Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/3wOgDzWPZlYSt47YEs-9LNQIoGU.roa
File: 3wOgDzWPZlYSt47YEs-9LNQIoGU.roa (raw, json)
Hash identifier: 7ah/baXH06B+pOCyeIdfeXyX8qyt3grDSUKpK4JdEZ4=
Subject key identifier: DF:03:A0:0F:35:8F:66:56:12:B7:8E:D8:12:CF:BD:2C:D4:08:A0:65
Certificate issuer: /CN=aaa972ac3cc10f716ca4985045a5f0824b60ca1f
Certificate serial: 019648EF63B5C631D502269FCAE2D0353887
Authority key identifier: AA:A9:72:AC:3C:C1:0F:71:6C:A4:98:50:45:A5:F0:82:4B:60:CA:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqlyrDzBD3FspJhQRaXwgktgyh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/3wOgDzWPZlYSt47YEs-9LNQIoGU.roa
Signing time: Fri 18 Apr 2025 12:46:10 +0000
ROA not before: Fri 18 Apr 2025 12:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47131
IP address blocks: 62.182.232.0/21 maxlen: 21
62.182.235.0/24 maxlen: 24
62.182.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Apr 2025 13:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:ef:63:b5:c6:31:d5:02:26:9f:ca:e2:d0:35:38:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaa972ac3cc10f716ca4985045a5f0824b60ca1f
Validity
Not Before: Apr 18 12:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df03a00f358f665612b78ed812cfbd2cd408a065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2d:69:0b:7b:2d:33:4f:b2:18:ab:cc:a4:12:
ff:07:ad:62:90:84:2c:12:c9:e1:b2:25:3d:be:0e:
59:39:c6:8f:58:51:50:e8:b2:dd:50:a7:5b:98:2c:
77:34:fd:f5:24:a0:7e:74:ed:db:e1:86:ed:c8:9e:
74:8e:0c:07:9c:cb:0d:17:de:c5:ec:f9:38:f1:82:
c7:aa:b5:28:f0:5c:62:10:93:2c:3a:f2:78:92:ee:
94:a2:15:1f:d6:91:9e:c6:3e:8b:b0:df:88:4a:9b:
54:06:43:c3:c4:30:33:1f:54:6d:42:5d:c5:be:c1:
15:89:13:1d:9e:6d:87:1d:41:4e:bc:2d:c0:cc:65:
37:c1:31:a4:57:02:cc:64:08:64:af:a6:4e:bc:b3:
0f:17:c2:eb:b5:b5:92:49:8b:4d:2b:7b:f6:ef:bb:
05:75:4a:20:fb:ff:7e:9b:37:26:48:cb:d6:02:6e:
6d:f2:2b:1f:cc:ea:b8:76:9d:74:1d:76:25:6d:db:
6f:46:db:a6:35:6a:99:6c:a3:7c:0b:d2:80:c0:02:
36:d8:50:a0:17:e8:76:72:e7:65:1b:80:80:05:98:
d3:9d:82:13:89:96:c4:ff:02:8e:0b:41:92:21:d4:
1f:3e:74:ec:15:b3:ea:9b:78:ae:5f:0c:a1:55:33:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:03:A0:0F:35:8F:66:56:12:B7:8E:D8:12:CF:BD:2C:D4:08:A0:65
X509v3 Authority Key Identifier:
keyid:AA:A9:72:AC:3C:C1:0F:71:6C:A4:98:50:45:A5:F0:82:4B:60:CA:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqlyrDzBD3FspJhQRaXwgktgyh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/3wOgDzWPZlYSt47YEs-9LNQIoGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.232.0/21
Signature Algorithm: sha256WithRSAEncryption
63:fb:3e:a2:57:7f:47:8e:64:d6:62:f3:7b:18:0e:04:3c:d4:
0a:36:cb:ed:2e:40:68:cb:87:ff:7e:9d:62:82:0f:17:32:26:
9e:3b:c2:78:88:68:9c:7c:26:15:cf:b6:a8:5b:8d:51:9c:22:
c0:bb:e2:eb:18:07:63:c6:ce:0e:eb:e1:e3:1b:81:aa:72:14:
22:b5:6e:81:9f:63:a1:be:77:aa:e2:de:2a:0a:a0:54:b0:fc:
c2:05:bf:d8:fe:63:fd:f6:3a:ba:ff:f2:04:76:08:04:a5:f5:
9c:9e:4a:9a:e9:64:61:82:d0:8b:89:bd:53:09:12:e6:61:cf:
a7:9f:f6:6b:60:1d:d9:86:cb:ff:03:87:39:1c:66:8b:5c:ad:
10:0c:8b:57:92:71:b7:b0:73:b3:1e:ad:68:cc:6e:ad:d9:39:
3a:11:18:ec:77:37:03:72:50:18:4e:1d:2a:7d:8f:af:26:18:
28:5c:a0:65:40:3f:ee:87:bb:3d:2c:9b:4a:b4:73:fe:7e:31:
c2:be:6e:df:ab:91:f0:28:d0:40:63:35:58:25:49:42:49:d4:
2e:77:d5:a8:1d:55:c2:10:eb:63:72:54:51:af:fe:01:de:07:
bc:37:35:ac:5d:24:da:7c:0d:89:a4:8c:ea:b6:16:40:fd:46:
a2:29:bf:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZI72O1xjHVAiafyuLQNTiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYTk3MmFjM2NjMTBmNzE2Y2E0OTg1MDQ1YTVmMDgyNGI2
MGNhMWYwHhcNMjUwNDE4MTI0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAzYTAwZjM1OGY2NjU2MTJiNzhlZDgxMmNmYmQyY2Q0MDhhMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC1pC3stM0+yGKvMpBL/B61ikIQs
EsnhsiU9vg5ZOcaPWFFQ6LLdUKdbmCx3NP31JKB+dO3b4YbtyJ50jgwHnMsNF97F
7Pk48YLHqrUo8FxiEJMsOvJ4ku6UohUf1pGexj6LsN+ISptUBkPDxDAzH1RtQl3F
vsEViRMdnm2HHUFOvC3AzGU3wTGkVwLMZAhkr6ZOvLMPF8LrtbWSSYtNK3v277sF
dUog+/9+mzcmSMvWAm5t8isfzOq4dp10HXYlbdtvRtumNWqZbKN8C9KAwAI22FCg
F+h2cudlG4CABZjTnYITiZbE/wKOC0GSIdQfPnTsFbPqm3iuXwyhVTN7+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8DoA81j2ZWEreO2BLPvSzUCKBlMB8GA1UdIwQY
MBaAFKqpcqw8wQ9xbKSYUEWl8IJLYMofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXFseXJEekJEM0ZzcEpoUVJhWHdna3RneWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kMDlmYjktZjNmYS00NWI4LWE1Y2Qt
NzdiNDg5MjQ5ZmE0LzEvM3dPZ0R6V1BabFlTdDQ3WUVzLTlMTlFJb0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kMDlmYjktZjNmYS00NWI4LWE1Y2QtNzdiNDg5MjQ5ZmE0
LzEvcXFseXJEekJEM0ZzcEpoUVJhWHdna3RneWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPrboMA0G
CSqGSIb3DQEBCwUAA4IBAQBj+z6iV39HjmTWYvN7GA4EPNQKNsvtLkBoy4f/fp1i
gg8XMiaeO8J4iGicfCYVz7aoW41RnCLAu+LrGAdjxs4O6+HjG4GqchQitW6Bn2Oh
vneq4t4qCqBUsPzCBb/Y/mP99jq6//IEdggEpfWcnkqa6WRhgtCLib1TCRLmYc+n
n/ZrYB3Zhsv/A4c5HGaLXK0QDItXknG3sHOzHq1ozG6t2Tk6ERjsdzcDclAYTh0q
fY+vJhgoXKBlQD/uh7s9LJtKtHP+fjHCvm7fq5HwKNBAYzVYJUlCSdQud9WoHVXC
EOtjclRRr/4B3ge8NzWsXSTafA2JpIzqthZA/UaiKb+f
-----END CERTIFICATE-----
Generated at Sun May 11 09:15:46 2025 by rpki-client