Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/bfYhYesoLO5E79PLWWao-ZEki6s.roa
File: bfYhYesoLO5E79PLWWao-ZEki6s.roa (raw, json)
Hash identifier: XB3yj/NQr67WZXWL1RkMSzSV0uRtwMdnC8QyDf7tIp0=
Subject key identifier: 6D:F6:21:61:EB:28:2C:EE:44:EF:D3:CB:59:66:A8:F9:91:24:8B:AB
Certificate issuer: /CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Certificate serial: 01920EC5FA4B6BC8A5B93A36AFAB0A762754
Authority key identifier: 49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/bfYhYesoLO5E79PLWWao-ZEki6s.roa
Signing time: Fri 20 Sep 2024 09:31:48 +0000
ROA not before: Fri 20 Sep 2024 09:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8565
IP address blocks: 62.244.76.0/23 maxlen: 23
62.244.100.0/22 maxlen: 24
62.244.104.0/22 maxlen: 22
62.244.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 10:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:c5:fa:4b:6b:c8:a5:b9:3a:36:af:ab:0a:76:27:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Validity
Not Before: Sep 20 09:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6df62161eb282cee44efd3cb5966a8f991248bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:71:23:d7:70:dc:56:db:2c:79:cc:e2:a6:
8d:24:8f:bd:24:3b:9c:33:ee:8b:9e:0b:1a:17:9c:
49:97:99:b3:77:b9:f4:d9:5d:dc:80:c4:0c:a7:a9:
c6:69:c5:74:eb:a6:b4:91:da:87:81:af:b6:ab:d3:
8f:f4:0f:b2:71:24:d2:9d:16:06:c5:71:76:6e:58:
21:ad:d3:d5:d4:58:c5:3e:05:14:cd:cf:78:ed:ff:
21:e3:6f:0a:3d:e8:03:6c:49:4d:f5:b0:85:9e:f9:
02:1f:da:7f:70:21:30:9b:49:27:57:00:a0:1f:99:
38:b2:50:eb:f4:cc:14:45:3c:34:80:3d:2c:6b:2e:
c8:b8:c9:ae:38:51:cc:5c:74:f5:32:92:e5:53:e0:
97:97:f6:b2:77:db:99:eb:20:93:8e:bf:2d:9f:d5:
ac:f3:42:49:27:e7:85:70:97:be:e7:6a:8c:d4:8e:
26:30:75:b3:5b:ed:fa:ca:09:ed:ba:30:8f:6b:84:
aa:77:35:4e:24:66:22:7b:6c:ec:8e:74:3b:2f:e5:
6f:1e:65:7e:b9:6c:47:11:04:5e:ae:27:bc:1c:0d:
d8:7f:48:51:6b:95:de:49:98:51:b6:c3:90:31:28:
c8:8e:ad:bb:aa:78:33:53:56:1a:4b:87:4e:09:9f:
d5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F6:21:61:EB:28:2C:EE:44:EF:D3:CB:59:66:A8:F9:91:24:8B:AB
X509v3 Authority Key Identifier:
keyid:49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/bfYhYesoLO5E79PLWWao-ZEki6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.76.0/23
62.244.100.0-62.244.107.255
62.244.120.0/22
Signature Algorithm: sha256WithRSAEncryption
52:24:df:a4:74:8d:6d:f7:6d:59:cd:fc:66:a6:59:55:9b:2a:
9b:d2:97:a0:42:9d:c8:b3:53:14:4d:6c:29:47:f4:db:f5:2a:
ba:9b:08:cd:fd:b6:c0:da:ff:b8:9d:8b:b3:65:55:7e:c8:c4:
e7:b0:7d:a2:5e:f6:66:6b:33:f1:b6:10:be:c8:d7:1f:30:a6:
9d:b0:b2:7b:88:16:8f:06:73:99:9c:c5:60:7d:3b:85:73:4d:
05:81:09:e5:2a:1d:3a:72:55:d5:5d:a7:c7:30:47:c0:36:30:
8c:57:94:d3:3e:72:fa:f5:2a:cc:65:bd:69:7a:08:89:43:74:
eb:2d:f4:d5:4f:0c:14:56:e8:51:2f:7f:82:e2:65:d5:b4:ec:
01:fa:70:73:ec:0e:8d:14:ab:6f:10:28:56:42:62:27:61:9a:
9a:31:2e:0b:c0:3c:1c:e4:e4:f4:86:f0:f8:1a:61:66:65:c0:
f9:41:ae:44:14:6f:e6:a7:4b:49:de:3f:88:6b:32:3a:a9:ea:
12:44:7c:4f:2f:93:06:50:98:a6:0a:64:ef:1a:3d:2f:38:68:
fe:98:09:ac:9c:b9:68:f4:9d:68:04:b3:5f:3b:c0:f2:f6:99:
34:90:5b:4f:40:41:14:f0:ec:73:f4:28:c7:09:08:30:27:0a:
a6:31:1f:6d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZIOxfpLa8iluTo2r6sKdidUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5M2EyZDQ4Mzc2MzMwYTU4MmZhZjNlMzAzMmVmN2IwYmNj
YTMzZTgwHhcNMjQwOTIwMDkzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY2MjE2MWViMjgyY2VlNDRlZmQzY2I1OTY2YThmOTkxMjQ4YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRlxI9dw3FbbLHnM4qaNJI+9JDuc
M+6LngsaF5xJl5mzd7n02V3cgMQMp6nGacV066a0kdqHga+2q9OP9A+ycSTSnRYG
xXF2blghrdPV1FjFPgUUzc947f8h428KPegDbElN9bCFnvkCH9p/cCEwm0knVwCg
H5k4slDr9MwURTw0gD0say7IuMmuOFHMXHT1MpLlU+CXl/ayd9uZ6yCTjr8tn9Ws
80JJJ+eFcJe+52qM1I4mMHWzW+36ygntujCPa4SqdzVOJGYie2zsjnQ7L+VvHmV+
uWxHEQRerie8HA3Yf0hRa5XeSZhRtsOQMSjIjq27qngzU1YaS4dOCZ/VUQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG32IWHrKCzuRO/Ty1lmqPmRJIurMB8GA1UdIwQY
MBaAFEk6LUg3YzClgvrz4wMu97C8yjPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2Qt
Njg5YmE0ZDMzYzRiLzEvYmZZaFllc29MTzVFNzlQTFdXYW8tWkVraTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2QtNjg5YmE0ZDMzYzRi
LzEvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBPvRMMAwD
BAI+9GQDBAI+9GgDBAI+9HgwDQYJKoZIhvcNAQELBQADggEBAFIk36R0jW33bVnN
/GamWVWbKpvSl6BCncizUxRNbClH9Nv1KrqbCM39tsDa/7idi7NlVX7IxOewfaJe
9mZrM/G2EL7I1x8wpp2wsnuIFo8Gc5mcxWB9O4VzTQWBCeUqHTpyVdVdp8cwR8A2
MIxXlNM+cvr1KsxlvWl6CIlDdOst9NVPDBRW6FEvf4LiZdW07AH6cHPsDo0Uq28Q
KFZCYidhmpoxLgvAPBzk5PSG8PgaYWZlwPlBrkQUb+anS0neP4hrMjqp6hJEfE8v
kwZQmKYKZO8aPS84aP6YCaycuWj0nWgEs187wPL2mTSQW09AQRTw7HP0KMcJCDAn
CqYxH20=
-----END CERTIFICATE-----
Generated at Tue May 6 09:56:07 2025 by rpki-client