Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/wmTe1cr0GzmgeM0jP0NSCR7TCl8.roa
File: wmTe1cr0GzmgeM0jP0NSCR7TCl8.roa (raw, json)
Hash identifier: 4R/e61y0hJo46LLbC/7egCyzRCBqPsZ2V94YjDf5mqU=
Subject key identifier: C2:64:DE:D5:CA:F4:1B:39:A0:78:CD:23:3F:43:52:09:1E:D3:0A:5F
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018E3E167DA34E7344CC4B0C170437330384
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/wmTe1cr0GzmgeM0jP0NSCR7TCl8.roa
Signing time: Thu 14 Mar 2024 17:50:45 +0000
ROA not before: Thu 14 Mar 2024 17:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21211
IP address blocks: 62.192.180.0/23 maxlen: 23
62.192.182.0/23 maxlen: 23
147.78.112.0/23 maxlen: 23
147.78.114.0/23 maxlen: 23
171.22.4.0/23 maxlen: 23
171.22.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3e:16:7d:a3:4e:73:44:cc:4b:0c:17:04:37:33:03:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Mar 14 17:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c264ded5caf41b39a078cd233f4352091ed30a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:28:1d:2a:d6:f5:78:45:ac:ee:7a:37:b1:89:
c8:30:e6:53:6f:23:1a:ba:c6:cd:c0:3b:60:52:85:
62:14:9a:2f:6f:ac:2c:78:58:b4:25:d2:93:f8:41:
9b:54:44:b7:87:7f:95:1f:a8:99:8a:cb:02:4a:e5:
9b:7d:3e:2c:9c:be:7b:72:82:03:47:bc:df:16:eb:
91:61:a0:4c:dc:8f:e4:b2:41:a9:b9:83:2c:4c:83:
40:d4:d7:16:e5:87:4e:1a:f8:31:92:dc:b7:3e:3c:
2a:13:0b:98:6d:5f:b3:0c:1f:46:3f:01:90:09:b3:
e4:4c:da:d5:f5:e9:91:7f:66:ed:a2:a7:5f:38:f5:
63:14:90:3e:f3:55:17:7d:a0:0c:b9:73:95:0c:2e:
5e:50:d7:b0:38:33:04:66:6f:88:f4:35:dd:ac:c9:
9b:90:a1:e4:52:79:94:07:b0:9d:b6:38:0b:76:2a:
7d:96:9d:f0:09:dd:05:91:51:00:fd:af:d8:cd:92:
0c:dd:a3:f8:dc:30:c8:f0:eb:10:bd:f2:22:b6:4e:
b6:f3:6d:0e:83:44:89:87:41:51:6e:a7:05:30:23:
7f:58:d7:21:26:f5:c1:1e:e8:69:f6:8d:e1:c0:ce:
35:e1:ff:f5:a1:74:be:5d:6e:f3:d4:48:93:8b:47:
69:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:64:DE:D5:CA:F4:1B:39:A0:78:CD:23:3F:43:52:09:1E:D3:0A:5F
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/wmTe1cr0GzmgeM0jP0NSCR7TCl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.180.0/22
147.78.112.0/22
171.22.4.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:6b:e9:a2:f1:4a:9c:ef:e5:e4:1e:14:53:62:68:79:70:79:
18:4d:1b:d7:3e:d2:61:9d:bd:7c:5d:41:1b:ec:c2:fa:12:13:
fc:27:ea:54:ff:6c:8e:2c:c7:a0:81:4c:c2:51:e4:fa:81:98:
b9:4c:61:61:bd:8a:df:fe:86:7a:b5:7c:55:0c:00:73:37:fd:
c0:fd:8b:ac:89:14:78:82:cc:c3:e9:d7:76:16:0e:bf:a7:54:
3f:8d:01:fc:e4:a6:0d:3b:7c:7d:cd:3e:c2:db:cd:1b:e9:c8:
41:82:b4:af:ca:92:dc:a6:c1:75:2d:32:0a:84:91:7f:af:35:
dd:96:89:f5:7d:40:a2:a8:7f:97:48:a6:0a:fa:aa:31:4e:26:
c5:0d:77:46:44:55:68:cd:bf:54:16:44:10:d4:f3:67:b7:1a:
bb:d5:a7:66:01:1c:eb:5a:3f:6a:67:0b:af:ff:b0:be:61:95:
dd:eb:ed:96:c3:d4:a3:1d:89:88:5c:ee:70:6a:f9:6e:57:7c:
6d:5e:6f:12:37:54:3b:3b:90:ec:41:c2:5e:dd:d5:67:f4:91:
c3:57:24:bf:28:7d:8d:64:80:5e:c7:48:d2:3d:ad:ad:75:e2:
57:ed:24:3a:5c:91:1b:d1:40:39:e5:5f:c7:85:2d:13:6a:42:
89:0e:48:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4+Fn2jTnNEzEsMFwQ3MwOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjQwMzE0MTc1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY0ZGVkNWNhZjQxYjM5YTA3OGNkMjMzZjQzNTIwOTFlZDMwYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnigdKtb1eEWs7no3sYnIMOZTbyMa
usbNwDtgUoViFJovb6wseFi0JdKT+EGbVES3h3+VH6iZissCSuWbfT4snL57coID
R7zfFuuRYaBM3I/kskGpuYMsTINA1NcW5YdOGvgxkty3PjwqEwuYbV+zDB9GPwGQ
CbPkTNrV9emRf2btoqdfOPVjFJA+81UXfaAMuXOVDC5eUNewODMEZm+I9DXdrMmb
kKHkUnmUB7CdtjgLdip9lp3wCd0FkVEA/a/YzZIM3aP43DDI8OsQvfIitk62820O
g0SJh0FRbqcFMCN/WNchJvXBHuhp9o3hwM414f/1oXS+XW7z1EiTi0dpuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMJk3tXK9Bs5oHjNIz9DUgke0wpfMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvd21UZTFjcjBHem1nZU0walAwTlNDUjdUQ2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPsC0AwQC
k05wAwQCqxYEMA0GCSqGSIb3DQEBCwUAA4IBAQAsa+mi8Uqc7+XkHhRTYmh5cHkY
TRvXPtJhnb18XUEb7ML6EhP8J+pU/2yOLMeggUzCUeT6gZi5TGFhvYrf/oZ6tXxV
DABzN/3A/YusiRR4gszD6dd2Fg6/p1Q/jQH85KYNO3x9zT7C280b6chBgrSvypLc
psF1LTIKhJF/rzXdlon1fUCiqH+XSKYK+qoxTibFDXdGRFVozb9UFkQQ1PNntxq7
1admARzrWj9qZwuv/7C+YZXd6+2Ww9SjHYmIXO5wavluV3xtXm8SN1Q7O5DsQcJe
3dVn9JHDVyS/KH2NZIBex0jSPa2tdeJX7SQ6XJEb0UA55V/HhS0TakKJDkjh
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:32 2025 by rpki-client