Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DDD04Z69bjQ8Xf9DYq5coiGIxKI.roa
File: DDD04Z69bjQ8Xf9DYq5coiGIxKI.roa (raw, json)
Hash identifier: UKc01nRUVcwdJInEn8WQIiMM+R/WppMkpds1JRbMyBE=
Subject key identifier: 0C:30:F4:E1:9E:BD:6E:34:3C:5D:FF:43:62:AE:5C:A2:21:88:C4:A2
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019624F6DC5D9C665CAC0F4E5281D237B9EB
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DDD04Z69bjQ8Xf9DYq5coiGIxKI.roa
Signing time: Fri 11 Apr 2025 13:07:59 +0000
ROA not before: Fri 11 Apr 2025 13:07:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.172.0/24 maxlen: 24
62.72.173.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
62.72.185.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Apr 2025 17:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:f6:dc:5d:9c:66:5c:ac:0f:4e:52:81:d2:37:b9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Apr 11 13:07:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c30f4e19ebd6e343c5dff4362ae5ca22188c4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:24:23:b1:2a:f8:f6:8f:f1:7a:2e:4e:eb:f5:
e3:4a:59:ce:ae:db:3f:b3:fb:6b:38:67:46:98:08:
4b:bb:c2:cf:2c:7a:d8:be:47:2e:3d:6c:2d:6c:f3:
ef:38:5a:0d:39:f4:64:65:23:6a:67:34:d5:1a:32:
71:9a:5a:c5:2e:55:af:b7:02:c5:8f:bf:40:ec:6f:
64:96:e0:4e:4b:39:20:fd:4d:49:cf:16:9b:54:ba:
98:6d:6c:cb:af:ac:1a:fb:26:d4:d9:7a:87:ee:17:
56:d7:fc:fe:72:b5:63:94:74:fb:9e:eb:dd:af:13:
3e:b0:f0:7c:6e:8b:93:5a:62:a8:24:7f:c2:92:69:
3e:5f:d6:bb:d7:6f:74:b1:2f:20:ad:d6:e7:b1:4a:
7a:27:b8:4b:25:f2:e5:63:21:d4:05:38:f4:3e:7d:
28:f5:84:94:5d:08:bc:a6:47:57:9e:85:ea:82:bc:
b1:2a:6a:0a:fa:c6:f5:32:ea:71:ec:bb:7c:cb:38:
21:e3:12:8e:2a:54:61:54:75:4a:d9:4a:85:ba:4f:
d8:85:da:a1:32:fb:5e:8f:18:01:47:3c:a8:59:60:
fe:38:e2:1b:4c:73:96:f5:fc:f6:ea:86:d6:a7:a4:
db:9c:f9:40:b5:8c:6d:07:ce:2e:4f:ad:79:a6:75:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:30:F4:E1:9E:BD:6E:34:3C:5D:FF:43:62:AE:5C:A2:21:88:C4:A2
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DDD04Z69bjQ8Xf9DYq5coiGIxKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.172.0/23
62.72.184.0/23
62.72.191.0/24
81.21.2.0-81.21.7.255
176.57.51.0/24
176.57.56.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:6e:ca:11:40:2f:d4:cd:89:78:b5:89:14:49:18:c5:86:b9:
6c:71:8e:c3:2e:e5:98:e0:64:a6:bc:df:65:4e:28:8d:d2:12:
81:7f:ed:c4:5f:3a:cb:85:7f:7d:10:a5:bf:ec:70:06:b9:f0:
a0:d9:7e:ca:19:77:f7:ae:ff:2c:65:84:0c:92:19:64:10:9e:
51:89:1b:50:21:82:16:95:9a:7f:89:3d:ea:a3:b1:b4:73:d7:
b4:4a:8c:94:08:76:8b:29:e1:64:03:5f:a4:30:3f:8d:88:e8:
48:31:e9:7c:2f:a8:5a:fe:64:66:0a:5c:d9:c9:6d:0c:5f:d1:
10:b9:62:d9:fe:b2:b8:82:f3:20:ee:f4:e7:f5:2e:dc:bc:7e:
26:9a:bf:5d:49:7f:47:b2:e2:aa:c5:81:28:a3:0f:05:fb:e4:
c0:ad:0d:b5:a8:5e:6b:63:d0:bc:0b:ad:94:93:b0:42:20:4a:
31:2d:fb:3a:7b:69:c9:5f:af:2a:f3:b5:41:d8:b5:20:f5:af:
08:57:c7:31:f8:b1:62:d7:e7:bd:c3:a4:59:67:ec:32:2f:22:
35:23:d4:f5:1d:64:12:33:8c:ea:a2:26:67:e1:e8:ea:82:84:
19:a0:a4:18:b8:22:7b:4e:0a:87:07:2b:86:e1:25:41:53:16:
2e:85:b3:9f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZYk9txdnGZcrA9OUoHSN7nrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwNDExMTMwNzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzMwZjRlMTllYmQ2ZTM0M2M1ZGZmNDM2MmFlNWNhMjIxODhjNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyQjsSr49o/xei5O6/XjSlnOrts/
s/trOGdGmAhLu8LPLHrYvkcuPWwtbPPvOFoNOfRkZSNqZzTVGjJxmlrFLlWvtwLF
j79A7G9kluBOSzkg/U1JzxabVLqYbWzLr6wa+ybU2XqH7hdW1/z+crVjlHT7nuvd
rxM+sPB8bouTWmKoJH/Ckmk+X9a71290sS8grdbnsUp6J7hLJfLlYyHUBTj0Pn0o
9YSUXQi8pkdXnoXqgryxKmoK+sb1Mupx7Lt8yzgh4xKOKlRhVHVK2UqFuk/Yhdqh
MvtejxgBRzyoWWD+OOIbTHOW9fz26obWp6TbnPlAtYxtB84uT615pnW2BwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAww9OGevW40PF3/Q2KuXKIhiMSiMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvREREMDRaNjlialE4WGY5RFlxNWNvaUdJeEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAE+SKID
BAM+SKADBAE+SKwDBAE+SLgDBAA+SL8wDAMEAVEVAgMEA1EVAAMEALA5MwMEALA5
OAMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEAuG7KEUAv1M2JeLWJFEkYxYa5bHGO
wy7lmOBkprzfZU4ojdISgX/txF86y4V/fRClv+xwBrnwoNl+yhl3967/LGWEDJIZ
ZBCeUYkbUCGCFpWaf4k96qOxtHPXtEqMlAh2iynhZANfpDA/jYjoSDHpfC+oWv5k
Zgpc2cltDF/RELli2f6yuILzIO705/Uu3Lx+Jpq/XUl/R7LiqsWBKKMPBfvkwK0N
tahea2PQvAutlJOwQiBKMS37OntpyV+vKvO1Qdi1IPWvCFfHMfixYtfnvcOkWWfs
Mi8iNSPU9R1kEjOM6qImZ+Ho6oKEGaCkGLgie04KhwcrhuElQVMWLoWznw==
-----END CERTIFICATE-----
Generated at Fri May 2 22:10:43 2025 by rpki-client