Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/RJ68aV1wPJvw2xJjp4kvkfeprIQ.roa
File: RJ68aV1wPJvw2xJjp4kvkfeprIQ.roa (raw, json)
Hash identifier: 3lXCDLMs5Pei2GYyuAYSOaR980CAbflFaOAznLcfm4I=
Subject key identifier: 44:9E:BC:69:5D:70:3C:9B:F0:DB:12:63:A7:89:2F:91:F7:A9:AC:84
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01907F2DFC6CE9CFDB51235B481AD5248D0F
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/RJ68aV1wPJvw2xJjp4kvkfeprIQ.roa
Signing time: Thu 04 Jul 2024 19:17:18 +0000
ROA not before: Thu 04 Jul 2024 19:17:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5503
IP address blocks: 62.171.192.0/18 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/19 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 09:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7f:2d:fc:6c:e9:cf:db:51:23:5b:48:1a:d5:24:8d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jul 4 19:17:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=449ebc695d703c9bf0db1263a7892f91f7a9ac84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:e2:51:30:19:68:02:2b:fa:8d:dc:ef:ca:
e5:67:19:5d:a2:91:53:df:da:02:00:f9:3a:21:93:
b0:76:75:e1:ae:9c:74:19:20:fb:0c:5b:f8:d3:2c:
85:5c:be:39:d2:6e:ab:fe:e1:7e:4a:8f:e7:27:1b:
67:b8:40:4b:35:68:0a:c5:e3:45:87:1a:99:87:5c:
ff:7c:be:7b:4c:60:4f:e1:9e:6c:40:5b:35:47:8e:
a6:03:d6:e5:c9:fa:4c:79:56:f6:4b:35:f7:90:93:
26:01:d4:3b:a5:ed:b3:75:bb:06:e3:c7:75:94:da:
ac:99:54:5d:dd:bd:ca:ac:1f:d0:08:40:d0:fb:47:
80:24:92:f1:29:3a:66:75:41:50:a8:15:bf:1b:b7:
12:16:be:2d:a9:8a:80:69:87:3b:05:bf:32:a2:3d:
41:c1:8b:98:19:9e:34:cf:d6:d8:87:2a:9d:73:67:
95:4b:57:2d:80:30:37:53:2c:42:b5:33:03:93:5b:
74:60:b8:fc:7d:14:9b:53:a6:29:21:fb:5f:97:bc:
51:1b:27:0d:e7:51:38:26:81:28:f1:00:7e:02:cf:
e1:76:c8:73:95:51:5f:a4:5f:f5:7b:f5:fa:15:5d:
c9:29:b2:6e:60:2c:58:4f:db:77:7b:e0:18:63:ea:
04:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9E:BC:69:5D:70:3C:9B:F0:DB:12:63:A7:89:2F:91:F7:A9:AC:84
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/RJ68aV1wPJvw2xJjp4kvkfeprIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0/17
217.179.192.0-217.180.35.255
217.180.48.0/22
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:e2:ce:e3:46:28:a7:72:1b:05:63:ae:eb:cc:10:dc:9c:b0:
51:73:c7:22:16:7f:80:83:1b:dc:71:ae:67:f5:e4:3d:a0:6f:
24:92:32:b6:30:02:23:b7:e0:d8:ba:57:bd:e3:f2:a3:40:f6:
7b:09:0d:d3:a6:83:07:7d:80:a8:d5:63:08:9f:fc:a2:cc:81:
de:f8:66:bc:27:07:58:0c:6d:8b:7b:5b:83:4b:4c:36:b0:28:
bd:20:c0:0b:27:a6:e9:46:77:c4:f8:55:7f:21:b8:13:5e:10:
5c:eb:69:b2:d2:55:c0:89:65:17:c2:b3:3d:62:ec:71:2f:b2:
94:32:08:f2:87:ea:89:1e:4c:73:a6:9d:ad:ee:55:11:cc:e9:
f3:53:fe:41:d7:2a:9e:a8:4c:94:30:a7:ab:9e:58:2b:4d:8f:
26:87:b1:68:18:71:a3:65:17:74:8a:27:b5:0b:93:7a:65:5b:
02:28:02:a4:d2:a9:7a:bb:c4:cc:df:f7:89:f6:ab:c8:a9:b0:
76:d5:a0:b5:65:21:6b:f2:7b:27:b7:42:77:a1:47:04:90:34:
a5:92:ed:c3:07:8b:22:06:bf:5f:27:1a:c2:af:9d:80:8d:9f:
50:fd:57:bf:f1:52:d7:51:de:ff:41:72:7f:57:5c:ac:f8:de:
db:2c:18:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZB/Lfxs6c/bUSNbSBrVJI0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwNzA0MTkxNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDllYmM2OTVkNzAzYzliZjBkYjEyNjNhNzg5MmY5MWY3YTlhYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3PiUTAZaAIr+o3c78rlZxldopFT
39oCAPk6IZOwdnXhrpx0GSD7DFv40yyFXL450m6r/uF+So/nJxtnuEBLNWgKxeNF
hxqZh1z/fL57TGBP4Z5sQFs1R46mA9blyfpMeVb2SzX3kJMmAdQ7pe2zdbsG48d1
lNqsmVRd3b3KrB/QCEDQ+0eAJJLxKTpmdUFQqBW/G7cSFr4tqYqAaYc7Bb8yoj1B
wYuYGZ40z9bYhyqdc2eVS1ctgDA3UyxCtTMDk1t0YLj8fRSbU6YpIftfl7xRGycN
51E4JoEo8QB+As/hdshzlVFfpF/1e/X6FV3JKbJuYCxYT9t3e+AYY+oEUwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFESevGldcDyb8NsSY6eJL5H3qayEMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvUko2OGFWMXdQSnZ3MnhKanA0a3ZrZmVwcklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBj6rwAME
ArnA5AMEBcKaADAMAwQFwu4gAwQFwu5AAwQG1RLAMAsDAwDZsQMEBdmxQAMEB9mz
ADAMAwQG2bPAAwQC2bQgAwQC2bQwMAsDAwDZtQMEBdm1QDANBAIAAjAHAwUAKgIP
sDANBgkqhkiG9w0BAQsFAAOCAQEAOuLO40Yop3IbBWOu68wQ3JywUXPHIhZ/gIMb
3HGuZ/XkPaBvJJIytjACI7fg2LpXvePyo0D2ewkN06aDB32AqNVjCJ/8osyB3vhm
vCcHWAxti3tbg0tMNrAovSDACyem6UZ3xPhVfyG4E14QXOtpstJVwIllF8KzPWLs
cS+ylDII8ofqiR5Mc6adre5VEczp81P+QdcqnqhMlDCnq55YK02PJoexaBhxo2UX
dIontQuTemVbAigCpNKpervEzN/3ifaryKmwdtWgtWUha/J7J7dCd6FHBJA0pZLt
wweLIga/Xycawq+dgI2fUP1Xv/FS11He/0Fyf1dcrPje2ywY9g==
-----END CERTIFICATE-----
Generated at Fri Jul 5 10:30:55 2024 by rpki-client on console-ams.rpki-client.org