Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/36322e332e32302e302f32342d3234203d3e20323037363534.roa
File: 36322e332e32302e302f32342d3234203d3e20323037363534.roa (raw, json)
Hash identifier: 6Zx7rghRPkftK0uLZJnIMN+IWpl7ZRplPrN1bNoyT7w=
Subject key identifier: 06:9F:83:FC:C5:29:49:3A:2E:4F:1B:8E:D2:0F:7D:71:03:1A:50:D3
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 0DFE204994E481469FA6C969C31DD44599A12783
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/36322e332e32302e302f32342d3234203d3e20323037363534.roa
Signing time: Sun 01 Jun 2025 12:15:30 +0000
ROA not before: Sun 01 Jun 2025 12:10:30 +0000
ROA not after: Sun 31 May 2026 12:15:30 +0000
asID: 207654
IP address blocks: 62.3.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:fe:20:49:94:e4:81:46:9f:a6:c9:69:c3:1d:d4:45:99:a1:27:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 1 12:10:30 2025 GMT
Not After : May 31 12:15:30 2026 GMT
Subject: CN=069F83FCC529493A2E4F1B8ED20F7D71031A50D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:19:17:aa:16:0c:59:18:a3:c5:31:63:99:fa:
14:e7:99:6c:4d:01:e0:8b:24:97:38:ac:49:74:81:
77:d9:22:eb:d4:f3:75:ec:5c:fc:02:64:2e:f6:ae:
6f:ac:59:27:61:2c:a8:34:df:83:60:c1:06:2a:b8:
fe:bb:71:ae:4d:57:ae:ab:b5:1b:02:ff:05:c1:e3:
f2:2b:1c:26:5a:64:42:63:d6:c7:c0:32:1b:13:2f:
17:6a:6a:b7:22:f9:8b:9d:7a:3c:0f:c8:e6:e8:e4:
6a:96:47:e7:37:b4:a4:be:56:b3:5e:ab:05:5f:24:
52:c3:97:e0:38:4d:f0:e8:fc:df:e8:71:86:ec:2d:
e9:6b:c5:f6:e0:93:cb:71:15:99:2f:94:70:95:a1:
e4:33:a1:ee:4c:8f:e0:41:94:84:6c:bb:59:1b:ab:
73:e0:3e:b5:9d:ba:ed:99:18:5f:66:d8:1f:aa:82:
a5:66:7c:4c:3a:3a:13:61:d2:e2:0f:ef:6d:63:0a:
d1:d0:b7:f9:81:cb:88:09:35:3c:b7:56:21:bb:40:
cc:18:ad:9a:14:51:77:cd:4e:42:18:5b:78:e9:ed:
20:0b:a6:85:a4:19:90:6a:03:0e:9c:12:35:4a:ec:
43:2b:ff:a3:8f:cd:cf:83:53:53:27:0c:f8:04:b3:
f4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9F:83:FC:C5:29:49:3A:2E:4F:1B:8E:D2:0F:7D:71:03:1A:50:D3
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/36322e332e32302e302f32342d3234203d3e20323037363534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.20.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:58:d7:12:68:80:67:ab:de:cd:b1:0f:69:7f:42:78:6b:23:
4a:81:0f:07:04:87:8a:ab:18:56:f5:65:2b:75:b0:32:ee:af:
93:ab:0c:aa:34:14:ef:af:f5:04:7d:9b:a4:b4:49:78:f0:3c:
aa:82:88:df:75:3f:20:72:83:1f:ec:18:ee:92:4a:ca:eb:1b:
8c:69:5c:6f:e4:9c:46:4d:85:a0:99:d3:60:7d:e2:b3:e7:f5:
da:18:fd:89:cf:72:9b:6b:55:7a:c7:4a:c0:f6:41:6e:ad:26:
df:01:4d:d9:52:84:90:91:a0:6a:07:64:14:87:95:db:e5:ef:
db:3c:32:ee:d9:38:58:8f:a2:95:8f:ab:9e:0c:c0:3c:60:73:
2a:97:56:ee:b8:12:7b:52:d4:4f:6d:4a:07:f4:ef:18:d0:e5:
0a:6d:57:6f:de:2c:bd:75:6f:ff:10:66:b3:f6:28:d4:9a:a1:
4d:3f:0a:32:1a:cd:f3:ae:b9:bd:c0:d7:d4:da:8c:87:77:1b:
00:b2:f4:0f:31:0e:a4:91:46:29:93:d9:68:74:1e:db:cd:1f:
33:e9:f4:8c:f5:34:7e:3e:bc:f4:0f:a4:45:2c:f6:5f:cd:90:
da:54:bc:48:38:a4:e5:08:bf:88:b2:f2:fa:89:e5:82:4f:90:
14:c7:9c:f0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDf4gSZTkgUafpslpwx3URZmhJ4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA2MDExMjEwMzBaFw0yNjA1MzExMjE1MzBaMDMxMTAvBgNV
BAMTKDA2OUY4M0ZDQzUyOTQ5M0EyRTRGMUI4RUQyMEY3RDcxMDMxQTUwRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+GReqFgxZGKPFMWOZ+hTnmWxN
AeCLJJc4rEl0gXfZIuvU83XsXPwCZC72rm+sWSdhLKg034NgwQYquP67ca5NV66r
tRsC/wXB4/IrHCZaZEJj1sfAMhsTLxdqarci+YudejwPyObo5GqWR+c3tKS+VrNe
qwVfJFLDl+A4TfDo/N/ocYbsLelrxfbgk8txFZkvlHCVoeQzoe5Mj+BBlIRsu1kb
q3PgPrWduu2ZGF9m2B+qgqVmfEw6OhNh0uIP721jCtHQt/mBy4gJNTy3ViG7QMwY
rZoUUXfNTkIYW3jp7SALpoWkGZBqAw6cEjVK7EMr/6OPzc+DU1MnDPgEs/SjAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUBp+D/MUpSTouTxuO0g99cQMaUNMwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzYzMjJlMzMyZTMyMzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczNjM1MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA+AxQw
DQYJKoZIhvcNAQELBQADggEBABpY1xJogGer3s2xD2l/QnhrI0qBDwcEh4qrGFb1
ZSt1sDLur5OrDKo0FO+v9QR9m6S0SXjwPKqCiN91PyBygx/sGO6SSsrrG4xpXG/k
nEZNhaCZ02B94rPn9doY/YnPcptrVXrHSsD2QW6tJt8BTdlShJCRoGoHZBSHldvl
79s8Mu7ZOFiPopWPq54MwDxgcyqXVu64EntS1E9tSgf07xjQ5QptV2/eLL11b/8Q
ZrP2KNSaoU0/CjIazfOuub3A19TajId3GwCy9A8xDqSRRimT2Wh0HtvNHzPp9Iz1
NH4+vPQPpEUs9l/NkNpUvEg4pOUIv4iy8vqJ5YJPkBTHnPA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:45:07 2025 by rpki-client