Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1oqeBlEogtqSvCnFMfYiw8iXqM4.roa
File: 1oqeBlEogtqSvCnFMfYiw8iXqM4.roa (raw, json)
Hash identifier: hZ4b5HIQ1iHStaSfbGdV17VfyOP4DxxsnhXGAM7cMc4=
Subject key identifier: D6:8A:9E:06:51:28:82:DA:92:BC:29:C5:31:F6:22:C3:C8:97:A8:CE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019541DB4035630E2DDF1FCA3A7E4AB9A782
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1oqeBlEogtqSvCnFMfYiw8iXqM4.roa
Signing time: Wed 26 Feb 2025 10:44:02 +0000
ROA not before: Wed 26 Feb 2025 10:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 62.76.230.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 11:15:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:db:40:35:63:0e:2d:df:1f:ca:3a:7e:4a:b9:a7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 26 10:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d68a9e06512882da92bc29c531f622c3c897a8ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e1:85:1f:f1:77:41:df:03:bf:04:d4:a7:ea:
4c:38:b4:d3:64:25:a8:a1:55:92:40:28:2b:50:c1:
84:db:9c:01:a4:14:d3:3d:99:b6:8d:87:21:fe:dc:
aa:0c:52:48:2e:9d:12:6d:29:66:5e:ad:e8:d7:3d:
90:e0:1d:1c:0f:60:e0:5a:89:30:fc:d9:36:04:a0:
e0:ec:42:b6:08:96:3c:db:a3:d0:60:80:34:62:07:
0b:45:67:50:ab:0e:97:da:16:28:c0:70:00:b2:53:
f6:2b:f8:08:3b:5c:20:0f:e3:db:e6:f6:f1:eb:f8:
c1:e8:a2:e4:83:e6:55:04:a2:91:5f:64:6e:a2:ec:
c2:4e:10:09:79:fd:1a:cf:ba:13:3a:04:44:aa:5e:
31:6a:9e:c9:e6:e3:05:76:d5:f9:a9:ec:06:4b:03:
5b:7b:c6:e1:cc:70:7f:29:9c:f4:36:3d:56:fd:a5:
0a:fa:50:4e:c4:2f:58:2a:b4:ca:a7:90:d4:28:e7:
9f:e4:ef:d8:a7:d6:23:a0:fe:2d:3a:6a:cf:05:f5:
30:f8:db:99:a5:24:be:14:33:99:f2:6e:a0:dd:5f:
b3:3f:c0:e8:68:57:76:96:7b:7c:00:2c:15:f1:59:
09:00:30:51:1e:4b:94:7d:33:79:8b:3d:de:5f:59:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8A:9E:06:51:28:82:DA:92:BC:29:C5:31:F6:22:C3:C8:97:A8:CE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1oqeBlEogtqSvCnFMfYiw8iXqM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.87.59.0/24
194.87.75.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:b2:1e:a1:db:09:77:f3:97:75:e2:96:45:3f:dc:69:d3:7b:
27:34:9a:5a:01:a1:1c:b0:a3:a1:25:e9:d1:fc:c6:e5:45:fe:
08:7d:fc:b2:d3:c6:8f:f4:d8:8c:f5:11:5f:e4:ee:01:f4:79:
d3:35:b3:91:59:a0:e9:2c:95:9e:63:67:59:90:4f:fc:45:b0:
0d:1e:ee:c6:cc:b0:73:2c:3d:ae:32:16:d3:04:0d:9f:c2:59:
71:ba:3b:ea:fb:66:0f:b0:dd:b9:6a:da:58:14:1a:20:26:d8:
81:db:d4:78:71:fb:b3:6e:d9:8e:e5:7a:62:4e:6a:7a:fc:bc:
2f:45:6b:10:52:c9:17:73:9d:0d:0f:f6:ed:35:8f:59:8b:3f:
c5:58:21:f1:91:ab:81:1d:e3:4b:fc:c8:b5:68:ae:e0:b1:0e:
46:cf:f8:e3:29:dc:c6:96:10:22:e4:12:d9:54:c1:a8:4e:0d:
e3:75:7e:b2:97:5e:e1:7c:24:07:54:e1:87:f1:ed:da:11:7e:
d4:71:7d:fb:f1:99:a2:0a:eb:3d:25:5f:23:ed:11:89:9b:0d:
80:bd:3c:16:85:ff:e0:00:8b:4c:57:58:1e:8e:62:6f:7d:f0:
4a:fc:b8:27:fd:52:13:83:97:c2:70:aa:12:37:82:56:fc:43:
8c:44:6f:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVB20A1Yw4t3x/KOn5KuaeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjI2MTA0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjhhOWUwNjUxMjg4MmRhOTJiYzI5YzUzMWY2MjJjM2M4OTdhOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeGFH/F3Qd8DvwTUp+pMOLTTZCWo
oVWSQCgrUMGE25wBpBTTPZm2jYch/tyqDFJILp0SbSlmXq3o1z2Q4B0cD2DgWokw
/Nk2BKDg7EK2CJY826PQYIA0YgcLRWdQqw6X2hYowHAAslP2K/gIO1wgD+Pb5vbx
6/jB6KLkg+ZVBKKRX2RuouzCThAJef0az7oTOgREql4xap7J5uMFdtX5qewGSwNb
e8bhzHB/KZz0Nj1W/aUK+lBOxC9YKrTKp5DUKOef5O/Yp9YjoP4tOmrPBfUw+NuZ
pSS+FDOZ8m6g3V+zP8DoaFd2lnt8ACwV8VkJADBRHkuUfTN5iz3eX1nwOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNaKngZRKILakrwpxTH2IsPIl6jOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMW9xZUJsRW9ndHFTdkNuRk1mWWl3OGlYcU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPkzmAwQA
wlc7AwQAwldLMA0GCSqGSIb3DQEBCwUAA4IBAQCPsh6h2wl385d14pZFP9xp03sn
NJpaAaEcsKOhJenR/MblRf4Iffyy08aP9NiM9RFf5O4B9HnTNbORWaDpLJWeY2dZ
kE/8RbANHu7GzLBzLD2uMhbTBA2fwllxujvq+2YPsN25atpYFBogJtiB29R4cfuz
btmO5XpiTmp6/LwvRWsQUskXc50ND/btNY9Ziz/FWCHxkauBHeNL/Mi1aK7gsQ5G
z/jjKdzGlhAi5BLZVMGoTg3jdX6yl17hfCQHVOGH8e3aEX7UcX378ZmiCus9JV8j
7RGJmw2AvTwWhf/gAItMV1gejmJvffBK/Lgn/VITg5fCcKoSN4JW/EOMRG/U
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:34:49 2025 by rpki-client