Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/9YohKYZP4eNO9QloAC1-LGe3gHI.roa
File: 9YohKYZP4eNO9QloAC1-LGe3gHI.roa (raw, json)
Hash identifier: VBSdjgImWoWdTCmgCghT2/f2lHir6RfZFkIH1/tqFlY=
Subject key identifier: F5:8A:21:29:86:4F:E1:E3:4E:F5:09:68:00:2D:7E:2C:67:B7:80:72
Certificate issuer: /CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Certificate serial: 018CC56EF2C78543A8767C1EE7757DF2CC24
Authority key identifier: BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/9YohKYZP4eNO9QloAC1-LGe3gHI.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47589
IP address blocks: 62.150.244.0/22 maxlen: 22
62.150.164.0/22 maxlen: 22
62.150.204.0/22 maxlen: 22
62.150.224.0/22 maxlen: 22
62.150.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f2:c7:85:43:a8:76:7c:1e:e7:75:7d:f2:cc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f58a2129864fe1e34ef50968002d7e2c67b78072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:57:cc:39:14:1e:db:90:eb:68:2b:72:bc:
a9:39:de:0d:09:11:ce:11:aa:be:3a:6b:61:76:a4:
7f:bc:2a:5f:a0:84:8d:d2:30:75:49:c3:30:03:8f:
f4:a0:32:b4:b3:e1:44:30:56:9e:60:c4:b0:2d:01:
59:73:e5:ea:8e:46:02:85:ee:c6:56:3e:98:47:81:
1f:61:72:b7:51:cc:86:29:72:6f:c0:e2:b3:46:b8:
08:91:ae:c8:77:41:24:92:6d:98:6f:c7:cf:5c:f8:
17:1a:ca:3c:b2:ed:59:d3:56:22:61:22:47:5a:f6:
e3:42:c3:6d:bc:97:fe:dc:8d:db:90:d7:47:04:f9:
b7:fc:68:3e:3a:38:44:ce:61:a1:a2:4b:61:6e:e5:
ea:0b:7f:81:a4:66:6f:c7:9c:36:cb:a5:d5:6c:aa:
d4:78:b9:82:da:c6:c7:ed:b1:68:97:de:76:88:f9:
9f:49:79:e4:30:6c:a1:e7:ea:72:39:c2:05:fc:5e:
87:35:37:35:6e:cd:68:f3:20:1d:12:29:30:d8:3c:
10:ac:87:50:09:4f:5c:88:3d:7d:50:87:16:b5:13:
da:64:ac:a9:23:7a:b5:b1:4f:1e:25:3a:82:b8:ee:
06:c6:88:04:62:47:00:a5:d6:66:bd:81:a0:ac:b2:
99:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8A:21:29:86:4F:E1:E3:4E:F5:09:68:00:2D:7E:2C:67:B7:80:72
X509v3 Authority Key Identifier:
keyid:BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/9YohKYZP4eNO9QloAC1-LGe3gHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.150.164.0/22
62.150.204.0/22
62.150.224.0/21
62.150.244.0/22
Signature Algorithm: sha256WithRSAEncryption
82:cb:f8:c3:90:95:ab:fc:b2:3b:32:b0:f7:be:55:f6:be:d3:
fc:59:f8:86:9f:86:18:0d:13:6c:fe:cf:d5:2e:8c:91:78:24:
9f:21:a4:08:12:4e:44:7a:3e:ac:0e:30:cc:a6:40:f6:3c:63:
a1:bd:32:9b:56:68:32:43:c9:c9:07:d6:db:93:7e:ed:a3:88:
76:29:57:49:2a:01:ce:ed:2a:86:96:cb:d3:38:58:00:97:de:
f9:08:c9:e5:5c:02:e9:19:4e:b4:6d:de:98:d8:4e:78:df:43:
70:65:17:cd:66:2e:ed:37:9f:bf:dc:dd:be:07:f9:fe:71:18:
d3:7a:92:a0:5d:d5:f1:93:a2:a1:4e:53:7f:b8:a6:b4:02:f4:
1d:ed:d9:5e:7c:ed:82:d3:9c:51:d0:b2:58:50:da:15:9e:7b:
8b:18:e8:aa:2e:a3:d8:1e:7f:e4:9b:7d:a0:73:25:d6:aa:3b:
6d:8e:0d:1d:27:a8:d4:8e:e9:4a:88:5e:ad:2e:de:c9:91:6e:
5d:66:84:c6:87:57:e2:c7:68:f0:b6:e2:2d:d6:23:29:47:f5:
51:1a:46:d9:37:8b:2c:ca:7a:2c:84:d7:b4:7c:55:a6:6d:f2:
81:e8:dc:b7:00:70:cf:1f:6b:c9:d8:f0:f7:f5:aa:7d:ef:1f:
5f:60:0e:0d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbvLHhUOodnwe53V98swkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDQzZjdhYWU0N2UwYWIzOGJjZjhkNTM2Y2NhNjAzNTBk
MTcyNzAwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThhMjEyOTg2NGZlMWUzNGVmNTA5NjgwMDJkN2UyYzY3Yjc4MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8JXzDkUHtuQ62grcrypOd4NCRHO
Eaq+OmthdqR/vCpfoISN0jB1ScMwA4/0oDK0s+FEMFaeYMSwLQFZc+XqjkYChe7G
Vj6YR4EfYXK3UcyGKXJvwOKzRrgIka7Id0Ekkm2Yb8fPXPgXGso8su1Z01YiYSJH
WvbjQsNtvJf+3I3bkNdHBPm3/Gg+OjhEzmGhokthbuXqC3+BpGZvx5w2y6XVbKrU
eLmC2sbH7bFol952iPmfSXnkMGyh5+pyOcIF/F6HNTc1bs1o8yAdEikw2DwQrIdQ
CU9ciD19UIcWtRPaZKypI3q1sU8eJTqCuO4GxogEYkcApdZmvYGgrLKZwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPWKISmGT+HjTvUJaAAtfixnt4ByMB8GA1UdIwQY
MBaAFLxEP3quR+CrOLz41TbMpgNQ0XJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEt
NTAzNGYxOTk1M2EzLzEvOVlvaEtZWlA0ZU5POVFsb0FDMS1MR2UzZ0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEtNTAzNGYxOTk1M2Ez
LzEvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPpakAwQC
PpbMAwQDPpbgAwQCPpb0MA0GCSqGSIb3DQEBCwUAA4IBAQCCy/jDkJWr/LI7MrD3
vlX2vtP8WfiGn4YYDRNs/s/VLoyReCSfIaQIEk5Eej6sDjDMpkD2PGOhvTKbVmgy
Q8nJB9bbk37to4h2KVdJKgHO7SqGlsvTOFgAl975CMnlXALpGU60bd6Y2E5430Nw
ZRfNZi7tN5+/3N2+B/n+cRjTepKgXdXxk6KhTlN/uKa0AvQd7dlefO2C05xR0LJY
UNoVnnuLGOiqLqPYHn/km32gcyXWqjttjg0dJ6jUjulKiF6tLt7JkW5dZoTGh1fi
x2jwtuIt1iMpR/VRGkbZN4ssynoshNe0fFWmbfKB6Ny3AHDPH2vJ2PD39ap97x9f
YA4N
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:43 2025 by rpki-client