Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ctkL-9i1zo5gQfOQLsuZc0j5XME.roa
File: ctkL-9i1zo5gQfOQLsuZc0j5XME.roa (raw, json)
Hash identifier: rQ6tEbTyIeG+GUx+GO6TYzhggWhBL9m45FCLNAT05ws=
Subject key identifier: 72:D9:0B:FB:D8:B5:CE:8E:60:41:F3:90:2E:CB:99:73:48:F9:5C:C1
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 018EA972C1D05892F785129C70FB627B29E6
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ctkL-9i1zo5gQfOQLsuZc0j5XME.roa
Signing time: Thu 04 Apr 2024 14:10:53 +0000
ROA not before: Thu 04 Apr 2024 14:10:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5503
IP address blocks: 62.171.192.0/18 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/18 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 21:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:72:c1:d0:58:92:f7:85:12:9c:70:fb:62:7b:29:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 4 14:10:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72d90bfbd8b5ce8e6041f3902ecb997348f95cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ba:8e:74:9b:28:71:8d:dd:e9:74:f4:48:74:
22:b7:8d:90:df:ac:ff:4d:6b:2b:56:79:79:bb:4f:
43:c8:07:1a:15:35:c6:4d:b0:b5:49:af:52:5b:58:
2b:61:65:5d:0d:b7:17:82:fc:5e:49:dd:19:66:ac:
62:1c:ea:cc:90:bb:36:48:6f:db:51:2e:be:90:5a:
71:f1:85:e6:f0:cb:0e:10:01:f3:9d:7f:10:58:35:
2b:de:73:5e:34:63:21:ab:e2:d1:b9:0d:78:5f:a6:
6f:a4:73:14:c9:5b:f5:a9:fb:04:1b:a0:27:79:a7:
d8:6b:ac:19:9c:53:05:53:88:db:41:33:59:00:05:
40:6d:b3:a9:07:07:b6:db:ed:7d:ba:a7:91:bb:7f:
2f:70:fb:25:25:e5:18:bb:44:d2:81:9f:b3:05:dc:
e5:e2:8a:e4:73:a4:c7:9a:34:fe:f0:a4:a1:f5:97:
3a:f0:85:e7:a8:a7:1e:f8:53:2b:ed:be:45:43:39:
e4:b9:a5:ae:22:be:2b:bb:b9:b8:ce:ce:6b:a1:bc:
ba:c7:4d:d8:69:9c:e7:06:1f:aa:53:3b:73:db:d0:
19:af:64:26:15:af:58:af:c5:d6:ac:69:5c:fb:d7:
ca:97:18:9d:30:5e:fb:b3:7c:d4:02:3b:99:7f:c8:
b6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D9:0B:FB:D8:B5:CE:8E:60:41:F3:90:2E:CB:99:73:48:F9:5C:C1
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ctkL-9i1zo5gQfOQLsuZc0j5XME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0/17
217.179.192.0-217.180.63.255
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
96:49:e1:fd:92:b0:02:41:0f:54:d9:26:0f:fb:32:ab:9c:48:
0d:c6:44:69:72:89:cc:b5:d8:c5:12:33:88:71:81:b6:ac:65:
7b:1a:a0:e8:a4:1e:94:5e:21:31:15:1e:4b:4c:33:0d:4f:5f:
68:af:66:d9:69:a2:a6:1e:b5:9b:85:a5:c0:70:97:4d:71:98:
5b:0e:ab:61:ad:a6:f5:5d:bd:ef:87:5a:b2:03:73:23:6b:d2:
fa:e7:b7:bb:f0:29:58:cd:b0:ac:78:99:29:f8:a4:aa:ea:4f:
d3:5a:6e:73:b3:df:64:8e:c2:5b:66:75:29:af:b1:33:54:5f:
cc:12:7a:71:fa:d3:c7:f1:45:83:9a:b7:a8:cb:10:8b:1a:7f:
da:7e:9e:33:8a:56:b0:0b:bd:3f:63:ab:38:59:53:84:9e:b5:
e9:f6:eb:d5:1e:9a:28:a5:d5:b3:dc:ad:50:3f:ae:2a:27:f7:
36:fd:69:2e:1d:6c:45:e6:15:00:ea:4e:e4:6f:61:ed:ee:89:
7d:7e:a4:14:68:a0:1e:c5:da:ea:87:10:fe:f3:a1:8b:fc:ed:
b0:18:78:8c:3b:d3:f3:b0:44:df:44:3e:d7:fd:a8:c0:33:db:
0a:81:7b:c9:43:3c:86:66:26:bb:54:97:3c:f5:78:c4:e4:02:
80:a7:a9:3d
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY6pcsHQWJL3hRKccPtieynmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwNDA0MTQxMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ5MGJmYmQ4YjVjZThlNjA0MWYzOTAyZWNiOTk3MzQ4Zjk1Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbqOdJsocY3d6XT0SHQit42Q36z/
TWsrVnl5u09DyAcaFTXGTbC1Sa9SW1grYWVdDbcXgvxeSd0ZZqxiHOrMkLs2SG/b
US6+kFpx8YXm8MsOEAHznX8QWDUr3nNeNGMhq+LRuQ14X6ZvpHMUyVv1qfsEG6An
eafYa6wZnFMFU4jbQTNZAAVAbbOpBwe22+19uqeRu38vcPslJeUYu0TSgZ+zBdzl
4orkc6THmjT+8KSh9Zc68IXnqKce+FMr7b5FQznkuaWuIr4ru7m4zs5roby6x03Y
aZznBh+qUztz29AZr2QmFa9Yr8XWrGlc+9fKlxidMF77s3zUAjuZf8i2mwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFHLZC/vYtc6OYEHzkC7LmXNI+VzBMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvY3RrTC05aTF6bzVnUWZPUUxzdVpjMGo1WE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQGPqvAAwQC
ucDkAwQFwpoAMAwDBAXC7iADBAXC7kADBAbVEsAwCwMDANmxAwQF2bFAAwQH2bMA
MAwDBAbZs8ADBAbZtAAwCwMDANm1AwQF2bVAMA0EAgACMAcDBQAqAg+wMA0GCSqG
SIb3DQEBCwUAA4IBAQCWSeH9krACQQ9U2SYP+zKrnEgNxkRpconMtdjFEjOIcYG2
rGV7GqDopB6UXiExFR5LTDMNT19or2bZaaKmHrWbhaXAcJdNcZhbDqthrab1Xb3v
h1qyA3Mja9L657e78ClYzbCseJkp+KSq6k/TWm5zs99kjsJbZnUpr7EzVF/MEnpx
+tPH8UWDmreoyxCLGn/afp4zilawC70/Y6s4WVOEnrXp9uvVHpoopdWz3K1QP64q
J/c2/WkuHWxF5hUA6k7kb2Ht7ol9fqQUaKAexdrqhxD+86GL/O2wGHiMO9PzsETf
RD7X/ajAM9sKgXvJQzyGZia7VJc89XjE5AKAp6k9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:08 2024 by rpki-client on console-fra.rpki-client.org