Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/u2ezo6mJp7jBUzr_cj1R-DJC4Jw.roa
File: u2ezo6mJp7jBUzr_cj1R-DJC4Jw.roa (raw, json)
Hash identifier: KWXUYM9T4pd8+vU3SjDB5P/Z98F/Bu6C/rcmCPNdjBs=
Subject key identifier: BB:67:B3:A3:A9:89:A7:B8:C1:53:3A:FF:72:3D:51:F8:32:42:E0:9C
Certificate issuer: /CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Certificate serial: 0194D052FB91EF05AE54FADB5936D2F1B600
Authority key identifier: 42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/u2ezo6mJp7jBUzr_cj1R-DJC4Jw.roa
Signing time: Tue 04 Feb 2025 09:38:06 +0000
ROA not before: Tue 04 Feb 2025 09:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 62.239.0.0/16 maxlen: 16
217.15.64.0/20 maxlen: 20
2a00:2380::/25 maxlen: 25
Validation: Failed, certificate revoked on Mon 03 Mar 2025 09:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:52:fb:91:ef:05:ae:54:fa:db:59:36:d2:f1:b6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Validity
Not Before: Feb 4 09:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb67b3a3a989a7b8c1533aff723d51f83242e09c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4c:d4:03:c0:9b:ce:ea:02:c4:a0:ae:34:5c:
85:07:9f:51:d8:db:99:c1:ef:4b:0d:2b:a8:e0:db:
27:59:52:d3:a1:dc:88:4d:e6:60:cd:fa:13:1a:1b:
c1:bd:3d:d9:6a:5e:8c:5b:5e:df:1e:d7:7a:29:82:
36:9f:b5:c4:6d:4e:3b:c4:17:bf:cd:cd:2a:79:a8:
28:9c:65:fe:87:c5:d3:9e:71:21:55:01:5f:e2:16:
25:7b:43:ca:ec:da:44:eb:38:89:72:7d:01:a8:93:
61:68:8d:ad:fa:bd:0f:04:62:01:d0:d3:56:83:d2:
45:fe:8b:ed:7a:19:0d:fd:a4:91:89:d8:a5:89:88:
ab:35:94:ca:48:32:53:da:d9:d6:72:6e:5e:31:5b:
6d:2d:2f:64:58:3e:49:e3:73:f1:f9:e0:de:03:1b:
2f:c8:38:d9:ed:64:79:ef:42:e6:2f:0f:7b:22:f4:
a9:cd:a5:8d:47:e0:35:06:62:7f:94:75:ef:a3:50:
db:42:83:7a:ce:6e:83:0c:ee:ce:4d:42:20:01:ff:
06:91:6d:f5:3d:64:13:8a:36:72:08:32:57:2f:b9:
7b:36:46:8c:6f:7c:f6:d6:f2:c8:67:3a:3d:65:f3:
8f:4e:58:e0:8c:dd:be:86:c5:52:21:df:03:29:ac:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:67:B3:A3:A9:89:A7:B8:C1:53:3A:FF:72:3D:51:F8:32:42:E0:9C
X509v3 Authority Key Identifier:
keyid:42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/u2ezo6mJp7jBUzr_cj1R-DJC4Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.239.0.0/16
217.15.64.0/20
IPv6:
2a00:2380::/25
Signature Algorithm: sha256WithRSAEncryption
83:ce:47:d8:0f:45:53:0d:54:fd:5c:9e:fe:ac:33:93:45:33:
77:59:31:a4:ef:2c:35:f6:1f:8f:90:3a:6f:ad:e9:09:e9:c3:
89:a7:1e:7d:6e:e7:cb:b3:70:bc:82:13:d0:3a:70:46:a2:9d:
cd:17:6c:b2:80:87:64:eb:39:13:07:f4:a0:50:2b:60:65:04:
21:f5:7d:43:d7:02:8e:55:a5:53:98:bc:3d:a1:8f:77:61:e3:
fd:34:c0:ac:2a:e6:aa:de:2e:ca:ce:e2:9e:ce:81:70:c9:c5:
4f:9f:f4:e3:26:3d:c9:a1:e6:41:65:ac:90:cc:bd:9f:66:0b:
47:04:3d:fe:6f:34:0c:a1:b0:d1:8b:b2:88:b7:52:25:b9:08:
3a:70:87:85:d5:e6:86:98:99:73:61:f0:a4:5a:a6:51:41:ca:
7b:e1:bb:90:41:09:a5:77:16:c5:fe:3f:46:07:b1:5d:50:50:
0f:c4:e4:05:9c:6c:a2:c6:f6:ac:d2:42:69:97:51:15:15:df:
32:87:f7:0a:ce:8a:8f:6e:34:72:12:a4:aa:e4:db:ee:eb:57:
22:e6:88:98:10:16:87:9f:fa:4c:5b:86:2e:32:90:cd:79:56:
51:2b:8a:0d:5d:cf:72:2d:b3:27:e4:6c:08:20:d2:b7:52:f3:
3e:0f:75:47
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZTQUvuR7wWuVPrbWTbS8bYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjFhMjRjODBmZGNhMzI5NjQ0NTczYWU2ZDYxYzlmMmUz
NzRlZDgwHhcNMjUwMjA0MDkzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY3YjNhM2E5ODlhN2I4YzE1MzNhZmY3MjNkNTFmODMyNDJlMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUzUA8CbzuoCxKCuNFyFB59R2NuZ
we9LDSuo4NsnWVLTodyITeZgzfoTGhvBvT3Zal6MW17fHtd6KYI2n7XEbU47xBe/
zc0qeagonGX+h8XTnnEhVQFf4hYle0PK7NpE6ziJcn0BqJNhaI2t+r0PBGIB0NNW
g9JF/ovtehkN/aSRidiliYirNZTKSDJT2tnWcm5eMVttLS9kWD5J43Px+eDeAxsv
yDjZ7WR570LmLw97IvSpzaWNR+A1BmJ/lHXvo1DbQoN6zm6DDO7OTUIgAf8GkW31
PWQTijZyCDJXL7l7NkaMb3z21vLIZzo9ZfOPTljgjN2+hsVSId8DKazyaQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLtns6Opiae4wVM6/3I9UfgyQuCcMB8GA1UdIwQY
MBaAFELxokyA/coylkRXOubWHJ8uN07YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzkt
NzE2OGFlMGI4Mjc4LzEvdTJlem82bUpwN2pCVXpyX2NqMVItREpDNEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzktNzE2OGFlMGI4Mjc4
LzEvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAPu8DBATZ
D0AwDQQCAAIwBwMFByoAI4AwDQYJKoZIhvcNAQELBQADggEBAIPOR9gPRVMNVP1c
nv6sM5NFM3dZMaTvLDX2H4+QOm+t6Qnpw4mnHn1u58uzcLyCE9A6cEainc0XbLKA
h2TrORMH9KBQK2BlBCH1fUPXAo5VpVOYvD2hj3dh4/00wKwq5qreLsrO4p7OgXDJ
xU+f9OMmPcmh5kFlrJDMvZ9mC0cEPf5vNAyhsNGLsoi3UiW5CDpwh4XV5oaYmXNh
8KRaplFBynvhu5BBCaV3FsX+P0YHsV1QUA/E5AWcbKLG9qzSQmmXURUV3zKH9wrO
io9uNHISpKrk2+7rVyLmiJgQFoef+kxbhi4ykM15VlErig1dz3ItsyfkbAgg0rdS
8z4PdUc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:05:17 2025 by rpki-client