Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/lyMCFqM8Cry3T_AYT99anC16cSY.roa
File: lyMCFqM8Cry3T_AYT99anC16cSY.roa (raw, json)
Hash identifier: 6+pHUNXLbEJxJEaW3Uot+UyGY5a97vhSB1gW1y3E3aw=
Subject key identifier: 97:23:02:16:A3:3C:0A:BC:B7:4F:F0:18:4F:DF:5A:9C:2D:7A:71:26
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018CF3397F42319F1792B567E92B7F81AC37
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/lyMCFqM8Cry3T_AYT99anC16cSY.roa
Signing time: Wed 10 Jan 2024 11:54:40 +0000
ROA not before: Wed 10 Jan 2024 11:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.228.0/22 maxlen: 22
62.201.229.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/24 maxlen: 24
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.236.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.243.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.246.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.253.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
62.201.192.0/23 maxlen: 23
62.201.197.0/24 maxlen: 24
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.192.0/18 maxlen: 18
62.201.193.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.206.0/23 maxlen: 23
62.201.206.0/24 maxlen: 24
62.201.212.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.207.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.210.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.226.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/24 maxlen: 24
185.1.98.0/24 maxlen: 24
2a02:b60:2010::/48 maxlen: 48
2a02:b60::/64 maxlen: 64
2a02:b60:2000::/48 maxlen: 48
2a02:b60:4000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:4005::/48 maxlen: 48
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:4000::/34 maxlen: 34
2a02:b60:2000::/35 maxlen: 35
2a02:b60::/32 maxlen: 32
2a02:b60:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 28 Jan 2024 10:36:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:39:7f:42:31:9f:17:92:b5:67:e9:2b:7f:81:ac:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 10 11:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97230216a33c0abcb74ff0184fdf5a9c2d7a7126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:44:0d:0b:ee:d8:12:95:14:3b:6d:c5:e7:37:
87:60:c3:34:9f:b2:da:1b:86:3d:7b:8b:e8:20:4f:
13:36:0d:20:eb:79:18:a4:4e:94:8f:58:a6:79:c7:
3e:e2:46:12:51:d3:eb:c1:c3:79:45:cb:f9:ed:ea:
3a:50:3b:15:35:45:7f:72:34:57:d2:7d:10:3c:90:
91:5d:d4:05:1c:c2:39:d4:43:5d:53:26:19:7e:f9:
87:c5:0e:0a:5e:d4:bf:27:e1:36:b5:da:c2:2f:da:
8c:3c:1a:dc:89:43:82:61:d8:79:96:10:d1:3e:99:
56:9a:95:b8:dd:db:e3:42:5d:e7:bb:6a:6a:ab:5c:
77:84:c2:24:0d:ae:f2:94:ff:89:43:5d:db:1e:38:
0c:1e:ee:9a:a7:d3:44:56:05:90:2f:9d:37:dc:d2:
60:c7:03:94:58:bd:ba:1f:3d:89:8c:b1:8a:44:76:
c7:ec:e8:fc:98:66:ae:e4:bb:e0:c1:a8:7c:2e:cc:
84:7f:93:bb:1d:10:ef:c9:e2:d9:45:66:41:f3:7f:
8f:d1:35:39:6f:c5:21:86:74:6f:81:19:ac:c5:06:
13:44:c8:d0:c8:99:a1:e7:54:ba:99:c9:8d:c3:84:
91:25:cf:61:3e:5e:9c:55:a1:e0:98:c7:58:75:b5:
c9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:23:02:16:A3:3C:0A:BC:B7:4F:F0:18:4F:DF:5A:9C:2D:7A:71:26
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/lyMCFqM8Cry3T_AYT99anC16cSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
7c:58:aa:2b:89:dc:00:f8:63:7e:f8:ea:49:dd:0f:66:ba:8d:
3e:be:27:10:22:7e:cf:85:9c:6a:49:3c:3f:f5:fd:a4:05:dd:
db:19:9b:fe:45:62:62:44:ab:a3:f2:28:bc:2a:63:4b:9d:60:
a7:6c:43:1b:96:da:e5:35:18:68:33:21:13:e7:11:ad:33:54:
95:19:5b:7c:04:0f:b4:8a:43:ed:8d:d7:46:f1:b7:e8:a4:8f:
6d:2e:83:2f:b4:64:17:52:fb:9d:8f:12:ff:aa:ff:fb:c1:8c:
b8:83:1e:0c:33:28:80:13:79:9d:9e:0a:aa:79:21:c1:af:ec:
f8:46:3b:df:60:94:55:ce:fe:03:41:e6:43:fa:f2:11:b3:07:
25:7b:f7:b5:81:c2:76:b5:cb:81:3b:23:d8:d3:59:d2:c2:6b:
aa:d2:ec:e9:91:d5:b2:8c:60:8d:b4:c0:b5:b4:0e:df:d2:36:
eb:c4:80:1f:de:19:50:b8:41:2d:8c:f4:f4:b5:77:6d:a3:4e:
61:50:c7:66:10:ab:bc:9e:0e:99:5d:ed:0c:44:91:86:d5:bf:
12:60:af:58:a1:cb:65:79:f8:e7:48:ee:97:7b:07:81:db:f2:
e0:1b:8f:c0:25:d9:ee:68:dd:32:65:da:12:c2:2a:32:7b:c5:
46:52:f4:ad
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzzOX9CMZ8XkrVn6St/gaw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQwMTEwMTE1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzIzMDIxNmEzM2MwYWJjYjc0ZmYwMTg0ZmRmNWE5YzJkN2E3MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUQNC+7YEpUUO23F5zeHYMM0n7La
G4Y9e4voIE8TNg0g63kYpE6Uj1imecc+4kYSUdPrwcN5Rcv57eo6UDsVNUV/cjRX
0n0QPJCRXdQFHMI51ENdUyYZfvmHxQ4KXtS/J+E2tdrCL9qMPBrciUOCYdh5lhDR
PplWmpW43dvjQl3nu2pqq1x3hMIkDa7ylP+JQ13bHjgMHu6ap9NEVgWQL5033NJg
xwOUWL26Hz2JjLGKRHbH7Oj8mGau5Lvgwah8LsyEf5O7HRDvyeLZRWZB83+P0TU5
b8UhhnRvgRmsxQYTRMjQyJmh51S6mcmNw4SRJc9hPl6cVaHgmMdYdbXJgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJcjAhajPAq8t0/wGE/fWpwtenEmMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvbHlNQ0ZxTThDcnkzVF9BWVQ5OWFuQzE2Y1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQB8WKor
idwA+GN++OpJ3Q9muo0+vicQIn7PhZxqSTw/9f2kBd3bGZv+RWJiRKuj8ii8KmNL
nWCnbEMbltrlNRhoMyET5xGtM1SVGVt8BA+0ikPtjddG8bfopI9tLoMvtGQXUvud
jxL/qv/7wYy4gx4MMyiAE3mdngqqeSHBr+z4RjvfYJRVzv4DQeZD+vIRswcle/e1
gcJ2tcuBOyPY01nSwmuq0uzpkdWyjGCNtMC1tA7f0jbrxIAf3hlQuEEtjPT0tXdt
o05hUMdmEKu8ng6ZXe0MRJGG1b8SYK9YoctlefjnSO6XeweB2/LgG4/AJdnuaN0y
ZdoSwioye8VGUvSt
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:06:28 2025 by rpki-client