Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/ej1Vk6Vy1xpRbRNXCcjsC6ArdBQ.roa
File: ej1Vk6Vy1xpRbRNXCcjsC6ArdBQ.roa (raw, json)
Hash identifier: YmRD6gQOee7bO6tvMXD02ZcDXTD9ArZmQgc0o6v8k1s=
Subject key identifier: 7A:3D:55:93:A5:72:D7:1A:51:6D:13:57:09:C8:EC:0B:A0:2B:74:14
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 019260DC4506B13905723065EF5AEAC6BF89
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/ej1Vk6Vy1xpRbRNXCcjsC6ArdBQ.roa
Signing time: Sun 06 Oct 2024 08:05:01 +0000
ROA not before: Sun 06 Oct 2024 08:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.192.0/18 maxlen: 18
62.201.192.0/23 maxlen: 23
62.201.193.0/24 maxlen: 24
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.196.0/24 maxlen: 24
62.201.197.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.205.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.212.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.224.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.226.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/22 maxlen: 22
62.201.228.0/24 maxlen: 24
62.201.229.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.236.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.240.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.243.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.246.0/24 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.253.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
185.1.98.0/24 maxlen: 24
2a02:b60::/32 maxlen: 32
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:20::/48 maxlen: 48
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:2010::/48 maxlen: 48
2a02:b60:4000::/34 maxlen: 34
2a02:b60:4000::/48 maxlen: 48
2a02:b60:4005::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Oct 2024 07:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:60:dc:45:06:b1:39:05:72:30:65:ef:5a:ea:c6:bf:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Oct 6 08:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a3d5593a572d71a516d135709c8ec0ba02b7414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5b:a1:aa:4c:92:e1:7a:df:88:bc:a2:2f:e1:
6e:80:ff:9d:f1:4e:a1:68:6b:0e:f6:3e:a9:ae:63:
ce:58:0e:7c:12:db:c1:98:3b:85:63:44:92:44:b5:
de:8e:d1:ea:c1:20:4e:22:f1:57:15:b2:0b:04:22:
42:c4:a3:25:63:3c:52:4c:1c:bc:6a:fb:0e:9a:4a:
77:4f:e9:91:00:5c:e8:8a:48:f9:4a:d1:0a:81:0f:
f7:da:12:d3:c6:9b:8d:51:bd:ea:91:d1:d7:33:8b:
e5:50:02:82:0e:71:7a:41:fb:99:18:65:c5:05:0f:
93:0e:1c:11:fa:b6:cd:95:48:9e:1e:bb:9d:e7:88:
9e:29:62:10:9d:d1:87:e9:75:f9:60:86:fc:10:4e:
f0:b0:6d:f9:f6:b4:7b:12:12:f8:f7:38:61:a1:d3:
ce:d1:ec:04:87:b4:99:54:9a:c5:ae:35:7d:6c:8b:
09:9a:42:75:57:75:d7:7f:71:ca:87:8b:ed:37:88:
c5:dd:02:d3:56:02:6c:2a:72:4c:fb:e7:a1:9e:c0:
d0:3b:f9:ea:ac:23:9a:7d:7e:21:c3:82:19:60:52:
2a:1d:a7:49:39:7c:21:39:5b:10:e0:19:e8:e6:12:
d0:14:b5:fe:33:c7:26:6c:51:a0:f3:a2:6d:08:a4:
65:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3D:55:93:A5:72:D7:1A:51:6D:13:57:09:C8:EC:0B:A0:2B:74:14
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/ej1Vk6Vy1xpRbRNXCcjsC6ArdBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
81:2b:e0:69:9a:22:bc:d3:ef:bc:3a:fc:2b:d0:8e:5e:a2:35:
a6:34:00:0f:bb:4c:87:2f:e0:85:76:f8:6a:81:a9:05:d9:a3:
a6:84:55:21:d9:c1:36:2a:af:1f:f9:a5:26:c4:8b:49:4e:94:
c6:a1:b5:1c:82:d4:68:34:c5:1b:29:8f:ed:6c:9a:c2:2f:a2:
d3:14:32:8a:83:17:02:57:09:c8:b6:2b:ff:b7:87:05:16:79:
74:bb:c3:c5:bc:65:26:78:1c:19:ae:19:d5:f5:a0:e3:98:7e:
a0:9b:2e:e2:82:7f:63:f5:24:22:0a:71:e1:74:3f:c3:49:63:
83:ab:e2:57:d7:fd:07:83:97:d5:b1:0d:7d:23:22:0b:9c:86:
49:4c:52:6c:11:b1:8f:40:47:04:21:ba:5d:22:16:c0:4f:64:
94:db:c1:40:02:bc:c7:83:7a:60:81:a5:74:f6:d5:9e:f7:55:
3c:5c:59:26:5e:14:09:32:aa:d0:39:7d:34:9f:52:88:dd:5d:
5c:7a:5c:ad:8c:44:b1:78:b5:69:52:0e:5d:bd:7e:31:4d:b1:
2c:8c:fa:9e:fb:86:91:26:e5:42:12:b5:48:4c:66:db:1f:8f:
2b:32:31:c1:3b:b2:b9:65:93:14:32:20:cd:f8:93:e5:e5:7e:
42:ff:bf:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJg3EUGsTkFcjBl71rqxr+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQxMDA2MDgwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTNkNTU5M2E1NzJkNzFhNTE2ZDEzNTcwOWM4ZWMwYmEwMmI3NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1uhqkyS4XrfiLyiL+FugP+d8U6h
aGsO9j6prmPOWA58EtvBmDuFY0SSRLXejtHqwSBOIvFXFbILBCJCxKMlYzxSTBy8
avsOmkp3T+mRAFzoikj5StEKgQ/32hLTxpuNUb3qkdHXM4vlUAKCDnF6QfuZGGXF
BQ+TDhwR+rbNlUieHrud54ieKWIQndGH6XX5YIb8EE7wsG359rR7EhL49zhhodPO
0ewEh7SZVJrFrjV9bIsJmkJ1V3XXf3HKh4vtN4jF3QLTVgJsKnJM++ehnsDQO/nq
rCOafX4hw4IZYFIqHadJOXwhOVsQ4Bno5hLQFLX+M8cmbFGg86JtCKRlLQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHo9VZOlctcaUW0TVwnI7AugK3QUMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvZWoxVms2VnkxeHBSYlJOWENjanNDNkFyZEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQCBK+Bp
miK80++8Ovwr0I5eojWmNAAPu0yHL+CFdvhqgakF2aOmhFUh2cE2Kq8f+aUmxItJ
TpTGobUcgtRoNMUbKY/tbJrCL6LTFDKKgxcCVwnItiv/t4cFFnl0u8PFvGUmeBwZ
rhnV9aDjmH6gmy7ign9j9SQiCnHhdD/DSWODq+JX1/0Hg5fVsQ19IyILnIZJTFJs
EbGPQEcEIbpdIhbAT2SU28FAArzHg3pggaV09tWe91U8XFkmXhQJMqrQOX00n1KI
3V1celytjESxeLVpUg5dvX4xTbEsjPqe+4aRJuVCErVITGbbH48rMjHBO7K5ZZMU
MiDN+JPl5X5C/7/J
-----END CERTIFICATE-----
Generated at Mon Apr 14 12:58:59 2025 by rpki-client