Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/r2ghjqM3mJ7PR9gbecT4rD_PySA.roa
File: r2ghjqM3mJ7PR9gbecT4rD_PySA.roa (raw, json)
Hash identifier: sCJ3N/TWVfE28mjA9leBYnBDAY96g8iZ7F1llSnhuns=
Subject key identifier: AF:68:21:8E:A3:37:98:9E:CF:47:D8:1B:79:C4:F8:AC:3F:CF:C9:20
Certificate issuer: /CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Certificate serial: 01942664F87999D9AE377C6FD231B39B6857
Authority key identifier: 93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/r2ghjqM3mJ7PR9gbecT4rD_PySA.roa
Signing time: Thu 02 Jan 2025 09:42:18 +0000
ROA not before: Thu 02 Jan 2025 09:42:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214438
IP address blocks: 62.169.158.0/23 maxlen: 24
185.216.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 15:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:64:f8:79:99:d9:ae:37:7c:6f:d2:31:b3:9b:68:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Validity
Not Before: Jan 2 09:42:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af68218ea337989ecf47d81b79c4f8ac3fcfc920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:90:d6:c1:55:7f:0d:4d:54:c3:e9:d1:69:
97:ba:64:ee:2c:a7:c2:4c:38:ce:57:ba:a1:7c:ee:
f4:bb:19:45:2b:e2:65:a6:2a:6e:6b:af:58:34:b9:
9e:94:62:cc:27:c5:32:57:b5:4a:71:7c:eb:59:c4:
d3:60:50:e7:9e:5e:75:74:6b:32:ea:c2:df:12:1e:
9c:85:35:f7:7a:37:b8:80:85:81:ed:43:51:54:f4:
8e:1f:db:eb:a9:67:cf:59:13:9b:28:0b:70:a1:74:
51:2e:cb:48:7d:e5:fd:d4:21:10:c3:d4:cf:9a:7d:
34:0a:8a:bf:3b:b7:d8:78:f3:30:4e:cf:56:90:c7:
48:4a:e3:d4:5f:5b:36:7a:0c:9a:28:ab:fa:76:94:
b1:ba:4c:92:e0:ee:bf:3f:a5:d3:b7:3b:36:f7:9f:
91:3f:6d:57:d6:4a:58:58:e9:98:52:ec:48:8b:4b:
85:75:da:53:ec:02:64:de:89:8b:18:85:a5:b1:07:
1d:7d:72:35:6f:00:18:6b:f3:16:df:51:50:0e:f1:
c1:62:dc:c2:1a:85:7a:6c:12:3d:2b:f9:89:9e:fe:
cf:1e:08:c1:b0:4b:87:8a:ef:68:91:b1:bf:88:ab:
7c:64:91:f2:a3:b5:68:bc:b8:3f:3c:db:ee:59:f2:
27:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:68:21:8E:A3:37:98:9E:CF:47:D8:1B:79:C4:F8:AC:3F:CF:C9:20
X509v3 Authority Key Identifier:
keyid:93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/r2ghjqM3mJ7PR9gbecT4rD_PySA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.158.0/23
185.216.20.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:f1:01:55:24:4e:a9:d0:39:d0:ad:8a:b0:56:71:50:f8:28:
d5:7e:4a:f7:32:57:4c:f0:e9:a5:71:21:c9:69:a1:39:b3:9c:
db:83:87:fd:07:38:bc:45:eb:f0:c9:0d:64:d7:80:0e:6f:45:
29:00:2c:ca:42:10:64:28:41:88:b7:2d:87:40:7c:ab:92:a7:
6c:d3:e8:5b:65:ec:08:dd:4c:8d:62:ec:d4:08:1e:66:90:ef:
6d:29:7b:5b:56:0b:50:86:b2:ac:1d:fd:f6:2d:ab:f1:a9:3c:
f7:eb:13:d7:40:b8:76:cd:46:88:20:b4:7f:fa:e0:0f:1d:9a:
a6:71:14:14:14:d5:a5:69:3d:1c:d9:cf:6a:e2:f2:cc:af:97:
b8:a6:76:b3:ea:00:50:19:13:1e:d1:7f:43:33:80:e7:43:a7:
ef:a3:cb:32:55:e0:1b:ab:c4:ab:5a:21:66:be:e8:35:96:a5:
2f:bf:5f:fd:d1:8f:a4:12:7d:52:74:aa:de:e7:17:16:4f:91:
93:b1:ac:64:58:ac:f2:b9:e9:8c:cb:55:0d:f7:b3:d7:e0:d0:
8d:1e:fd:a7:9c:5d:30:5d:f2:de:72:d9:31:bf:6d:f2:8e:c1:
15:19:d3:b4:53:b9:10:cd:54:52:39:9a:0e:5c:c7:ca:69:99:
e2:84:0e:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmZPh5mdmuN3xv0jGzm2hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWNlNzgwZGZkYTQzYWI0YTg0MTcyN2ViMjBkNzFmYzc2
NTI4YmMwHhcNMjUwMTAyMDk0MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY4MjE4ZWEzMzc5ODllY2Y0N2Q4MWI3OWM0ZjhhYzNmY2ZjOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss2Q1sFVfw1NVMPp0WmXumTuLKfC
TDjOV7qhfO70uxlFK+Jlpipua69YNLmelGLMJ8UyV7VKcXzrWcTTYFDnnl51dGsy
6sLfEh6chTX3eje4gIWB7UNRVPSOH9vrqWfPWRObKAtwoXRRLstIfeX91CEQw9TP
mn00Coq/O7fYePMwTs9WkMdISuPUX1s2egyaKKv6dpSxukyS4O6/P6XTtzs295+R
P21X1kpYWOmYUuxIi0uFddpT7AJk3omLGIWlsQcdfXI1bwAYa/MW31FQDvHBYtzC
GoV6bBI9K/mJnv7PHgjBsEuHiu9okbG/iKt8ZJHyo7VovLg/PNvuWfIn8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9oIY6jN5iez0fYG3nE+Kw/z8kgMB8GA1UdIwQY
MBaAFJPs54Df2kOrSoQXJ+sg1x/HZSi8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUt
YTRkNDEzZDdmODljLzEvcjJnaGpxTTNtSjdQUjlnYmVjVDRyRF9QeVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUtYTRkNDEzZDdmODlj
LzEvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBPqmeAwQA
udgUMA0GCSqGSIb3DQEBCwUAA4IBAQC28QFVJE6p0DnQrYqwVnFQ+CjVfkr3MldM
8OmlcSHJaaE5s5zbg4f9Bzi8RevwyQ1k14AOb0UpACzKQhBkKEGIty2HQHyrkqds
0+hbZewI3UyNYuzUCB5mkO9tKXtbVgtQhrKsHf32LavxqTz36xPXQLh2zUaIILR/
+uAPHZqmcRQUFNWlaT0c2c9q4vLMr5e4pnaz6gBQGRMe0X9DM4DnQ6fvo8syVeAb
q8SrWiFmvug1lqUvv1/90Y+kEn1SdKre5xcWT5GTsaxkWKzyuemMy1UN97PX4NCN
Hv2nnF0wXfLectkxv23yjsEVGdO0U7kQzVRSOZoOXMfKaZnihA7Q
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:39:34 2025 by rpki-client