k4e9
FT0JvYMJVMHyrJffv/chJqHoUSCKNZfbj8Bk76dCOd6GrsX5KKI0M8cNfQWCq6vZ
jcsATt6TZVz49zrWy4qiKZk6uES5gJQ0DielSkENTdHE712P4UuWxUxRxtofpx/L
o+zIFAb8yHAadt6+A2wdnahNidGcejoKtvdEsCvpLuvug5tNbQrvG5yw9QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFHBjs+RrmYToUou/CDOrW2D36L+AMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvY0dPejVHdVpoT2hTaTc4SU02dGJZUGZvdjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBGBAIAATBAAwQAPsnAMAwD
BAA+yccDBAE+ycwwDAMEAD7JzwMEAD7J0AMEAD7J0gMEAD7J7QMEAD7J+AMEAD7J
+gMEArlaaDAiBAIAAjAcMBIDBwAqAgtgAAEDBwEqAgtgABADBgUqAgtgIDANBgkq
hkiG9w0BAQsFAAOCAQEAZ1+ZqK9u+Lu7+WkXiEC6DrzPuhjjcXQ+7IOEHC6Kt6+8
LyASnb4aJLQ08r5ZIQ3SZBGZUJtDGq6oqu/5XCs0gt+MteLYdh+itEeT4tXyO5OC
dYqhP8Kv3UQ9y4tZujo5Cn0a9wUDuVE3uYQytVKp2AdaV+zY7GNIhtt2q+JVYm/N
dHXW8bpzeFnnOFbEQaLPYOE5XzRG8WOuBdtMAxVkf1/cIelvSFmqaqSmM8P9yTJj
YNvABv+D3DFEVGRYVtypQfmbYY5Hb3fuytvPzjUGZUspVNnEvsPopbe+MOyhN6ub
xwENI8uoh36DBrbM0mCv6jEluUbdBtpGQKk+ZAFKgQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:01:18 2025 by rpki-client