Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/aPpnczwc4j1JvO2eWOLdAVwWYqU.roa
File: aPpnczwc4j1JvO2eWOLdAVwWYqU.roa (raw, json)
Hash identifier: +J8FGzdm2h6ir6gGWJRFYFJaNDYSWIeOcHIUVt+JT3U=
Subject key identifier: 68:FA:67:73:3C:1C:E2:3D:49:BC:ED:9E:58:E2:DD:01:5C:16:62:A5
Certificate issuer: /CN=cc40d96242b082efe5b4f2258820b3059396198d
Certificate serial: 0194258F1C5E3E106F40237D7354B797BF65
Authority key identifier: CC:40:D9:62:42:B0:82:EF:E5:B4:F2:25:88:20:B3:05:93:96:19:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zEDZYkKwgu_ltPIliCCzBZOWGY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/aPpnczwc4j1JvO2eWOLdAVwWYqU.roa
Signing time: Thu 02 Jan 2025 05:48:43 +0000
ROA not before: Thu 02 Jan 2025 05:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 62.99.128.0/17 maxlen: 18
81.223.0.0/16 maxlen: 17
83.64.0.0/15 maxlen: 16
85.124.0.0/14 maxlen: 15
91.118.0.0/15 maxlen: 16
195.58.160.0/19 maxlen: 20
212.41.224.0/19 maxlen: 20
213.229.0.0/18 maxlen: 19
Validation: Failed, certificate revoked on Mon 07 Apr 2025 15:03:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:1c:5e:3e:10:6f:40:23:7d:73:54:b7:97:bf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc40d96242b082efe5b4f2258820b3059396198d
Validity
Not Before: Jan 2 05:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68fa67733c1ce23d49bced9e58e2dd015c1662a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:41:ab:a3:d1:ef:f2:f0:3d:c5:dc:df:61:cf:
12:05:ec:e5:2a:6f:2e:3f:62:05:12:08:05:b8:4e:
2c:bc:18:33:0d:c9:f3:75:1c:a6:1b:04:3d:b3:bc:
ff:af:d4:bf:d5:b0:6b:6a:b7:a2:71:c6:7a:11:f4:
06:e9:6f:0e:9a:0d:a5:d4:49:58:b9:b0:0e:19:c6:
45:4e:59:12:f9:de:8e:70:20:4d:12:27:0f:e9:76:
f3:ee:ca:00:12:cd:bf:25:37:c2:11:24:dc:99:44:
88:74:79:4e:a3:fe:74:d6:79:d1:92:ce:da:8c:cc:
da:dd:de:ce:d7:7c:5f:1a:08:5e:5a:d6:68:cb:ea:
37:ee:03:1c:c6:a4:ff:1a:24:cf:5c:27:b5:05:81:
81:51:81:af:b0:ec:5f:b0:56:81:eb:41:7f:1a:72:
9c:9f:42:64:1c:b1:f7:52:08:56:72:3a:35:e3:42:
f0:c9:7f:94:5d:3c:be:1e:fe:59:1f:6f:15:87:8a:
6a:0d:5d:a8:98:4e:bc:3b:32:1f:58:11:69:9c:8e:
40:1d:e1:d0:ec:68:3e:2e:2e:9b:92:36:0b:56:12:
00:8b:2a:ad:11:6b:89:07:52:02:2b:0c:0c:35:99:
00:2c:6a:19:41:18:60:23:ed:98:06:9b:84:d1:fd:
df:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FA:67:73:3C:1C:E2:3D:49:BC:ED:9E:58:E2:DD:01:5C:16:62:A5
X509v3 Authority Key Identifier:
keyid:CC:40:D9:62:42:B0:82:EF:E5:B4:F2:25:88:20:B3:05:93:96:19:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEDZYkKwgu_ltPIliCCzBZOWGY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/aPpnczwc4j1JvO2eWOLdAVwWYqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/zEDZYkKwgu_ltPIliCCzBZOWGY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.99.128.0/17
81.223.0.0/16
83.64.0.0/15
85.124.0.0/14
91.118.0.0/15
195.58.160.0/19
212.41.224.0/19
213.229.0.0/18
Signature Algorithm: sha256WithRSAEncryption
39:14:88:27:dc:f2:b0:fc:c3:de:f8:d3:fb:f1:86:1d:e1:05:
92:39:ae:c6:09:7b:75:02:5f:33:9a:1e:19:ab:63:bc:cf:ef:
7b:f5:7c:5c:4e:03:3f:59:da:85:5b:bb:63:27:d5:be:63:c7:
94:64:d7:8f:e2:43:56:39:1f:68:8d:05:3d:a8:de:2c:43:70:
65:88:88:42:8f:07:53:0e:24:74:5e:10:08:2b:6c:28:54:6c:
b3:09:b5:30:8f:a8:73:e0:35:d5:ec:de:02:1b:5a:59:07:2b:
de:f2:31:54:a1:7d:43:e5:e7:c7:4d:47:62:9b:6c:7d:0a:96:
97:79:24:2d:3b:1d:65:94:b6:b5:7f:68:a4:d2:36:8c:90:9b:
9e:ca:45:d2:46:96:09:7b:42:0b:92:5c:6c:ff:9c:f7:c1:87:
1b:96:d0:54:62:c9:38:cc:f5:92:3a:57:72:ad:b2:cd:46:3b:
59:b0:a8:b2:3c:7f:4b:71:f0:9a:c1:a7:fb:2b:4e:eb:53:35:
df:29:ec:5f:e8:9c:21:d1:6d:61:b3:68:8e:e0:62:b3:64:b1:
73:b4:b6:a4:a9:03:8d:7d:37:ab:84:72:39:1a:7f:7d:2c:8e:
e1:63:26:6f:20:db:12:af:b5:a3:01:6c:11:69:15:d5:54:00:
37:ce:6d:ea
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQljxxePhBvQCN9c1S3l79lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDBkOTYyNDJiMDgyZWZlNWI0ZjIyNTg4MjBiMzA1OTM5
NjE5OGQwHhcNMjUwMTAyMDU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZhNjc3MzNjMWNlMjNkNDliY2VkOWU1OGUyZGQwMTVjMTY2MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kGro9Hv8vA9xdzfYc8SBezlKm8u
P2IFEggFuE4svBgzDcnzdRymGwQ9s7z/r9S/1bBrareiccZ6EfQG6W8Omg2l1ElY
ubAOGcZFTlkS+d6OcCBNEicP6Xbz7soAEs2/JTfCESTcmUSIdHlOo/501nnRks7a
jMza3d7O13xfGgheWtZoy+o37gMcxqT/GiTPXCe1BYGBUYGvsOxfsFaB60F/GnKc
n0JkHLH3UghWcjo140LwyX+UXTy+Hv5ZH28Vh4pqDV2omE68OzIfWBFpnI5AHeHQ
7Gg+Li6bkjYLVhIAiyqtEWuJB1ICKwwMNZkALGoZQRhgI+2YBpuE0f3fuwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGj6Z3M8HOI9Sbztnlji3QFcFmKlMB8GA1UdIwQY
MBaAFMxA2WJCsILv5bTyJYggswWTlhmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVEWllrS3dndV9sdFBJbGlDQ3pCWk9XR1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xYWE2OWYtZGI1NS00ZmJhLWJjZTkt
YzFlYmU2MTU0OWNjLzEvYVBwbmN6d2M0ajFKdk8yZVdPTGRBVndXWXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xYWE2OWYtZGI1NS00ZmJhLWJjZTktYzFlYmU2MTU0OWNj
LzEvekVEWllrS3dndV9sdFBJbGlDQ3pCWk9XR1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQHPmOAAwMA
Ud8DAwFTQAMDAlV8AwMBW3YDBAXDOqADBAXUKeADBAbV5QAwDQYJKoZIhvcNAQEL
BQADggEBADkUiCfc8rD8w9740/vxhh3hBZI5rsYJe3UCXzOaHhmrY7zP73v1fFxO
Az9Z2oVbu2Mn1b5jx5Rk14/iQ1Y5H2iNBT2o3ixDcGWIiEKPB1MOJHReEAgrbChU
bLMJtTCPqHPgNdXs3gIbWlkHK97yMVShfUPl58dNR2KbbH0Klpd5JC07HWWUtrV/
aKTSNoyQm57KRdJGlgl7QguSXGz/nPfBhxuW0FRiyTjM9ZI6V3Ktss1GO1mwqLI8
f0tx8JrBp/srTutTNd8p7F/onCHRbWGzaI7gYrNksXO0tqSpA419N6uEcjkaf30s
juFjJm8g2xKvtaMBbBFpFdVUADfObeo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:57:55 2025 by rpki-client