Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ZMfgQ244sp8sdAJ3SFiU2mQmcJ8.roa
File: ZMfgQ244sp8sdAJ3SFiU2mQmcJ8.roa (raw, json)
Hash identifier: Fm9oRJwZ+cn78yUYJXoSbCM9mUfIzl9+3Agayez64/o=
Subject key identifier: 64:C7:E0:43:6E:38:B2:9F:2C:74:02:77:48:58:94:DA:64:26:70:9F
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0191DDCDAA81A5906C32DA0A26D1E522D149
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ZMfgQ244sp8sdAJ3SFiU2mQmcJ8.roa
Signing time: Tue 10 Sep 2024 21:18:48 +0000
ROA not before: Tue 10 Sep 2024 21:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 62.171.192.0/19 maxlen: 24
62.171.224.0/22 maxlen: 24
62.171.252.0/22 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Sep 2024 21:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:cd:aa:81:a5:90:6c:32:da:0a:26:d1:e5:22:d1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Sep 10 21:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64c7e0436e38b29f2c740277485894da6426709f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:65:e5:1a:66:d7:30:b0:e8:75:5d:64:56:
51:52:c5:68:da:6f:de:5b:54:78:ec:e6:c7:8e:ee:
13:1f:03:c5:45:30:b9:a6:f4:74:2e:a0:dc:f6:44:
1e:43:ef:76:02:05:50:a4:ff:55:06:55:a7:01:e9:
04:eb:a9:17:be:93:52:b1:a0:63:46:4e:1f:e3:89:
c6:94:4c:ef:6b:67:d8:6c:34:a4:95:c0:2a:d4:c3:
db:f5:ec:22:0c:75:65:ea:a7:be:81:34:92:8f:d5:
e7:99:ee:ec:1a:57:83:ef:b5:37:28:be:30:f5:0b:
41:28:4b:a4:cd:c8:ad:9d:4e:2c:03:84:19:80:77:
ca:e7:00:87:29:11:b0:a2:20:ef:8d:d9:c2:1e:f6:
98:af:02:8d:e6:41:f0:c4:8d:f5:b9:77:11:23:67:
f9:0f:49:6d:70:76:99:42:e9:07:b0:0b:62:51:6f:
be:bf:49:02:8a:cd:7b:2f:cb:95:31:92:ec:22:5c:
31:ff:62:f6:7d:e7:6b:07:db:ef:80:10:a2:17:12:
ad:5b:ef:d3:2e:46:0a:ce:36:fe:8c:23:7a:41:81:
b9:9e:c9:7b:45:78:cd:49:ae:64:96:12:76:21:f6:
f4:24:ec:ad:77:2b:ca:3b:2d:bb:65:e2:26:c6:5b:
db:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C7:E0:43:6E:38:B2:9F:2C:74:02:77:48:58:94:DA:64:26:70:9F
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ZMfgQ244sp8sdAJ3SFiU2mQmcJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0-62.171.227.255
62.171.252.0/22
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0/17
217.179.192.0-217.180.11.255
217.180.24.0-217.180.35.255
217.180.48.0/22
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
bb:f8:b2:b3:00:49:e7:6c:c1:d0:43:d1:dd:81:ce:47:92:4f:
34:66:cb:a5:1a:86:a5:5c:84:08:c6:ed:1d:29:16:e4:85:63:
4b:c8:88:b6:b2:dc:80:cf:87:11:5b:c8:e2:45:85:2f:99:45:
d9:c3:64:0d:2d:6b:da:23:94:09:77:dd:74:85:80:35:39:5b:
28:27:a6:82:be:5c:07:f6:be:9d:42:86:39:99:be:39:8f:e6:
12:33:43:43:11:20:2a:1e:ef:64:20:d6:fb:a4:0c:2e:7c:ae:
f9:50:60:01:2b:6b:3b:8f:3a:02:41:cc:9c:25:d2:e0:a5:05:
eb:8a:a1:b1:a2:ed:ea:5b:a2:b5:ca:67:99:60:8f:8c:dc:0b:
3b:ba:81:db:34:32:88:14:bd:c3:ed:9a:72:f6:bb:19:7f:18:
cd:af:4f:73:eb:21:f0:05:30:1d:53:f9:fd:93:e4:8a:ad:56:
b0:1f:cc:ce:03:52:cf:5e:84:d6:01:d1:19:e4:58:7a:e9:e3:
55:fb:2a:ba:2c:ae:91:b9:59:e7:fb:92:1c:5d:4a:00:27:21:
7b:bb:f5:6f:16:e6:ae:08:5c:9c:4a:76:dd:95:d5:d7:d5:97:
14:85:79:79:f9:d9:c5:e6:0e:3f:2c:f7:71:8e:f5:31:dc:d3:
15:e1:a3:01
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZHdzaqBpZBsMtoKJtHlItFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwOTEwMjExODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM3ZTA0MzZlMzhiMjlmMmM3NDAyNzc0ODU4OTRkYTY0MjY3MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHpl5Rpm1zCw6HVdZFZRUsVo2m/e
W1R47ObHju4THwPFRTC5pvR0LqDc9kQeQ+92AgVQpP9VBlWnAekE66kXvpNSsaBj
Rk4f44nGlEzva2fYbDSklcAq1MPb9ewiDHVl6qe+gTSSj9Xnme7sGleD77U3KL4w
9QtBKEukzcitnU4sA4QZgHfK5wCHKRGwoiDvjdnCHvaYrwKN5kHwxI31uXcRI2f5
D0ltcHaZQukHsAtiUW++v0kCis17L8uVMZLsIlwx/2L2fedrB9vvgBCiFxKtW+/T
LkYKzjb+jCN6QYG5nsl7RXjNSa5klhJ2Ifb0JOytdyvKOy27ZeImxlvbrwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFGTH4ENuOLKfLHQCd0hYlNpkJnCfMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvWk1mZ1EyNDRzcDhzZEFKM1NGaVUybVFtY0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2MAwDBAY+
q8ADBAI+q+ADBAI+q/wDBAK5wOQDBAXCmgAwDAMEBcLuIAMEBcLuQAMEBtUSwDAL
AwMA2bEDBAXZsUADBAfZswAwDAMEBtmzwAMEAtm0CDAMAwQD2bQYAwQC2bQgAwQC
2bQwMAsDAwDZtQMEBdm1QDANBAIAAjAHAwUAKgIPsDANBgkqhkiG9w0BAQsFAAOC
AQEAu/iyswBJ52zB0EPR3YHOR5JPNGbLpRqGpVyECMbtHSkW5IVjS8iItrLcgM+H
EVvI4kWFL5lF2cNkDS1r2iOUCXfddIWANTlbKCemgr5cB/a+nUKGOZm+OY/mEjND
QxEgKh7vZCDW+6QMLnyu+VBgAStrO486AkHMnCXS4KUF64qhsaLt6luitcpnmWCP
jNwLO7qB2zQyiBS9w+2acva7GX8Yza9Pc+sh8AUwHVP5/ZPkiq1WsB/MzgNSz16E
1gHRGeRYeunjVfsquiyukblZ5/uSHF1KACche7v1bxbmrghcnEp23ZXV19WXFIV5
efnZxeYOPyz3cY71MdzTFeGjAQ==
-----END CERTIFICATE-----
Generated at Fri Sep 20 03:04:12 2024 by rpki-client on console-ams.rpki-client.org