Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/M2zc3PdL5eMJGMr-Z97BGexkLEg.roa
File: M2zc3PdL5eMJGMr-Z97BGexkLEg.roa (raw, json)
Hash identifier: TEc0BM+qJkc+XTZn9a0AAkIhqtq2zH8NDb757Xny7vg=
Subject key identifier: 33:6C:DC:DC:F7:4B:E5:E3:09:18:CA:FE:67:DE:C1:19:EC:64:2C:48
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 018CC79544886893A533398A762EB5A43B76
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/M2zc3PdL5eMJGMr-Z97BGexkLEg.roa
Signing time: Tue 02 Jan 2024 00:31:37 +0000
ROA not before: Tue 02 Jan 2024 00:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 62.240.232.0/24 maxlen: 24
2001:a70:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:44:88:68:93:a5:33:39:8a:76:2e:b5:a4:3b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 2 00:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=336cdcdcf74be5e30918cafe67dec119ec642c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:97:8f:0a:9c:50:8e:73:12:f4:d3:7b:92:
3b:71:f1:f8:35:05:50:6f:d5:4b:dc:74:7f:2b:4e:
41:41:b3:c1:19:5f:7a:39:c8:cc:c7:24:fc:1d:62:
49:6a:be:4d:15:f9:10:f6:42:91:bc:03:30:c5:b9:
17:f4:d3:6c:18:5f:bf:4d:f4:04:f5:b0:bf:63:4a:
ec:09:45:32:1e:66:bc:ab:99:32:b0:93:ff:9b:ee:
0e:15:13:07:8e:64:f0:fa:1e:46:64:b0:9d:77:7a:
12:46:fe:90:c2:e7:60:5c:e2:ff:54:2c:75:ca:01:
13:de:65:be:98:cb:1d:6c:b1:fa:5a:12:e3:12:da:
95:56:db:6d:00:5b:71:84:f3:b2:ce:a1:fc:9e:54:
df:f7:13:8f:dc:21:10:a0:46:51:11:97:84:0a:85:
ad:29:e6:ff:c3:8c:49:bc:f4:93:b4:f0:47:92:7c:
de:d3:d9:88:7e:4e:3e:f7:3e:d8:3c:6d:dd:09:1c:
de:92:d7:bb:1e:fc:b0:ba:0b:7a:61:5b:66:dd:6a:
5c:b1:e8:f9:17:90:7d:3b:a1:d7:21:19:d2:25:3c:
be:7e:17:f0:60:d3:ec:b3:79:e5:1d:53:af:f8:de:
e8:98:c3:f7:15:c6:5a:8a:55:1c:aa:2d:61:8c:19:
64:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6C:DC:DC:F7:4B:E5:E3:09:18:CA:FE:67:DE:C1:19:EC:64:2C:48
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/M2zc3PdL5eMJGMr-Z97BGexkLEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.232.0/24
IPv6:
2001:a70:100::/48
Signature Algorithm: sha256WithRSAEncryption
65:4d:d4:cb:92:74:7d:38:1b:59:80:02:be:b2:a1:54:c5:07:
b2:e0:62:79:4e:4b:ac:de:4c:62:1f:e9:76:3d:b5:5a:73:7c:
fa:7e:09:9d:d5:ea:3e:66:28:5d:05:ed:c5:4d:48:c3:a0:25:
8f:29:3d:4b:c1:83:30:eb:92:8d:a4:8c:69:c3:cf:47:48:a4:
e0:b4:52:fa:1b:fe:2c:bf:98:d1:95:ab:81:37:cf:a0:a5:84:
84:40:8e:00:6e:49:7f:a0:c3:dd:f1:26:9d:1b:fd:18:79:72:
29:f2:be:13:3b:e3:fc:11:1c:7c:5e:9d:ba:30:15:8b:be:42:
18:83:a4:b0:06:1b:d0:d8:dd:b3:12:4f:2b:f8:fd:4b:b4:a1:
19:9b:16:3b:ee:d9:72:7b:f6:cc:11:2e:84:ab:9e:e1:3f:26:
6b:db:49:66:97:db:c9:ec:fd:e8:0a:9c:28:f8:0d:58:53:7d:
2b:09:7c:a3:d5:15:fb:c9:7b:8a:a0:4c:fb:d3:9d:ef:3f:04:
8c:2b:48:ab:14:66:61:d0:f8:d5:2e:68:95:21:dd:c1:17:b4:
d5:2e:6a:0a:b5:55:8e:1b:e1:8e:a0:84:18:63:5c:b6:bf:17:
c5:99:47:f8:77:4e:f7:01:fb:ae:cd:dc:25:5e:75:93:e7:bf:
3e:57:7f:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlUSIaJOlMzmKdi61pDt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjQwMTAyMDAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZjZGNkY2Y3NGJlNWUzMDkxOGNhZmU2N2RlYzExOWVjNjQyYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcSXjwqcUI5zEvTTe5I7cfH4NQVQ
b9VL3HR/K05BQbPBGV96OcjMxyT8HWJJar5NFfkQ9kKRvAMwxbkX9NNsGF+/TfQE
9bC/Y0rsCUUyHma8q5kysJP/m+4OFRMHjmTw+h5GZLCdd3oSRv6QwudgXOL/VCx1
ygET3mW+mMsdbLH6WhLjEtqVVtttAFtxhPOyzqH8nlTf9xOP3CEQoEZREZeECoWt
Keb/w4xJvPSTtPBHknze09mIfk4+9z7YPG3dCRzekte7Hvywugt6YVtm3Wpcsej5
F5B9O6HXIRnSJTy+fhfwYNPss3nlHVOv+N7omMP3FcZailUcqi1hjBlkowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDNs3Nz3S+XjCRjK/mfewRnsZCxIMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvTTJ6YzNQZEw1ZU1KR01yLVo5N0JHZXhrTEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAPvDoMA8E
AgACMAkDBwAgAQpwAQAwDQYJKoZIhvcNAQELBQADggEBAGVN1MuSdH04G1mAAr6y
oVTFB7LgYnlOS6zeTGIf6XY9tVpzfPp+CZ3V6j5mKF0F7cVNSMOgJY8pPUvBgzDr
ko2kjGnDz0dIpOC0Uvob/iy/mNGVq4E3z6ClhIRAjgBuSX+gw93xJp0b/Rh5ciny
vhM74/wRHHxenbowFYu+QhiDpLAGG9DY3bMSTyv4/Uu0oRmbFjvu2XJ79swRLoSr
nuE/JmvbSWaX28ns/egKnCj4DVhTfSsJfKPVFfvJe4qgTPvTne8/BIwrSKsUZmHQ
+NUuaJUh3cEXtNUuagq1VY4b4Y6ghBhjXLa/F8WZR/h3TvcB+67N3CVedZPnvz5X
f8Q=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:02 2025 by rpki-client