Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/4hACSjDauax9GWjMFsf_AOF3l_M.roa
File: 4hACSjDauax9GWjMFsf_AOF3l_M.roa (raw, json)
Hash identifier: iGFr4w3w66L4k7wJ2O77UB9XDhUhEi/IMqdsG3ZgZp0=
Subject key identifier: E2:10:02:4A:30:DA:B9:AC:7D:19:68:CC:16:C7:FF:00:E1:77:97:F3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01920C2E3B0E0570208B05D0A5E58ACDE2A0
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/4hACSjDauax9GWjMFsf_AOF3l_M.roa
Signing time: Thu 19 Sep 2024 21:26:49 +0000
ROA not before: Thu 19 Sep 2024 21:26:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 62.171.192.0/19 maxlen: 24
62.171.224.0/22 maxlen: 24
62.171.252.0/22 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.16.0/20 maxlen: 24
217.177.36.0/22 maxlen: 24
217.177.56.0/21 maxlen: 24
217.177.64.0/21 maxlen: 24
217.177.76.0/22 maxlen: 24
217.177.88.0/21 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Nov 2024 23:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0c:2e:3b:0e:05:70:20:8b:05:d0:a5:e5:8a:cd:e2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Sep 19 21:26:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e210024a30dab9ac7d1968cc16c7ff00e17797f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:5f:9c:4d:68:20:49:af:e0:fb:f2:e1:27:
ce:e4:0b:30:18:34:01:6a:78:1f:98:37:7b:49:e2:
80:1e:05:0a:e8:e7:d5:52:b8:5a:5a:da:2c:d8:f4:
65:63:c3:1e:6a:7e:18:84:59:d8:95:aa:82:9d:ee:
22:31:94:be:48:a4:92:54:f0:98:80:ab:03:7d:16:
27:99:92:4f:72:ee:e0:71:a2:50:47:cd:f2:eb:9c:
db:fb:b5:34:f9:4a:67:46:b2:a5:97:c3:6a:2e:54:
f2:0b:6a:fb:38:66:64:8d:43:b8:69:49:71:a7:b2:
4f:fa:70:14:50:7e:18:df:36:f9:d2:53:77:5a:a4:
9f:23:02:4f:13:78:3a:05:c0:96:51:b3:5d:6e:60:
39:ac:dc:52:5e:6f:7e:1c:3b:a6:89:a6:e3:42:62:
34:f2:4b:10:f7:2b:c9:34:9a:b4:02:e6:c3:98:92:
b0:92:8b:55:7b:6c:f5:9a:66:cb:43:c0:73:d4:c2:
24:ab:02:d8:6e:03:90:50:c7:ec:27:d0:02:f8:18:
79:56:5e:5e:e5:83:19:dd:9e:96:c0:c4:a2:48:46:
95:28:10:19:6f:ee:75:4d:70:f8:cc:6b:ad:28:0e:
14:8d:cf:91:6f:da:17:64:43:25:b0:60:60:57:6c:
f5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:02:4A:30:DA:B9:AC:7D:19:68:CC:16:C7:FF:00:E1:77:97:F3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/4hACSjDauax9GWjMFsf_AOF3l_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0-62.171.227.255
62.171.252.0/22
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.16.0/20
217.177.36.0/22
217.177.56.0-217.177.71.255
217.177.76.0/22
217.177.88.0/21
217.179.0.0/17
217.179.192.0-217.180.11.255
217.180.24.0-217.180.35.255
217.180.48.0/22
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:eb:0c:05:38:a3:aa:5f:d9:9d:9e:b5:e5:dc:bb:71:d2:bc:
f6:cd:c5:e8:9b:70:00:9c:91:ea:1c:9a:1a:51:3f:11:d3:38:
67:3d:c4:b0:68:f2:16:01:7a:cc:f4:51:76:d1:73:be:49:c7:
37:5f:b5:da:55:99:5c:7e:3d:da:9a:b1:c0:50:95:3a:a4:6f:
40:c6:b5:bc:0c:6f:00:38:6e:bc:56:df:b2:e1:54:e0:cb:f2:
97:50:2c:92:cb:6e:fe:c2:b2:97:7e:4f:c0:57:fc:16:82:96:
f4:92:59:88:72:79:85:5f:89:8e:7e:6c:56:2b:7e:3e:7d:12:
e5:ae:31:98:57:50:92:dc:7f:5c:7d:c2:6d:9e:d1:6a:52:a5:
b4:13:31:0f:95:71:08:25:26:ab:7b:d8:77:e4:78:ea:a9:ad:
c7:ed:39:96:d7:4b:46:6f:24:29:09:9c:45:6c:8c:a2:86:b0:
97:59:3f:4f:0e:7d:e9:cf:e6:b4:c7:6b:e5:74:23:3d:d7:05:
c7:82:74:a6:b1:38:bc:19:55:aa:76:fd:e4:0f:5c:18:7e:08:
48:cb:7b:3a:ad:3c:13:33:d5:b2:b7:ce:8a:70:c6:56:a0:3a:
cc:4e:49:a9:28:a1:04:08:4c:00:22:51:07:b5:da:d4:c2:0c:
16:c0:f3:82
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZIMLjsOBXAgiwXQpeWKzeKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwOTE5MjEyNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjEwMDI0YTMwZGFiOWFjN2QxOTY4Y2MxNmM3ZmYwMGUxNzc5N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD1fnE1oIEmv4Pvy4SfO5AswGDQB
angfmDd7SeKAHgUK6OfVUrhaWtos2PRlY8Mean4YhFnYlaqCne4iMZS+SKSSVPCY
gKsDfRYnmZJPcu7gcaJQR83y65zb+7U0+UpnRrKll8NqLlTyC2r7OGZkjUO4aUlx
p7JP+nAUUH4Y3zb50lN3WqSfIwJPE3g6BcCWUbNdbmA5rNxSXm9+HDumiabjQmI0
8ksQ9yvJNJq0AubDmJKwkotVe2z1mmbLQ8Bz1MIkqwLYbgOQUMfsJ9AC+Bh5Vl5e
5YMZ3Z6WwMSiSEaVKBAZb+51TXD4zGutKA4Ujc+Rb9oXZEMlsGBgV2z1BQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOIQAkow2rmsfRlozBbH/wDhd5fzMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvNGhBQ1NqRGF1YXg5R1dqTUZzZl9BT0YzbF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBlgQCAAEwgY8wDAME
Bj6rwAMEAj6r4AMEAj6r/AMEArnA5AMEBcKaADAMAwQFwu4gAwQFwu5AAwQG1RLA
AwQE2bEQAwQC2bEkMAwDBAPZsTgDBAPZsUADBALZsUwDBAPZsVgDBAfZswAwDAME
BtmzwAMEAtm0CDAMAwQD2bQYAwQC2bQgAwQC2bQwMAsDAwDZtQMEBdm1QDANBAIA
AjAHAwUAKgIPsDANBgkqhkiG9w0BAQsFAAOCAQEAtusMBTijql/ZnZ615dy7cdK8
9s3F6JtwAJyR6hyaGlE/EdM4Zz3EsGjyFgF6zPRRdtFzvknHN1+12lWZXH492pqx
wFCVOqRvQMa1vAxvADhuvFbfsuFU4Mvyl1Askstu/sKyl35PwFf8FoKW9JJZiHJ5
hV+Jjn5sVit+Pn0S5a4xmFdQktx/XH3CbZ7RalKltBMxD5VxCCUmq3vYd+R46qmt
x+05ltdLRm8kKQmcRWyMooawl1k/Tw596c/mtMdr5XQjPdcFx4J0prE4vBlVqnb9
5A9cGH4ISMt7Oq08EzPVsrfOinDGVqA6zE5JqSihBAhMACJRB7Xa1MIMFsDzgg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 01:59:58 2024 by rpki-client on console-ams.rpki-client.org