Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/ccU8_M4uaSkm-QjbPZ4n_NYCudU.roa
File: ccU8_M4uaSkm-QjbPZ4n_NYCudU.roa (raw, json)
Hash identifier: BE/eqxC8qJ0fmKVBKWmNVf5O1JMZr7h4/dqXz0TgutU=
Subject key identifier: 71:C5:3C:FC:CE:2E:69:29:26:F9:08:DB:3D:9E:27:FC:D6:02:B9:D5
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018CF249A0FCDB66EB1348360A38D212B289
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/ccU8_M4uaSkm-QjbPZ4n_NYCudU.roa
Signing time: Wed 10 Jan 2024 07:32:40 +0000
ROA not before: Wed 10 Jan 2024 07:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.228.0/22 maxlen: 22
62.201.229.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/24 maxlen: 24
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.236.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.243.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.246.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.253.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/23 maxlen: 23
62.201.250.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
62.201.192.0/23 maxlen: 23
62.201.197.0/24 maxlen: 24
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.192.0/18 maxlen: 18
62.201.193.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.206.0/23 maxlen: 23
62.201.206.0/24 maxlen: 24
62.201.212.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.207.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.210.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.226.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/24 maxlen: 24
185.1.98.0/24 maxlen: 24
2a02:b60:2010::/48 maxlen: 48
2a02:b60::/64 maxlen: 64
2a02:b60:2000::/48 maxlen: 48
2a02:b60:4000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:4005::/48 maxlen: 48
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:4000::/34 maxlen: 34
2a02:b60:2000::/35 maxlen: 35
2a02:b60::/32 maxlen: 32
2a02:b60:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 11:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:49:a0:fc:db:66:eb:13:48:36:0a:38:d2:12:b2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 10 07:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71c53cfcce2e692926f908db3d9e27fcd602b9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1f:dc:bb:76:b3:3e:6b:79:a5:9c:84:66:0b:
93:41:e9:5a:de:ed:0a:eb:a7:e3:b9:04:e0:7b:a2:
d0:6a:03:2c:2c:2e:a3:aa:db:cb:d4:fa:f7:bc:ee:
c1:47:c3:79:4b:64:ac:59:49:c5:87:e9:7d:c0:42:
9f:b8:89:82:1e:dd:65:fb:6f:61:e6:25:a2:0f:c9:
09:d6:8f:38:43:4d:fd:90:3e:a9:7b:ce:b8:e1:94:
18:69:08:a0:20:4e:53:f1:80:e4:f1:76:9c:39:11:
a4:94:20:a9:a8:68:a6:45:85:b1:9a:bc:b9:44:54:
82:95:04:ab:bf:fa:cd:67:d7:d3:bf:1f:48:7f:98:
9f:77:9f:a0:1c:ab:df:36:09:c2:b6:80:91:7e:03:
1d:4a:ff:00:d1:f0:05:91:8b:16:fb:09:b4:49:86:
1c:d0:26:1d:e2:4b:04:19:f5:08:32:2e:d6:70:48:
0a:d5:55:1f:a3:48:1c:78:a1:86:85:63:b4:1c:77:
2f:5d:30:f0:2b:f4:ed:cf:2b:1a:68:39:63:85:32:
78:33:c7:89:ff:bb:02:dc:0b:bd:fc:ac:15:44:ec:
5d:28:33:b7:de:a5:df:1c:8e:75:f1:3f:75:c3:9d:
c3:48:d2:62:5f:5c:25:7a:82:3c:6d:8f:b7:95:4d:
43:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C5:3C:FC:CE:2E:69:29:26:F9:08:DB:3D:9E:27:FC:D6:02:B9:D5
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/ccU8_M4uaSkm-QjbPZ4n_NYCudU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
88:67:1a:c4:6a:c3:0a:fc:d9:a3:3c:26:09:0e:8d:7c:bd:a0:
95:b8:df:1d:46:ea:1a:0b:56:2b:9a:93:53:11:e9:47:ca:d0:
fc:1e:74:0a:5e:eb:de:fd:38:1c:b8:d8:c9:b6:e0:8e:ea:c8:
1f:90:ec:82:be:21:39:1d:a1:5b:8c:7e:dc:16:dd:16:dd:4a:
7d:ad:fd:c7:7b:ea:a9:c3:bc:c0:de:af:d8:71:bf:4a:13:eb:
79:20:e1:30:6b:74:b7:00:40:8a:93:db:38:1f:f4:ba:8d:32:
3f:a2:0b:0e:98:f6:d4:05:4b:25:d6:da:cb:3d:bb:68:93:b9:
f5:15:93:c4:b2:dc:a0:40:48:b1:d3:c7:c0:76:c7:8c:9a:43:
31:9f:d7:16:92:84:67:74:01:d2:02:07:26:4a:71:e0:30:98:
d6:36:21:1d:6e:1d:0e:1e:e6:7d:4a:3b:76:17:71:3a:a2:ad:
24:de:af:e6:4a:4e:d2:c0:97:61:23:5a:a7:ba:e4:05:20:4c:
38:21:22:92:a6:7e:75:13:30:f7:4f:fd:8b:6b:91:f0:6c:a3:
5e:8c:6d:69:35:c4:76:42:6e:c6:2a:66:5e:26:ef:cd:0e:70:
42:e8:a2:7b:f9:d6:4d:be:0e:b4:62:81:72:27:6e:14:a3:95:
b7:6a:22:97
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzySaD822brE0g2CjjSErKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQwMTEwMDczMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWM1M2NmY2NlMmU2OTI5MjZmOTA4ZGIzZDllMjdmY2Q2MDJiOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh/cu3azPmt5pZyEZguTQela3u0K
66fjuQTge6LQagMsLC6jqtvL1Pr3vO7BR8N5S2SsWUnFh+l9wEKfuImCHt1l+29h
5iWiD8kJ1o84Q039kD6pe8644ZQYaQigIE5T8YDk8XacORGklCCpqGimRYWxmry5
RFSClQSrv/rNZ9fTvx9If5ifd5+gHKvfNgnCtoCRfgMdSv8A0fAFkYsW+wm0SYYc
0CYd4ksEGfUIMi7WcEgK1VUfo0gceKGGhWO0HHcvXTDwK/TtzysaaDljhTJ4M8eJ
/7sC3Au9/KwVROxdKDO33qXfHI518T91w53DSNJiX1wleoI8bY+3lU1DDQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHHFPPzOLmkpJvkI2z2eJ/zWArnVMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvY2NVOF9NNHVhU2ttLVFqYlBaNG5fTllDdWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQCIZxrE
asMK/NmjPCYJDo18vaCVuN8dRuoaC1YrmpNTEelHytD8HnQKXuve/TgcuNjJtuCO
6sgfkOyCviE5HaFbjH7cFt0W3Up9rf3He+qpw7zA3q/Ycb9KE+t5IOEwa3S3AECK
k9s4H/S6jTI/ogsOmPbUBUsl1trLPbtok7n1FZPEstygQEix08fAdseMmkMxn9cW
koRndAHSAgcmSnHgMJjWNiEdbh0OHuZ9Sjt2F3E6oq0k3q/mSk7SwJdhI1qnuuQF
IEw4ISKSpn51EzD3T/2La5HwbKNejG1pNcR2Qm7GKmZeJu/NDnBC6KJ7+dZNvg60
YoFyJ24Uo5W3aiKX
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:08:50 2025 by rpki-client