Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0ef403-9eff-4048-872e-4f43195d196f/1/1OfjQFfteISQNabjcczR-9dReks.roa
File: 1OfjQFfteISQNabjcczR-9dReks.roa (raw, json)
Hash identifier: ZhCiLAig24bZkHg5MrEQz97yFa08vAxonxd0npz5Tb0=
Subject key identifier: D4:E7:E3:40:57:ED:78:84:90:35:A6:E3:71:CC:D1:FB:D7:51:7A:4B
Certificate issuer: /CN=a22b1f4d0ab43836b2715390828d90772cc9d8da
Certificate serial: 018F16D389338F90CFED835B894C919A3C56
Authority key identifier: A2:2B:1F:4D:0A:B4:38:36:B2:71:53:90:82:8D:90:77:2C:C9:D8:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oisfTQq0ODaycVOQgo2QdyzJ2No.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/0ef403-9eff-4048-872e-4f43195d196f/1/1OfjQFfteISQNabjcczR-9dReks.roa
Signing time: Thu 25 Apr 2024 19:55:12 +0000
ROA not before: Thu 25 Apr 2024 19:55:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28995
IP address blocks: 62.140.160.0/20 maxlen: 20
2a02:2670::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:16:d3:89:33:8f:90:cf:ed:83:5b:89:4c:91:9a:3c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a22b1f4d0ab43836b2715390828d90772cc9d8da
Validity
Not Before: Apr 25 19:55:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4e7e34057ed78849035a6e371ccd1fbd7517a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4b:a0:66:6c:a7:00:a4:f9:a8:4e:9f:b0:52:
c9:2b:78:40:33:2e:3c:20:7f:23:95:71:91:87:6b:
26:eb:1f:61:5b:35:1a:b0:42:b7:ba:3c:49:c3:6b:
18:4b:2b:f6:74:a9:24:c4:19:79:4c:b4:95:f8:e9:
08:c4:b4:d1:78:fd:af:c6:59:db:f4:52:67:57:63:
70:12:58:e1:fa:d0:86:7c:3a:cf:f7:15:ab:69:db:
27:0c:8b:56:27:6b:3c:31:c3:93:c3:58:78:ca:b6:
f2:a7:b3:cf:93:e7:7f:ae:9c:9d:e9:52:33:7e:9c:
a9:05:55:d0:3d:7d:32:e7:6d:b6:52:1b:60:84:bd:
9d:47:7b:07:28:01:00:41:a5:67:ba:0d:fb:04:29:
ca:97:be:04:76:42:dc:eb:c3:b6:ec:3f:6c:8b:ae:
5e:c8:bc:ee:82:0c:3d:10:3c:49:41:17:d8:cf:ba:
91:b5:7e:2f:07:78:0d:ee:8e:dd:cb:6d:34:20:68:
39:5d:7c:8f:46:90:5f:84:06:5b:69:45:c5:e3:f6:
fd:73:0b:29:05:dc:23:81:71:5b:e8:11:46:51:65:
bc:fa:94:56:7a:f5:4f:f3:42:be:7d:2c:12:d2:79:
89:d0:b4:aa:a4:1f:64:44:42:02:a4:1a:8e:fb:6b:
2f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E7:E3:40:57:ED:78:84:90:35:A6:E3:71:CC:D1:FB:D7:51:7A:4B
X509v3 Authority Key Identifier:
keyid:A2:2B:1F:4D:0A:B4:38:36:B2:71:53:90:82:8D:90:77:2C:C9:D8:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oisfTQq0ODaycVOQgo2QdyzJ2No.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0ef403-9eff-4048-872e-4f43195d196f/1/1OfjQFfteISQNabjcczR-9dReks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0ef403-9eff-4048-872e-4f43195d196f/1/oisfTQq0ODaycVOQgo2QdyzJ2No.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.140.160.0/20
IPv6:
2a02:2670::/32
Signature Algorithm: sha256WithRSAEncryption
19:e3:82:0d:c8:bf:59:df:28:df:08:b5:4d:d3:73:1a:a3:32:
c4:13:c2:98:03:9f:d7:6d:1a:55:92:76:13:cf:c4:e4:09:7c:
c6:23:fe:db:2d:88:e1:b1:95:46:b9:06:b6:9a:34:1b:c5:f1:
3d:4d:ac:fe:49:fe:6d:96:05:bf:fc:40:ba:3b:1b:78:67:22:
71:37:e5:8d:17:18:f4:f7:c4:9c:f9:d0:0f:6f:b6:79:b6:17:
8c:6b:5a:30:c1:25:4e:61:59:6d:96:61:be:0a:e1:11:1f:74:
58:a2:30:6f:7f:9a:f2:0e:6b:fe:95:97:a8:db:92:e0:58:24:
be:81:4f:53:39:c0:c5:22:66:fa:0b:34:a6:24:b1:c0:ed:c6:
84:02:c6:e2:4c:77:d0:f1:a4:e6:1f:3e:e2:bb:56:30:97:88:
65:2d:49:8b:75:c2:1e:20:35:2b:f7:c0:bb:2b:fe:02:f4:30:
e2:59:49:a2:a7:37:9e:49:58:aa:1b:5b:6f:57:4e:5b:85:62:
64:f4:15:f4:2e:0b:29:fa:59:2d:ef:cc:f5:10:e8:6a:3c:c2:
98:0d:41:2a:43:a0:73:c7:6a:2b:d4:ec:40:f6:40:cf:3f:0e:
f6:3b:68:ac:f0:ae:60:f8:39:03:f2:9e:44:0c:41:73:41:18:
f1:c2:1f:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8W04kzj5DP7YNbiUyRmjxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMmIxZjRkMGFiNDM4MzZiMjcxNTM5MDgyOGQ5MDc3MmNj
OWQ4ZGEwHhcNMjQwNDI1MTk1NTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU3ZTM0MDU3ZWQ3ODg0OTAzNWE2ZTM3MWNjZDFmYmQ3NTE3YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10ugZmynAKT5qE6fsFLJK3hAMy48
IH8jlXGRh2sm6x9hWzUasEK3ujxJw2sYSyv2dKkkxBl5TLSV+OkIxLTReP2vxlnb
9FJnV2NwEljh+tCGfDrP9xWradsnDItWJ2s8McOTw1h4yrbyp7PPk+d/rpyd6VIz
fpypBVXQPX0y5222UhtghL2dR3sHKAEAQaVnug37BCnKl74EdkLc68O27D9si65e
yLzuggw9EDxJQRfYz7qRtX4vB3gN7o7dy200IGg5XXyPRpBfhAZbaUXF4/b9cwsp
BdwjgXFb6BFGUWW8+pRWevVP80K+fSwS0nmJ0LSqpB9kREICpBqO+2svSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNTn40BX7XiEkDWm43HM0fvXUXpLMB8GA1UdIwQY
MBaAFKIrH00KtDg2snFTkIKNkHcsydjaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lzZlRRcTBPRGF5Y1ZPUWdvMlFkeXpKMk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZWY0MDMtOWVmZi00MDQ4LTg3MmUt
NGY0MzE5NWQxOTZmLzEvMU9malFGZnRlSVNRTmFiamNjelItOWRSZWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZWY0MDMtOWVmZi00MDQ4LTg3MmUtNGY0MzE5NWQxOTZm
LzEvb2lzZlRRcTBPRGF5Y1ZPUWdvMlFkeXpKMk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEPoygMA0E
AgACMAcDBQAqAiZwMA0GCSqGSIb3DQEBCwUAA4IBAQAZ44INyL9Z3yjfCLVN03Ma
ozLEE8KYA5/XbRpVknYTz8TkCXzGI/7bLYjhsZVGuQa2mjQbxfE9Taz+Sf5tlgW/
/EC6Oxt4ZyJxN+WNFxj098Sc+dAPb7Z5theMa1owwSVOYVltlmG+CuERH3RYojBv
f5ryDmv+lZeo25LgWCS+gU9TOcDFImb6CzSmJLHA7caEAsbiTHfQ8aTmHz7iu1Yw
l4hlLUmLdcIeIDUr98C7K/4C9DDiWUmipzeeSViqG1tvV05bhWJk9BX0Lgsp+lkt
78z1EOhqPMKYDUEqQ6Bzx2or1OxA9kDPPw72O2is8K5g+DkD8p5EDEFzQRjxwh/X
-----END CERTIFICATE-----
Generated at Thu May 8 01:43:32 2025 by rpki-client