Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/vW0dXUXW5S24dhMi6cLUr1lZLbE.roa
File: vW0dXUXW5S24dhMi6cLUr1lZLbE.roa (raw, json)
Hash identifier: /S77G6lfP23Pt0cyFzU+o8a+lvk/LtC+l8IweIwBsF4=
Subject key identifier: BD:6D:1D:5D:45:D6:E5:2D:B8:76:13:22:E9:C2:D4:AF:59:59:2D:B1
Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Certificate serial: 018CC5DC43C5D0C1CACD79582F0D3CC1C027
Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/vW0dXUXW5S24dhMi6cLUr1lZLbE.roa
Signing time: Mon 01 Jan 2024 16:29:55 +0000
ROA not before: Mon 01 Jan 2024 16:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8339
IP address blocks: 202.170.80.0/21 maxlen: 24
82.149.96.0/19 maxlen: 24
195.202.128.0/19 maxlen: 24
62.40.128.0/17 maxlen: 24
178.18.160.0/20 maxlen: 24
94.16.32.0/19 maxlen: 24
185.100.96.0/22 maxlen: 24
95.143.224.0/20 maxlen: 24
195.230.160.0/19 maxlen: 24
82.218.0.0/16 maxlen: 24
194.106.224.0/19 maxlen: 24
89.104.0.0/19 maxlen: 24
195.202.160.0/19 maxlen: 24
92.62.16.0/20 maxlen: 24
81.217.0.0/16 maxlen: 24
2a00:1b38::/32 maxlen: 32
2a02:e200::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 13 Aug 2024 04:44:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:43:c5:d0:c1:ca:cd:79:58:2f:0d:3c:c1:c0:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Validity
Not Before: Jan 1 16:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd6d1d5d45d6e52db8761322e9c2d4af59592db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:70:a0:46:30:a9:89:42:8d:c2:26:cf:35:15:
15:f1:1c:9e:8e:43:b0:ff:51:60:8b:b1:ec:cb:61:
5d:16:1d:43:6a:db:c7:7f:04:c2:9d:7f:cc:ea:92:
1f:f7:04:7e:8a:98:63:d7:d7:54:85:fb:19:b4:3f:
2f:11:9c:ec:a9:cf:8f:a6:63:c0:bb:7f:bd:3b:e7:
18:47:21:32:c6:59:f6:0e:bd:7c:86:60:79:52:bc:
c8:43:c9:0f:e0:95:72:c1:b9:23:d1:21:53:f2:12:
6c:3d:0f:da:0b:d0:ed:8c:d0:f2:7a:17:ef:47:97:
d7:d2:47:90:a8:44:c2:4f:d4:09:e0:76:a3:27:90:
8b:b1:73:2d:90:bd:63:f3:f5:25:52:81:26:f6:ce:
f9:5f:f5:79:3b:97:16:68:5f:0e:ed:81:a6:37:8c:
e4:ab:03:8d:81:66:4c:70:ff:00:05:9f:01:20:56:
bf:df:90:8a:db:bf:61:aa:97:a2:36:cc:38:b0:ab:
ff:9f:61:13:27:62:14:59:30:d4:b7:47:7c:ec:1c:
e7:96:fa:ef:33:74:6d:e7:7d:35:e9:c4:f1:f3:4b:
2f:aa:03:c2:81:40:d5:c4:43:6a:ad:b7:83:d3:19:
ed:a0:19:94:49:0a:f0:a5:60:82:b6:0f:59:2d:0d:
d4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6D:1D:5D:45:D6:E5:2D:B8:76:13:22:E9:C2:D4:AF:59:59:2D:B1
X509v3 Authority Key Identifier:
keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/vW0dXUXW5S24dhMi6cLUr1lZLbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.128.0/17
81.217.0.0/16
82.149.96.0/19
82.218.0.0/16
89.104.0.0/19
92.62.16.0/20
94.16.32.0/19
95.143.224.0/20
178.18.160.0/20
185.100.96.0/22
194.106.224.0/19
195.202.128.0/18
195.230.160.0/19
202.170.80.0/21
IPv6:
2a00:1b38::/32
2a02:e200::/30
Signature Algorithm: sha256WithRSAEncryption
a0:70:ce:f2:65:32:3a:06:6b:78:70:ae:50:ba:e5:70:c7:02:
4e:6b:c9:fd:70:74:d4:1b:ee:7f:7d:68:65:2d:ce:f1:13:61:
2a:5c:fc:26:0f:09:bd:89:db:99:4f:eb:6e:1d:eb:f5:9f:89:
22:e5:aa:0c:ee:e9:d6:e0:3b:c2:73:42:a0:d9:f5:f7:4f:38:
c5:38:f9:a3:fd:ab:c4:e5:d1:5c:8b:5f:08:a5:a8:66:77:a2:
bc:ce:9c:65:c4:87:4b:5f:cb:2c:4d:96:0f:8b:67:6c:ae:24:
07:b9:a2:32:07:33:9d:40:b4:d6:f2:40:7a:d8:ac:8e:29:7d:
45:04:53:a0:1d:25:9a:9c:7e:71:8e:cf:c0:bd:3b:16:4c:bc:
26:65:2c:b5:5a:0d:73:b0:67:b7:0f:e9:ef:9e:71:ea:9f:95:
f7:1b:eb:c1:04:d7:26:51:48:03:b7:4c:47:a9:40:e6:c1:8e:
4c:84:e2:ca:18:22:11:2d:f9:a0:31:99:bd:d5:67:32:4b:16:
f3:42:c8:b0:3c:b4:9c:da:0b:dc:50:05:cd:fc:b3:0c:be:06:
dc:4a:9c:23:cd:87:2f:61:78:c4:06:78:b8:b0:59:51:8d:9d:
fc:6b:8a:3b:9c:31:05:88:55:0c:b0:98:d8:b2:bd:b4:07:05:
9c:0d:fb:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYzF3EPF0MHKzXlYLw08wcAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZjFjODg0MmU3Y2Y4OTFiMjM0ZDNhMWUwZTJlMGVmNzNl
ODQyYWEwHhcNMjQwMTAxMTYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZkMWQ1ZDQ1ZDZlNTJkYjg3NjEzMjJlOWMyZDRhZjU5NTkyZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXCgRjCpiUKNwibPNRUV8RyejkOw
/1Fgi7Hsy2FdFh1DatvHfwTCnX/M6pIf9wR+iphj19dUhfsZtD8vEZzsqc+PpmPA
u3+9O+cYRyEyxln2Dr18hmB5UrzIQ8kP4JVywbkj0SFT8hJsPQ/aC9DtjNDyehfv
R5fX0keQqETCT9QJ4HajJ5CLsXMtkL1j8/UlUoEm9s75X/V5O5cWaF8O7YGmN4zk
qwONgWZMcP8ABZ8BIFa/35CK279hqpeiNsw4sKv/n2ETJ2IUWTDUt0d87Bznlvrv
M3Rt53016cTx80svqgPCgUDVxENqrbeD0xntoBmUSQrwpWCCtg9ZLQ3UkwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFL1tHV1F1uUtuHYTIunC1K9ZWS2xMB8GA1UdIwQY
MBaAFNLxyIQufPiRsjTToeDi4O9z6EKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUt
YTE5NDQ0ZjdhMzM3LzEvdlcwZFhVWFc1UzI0ZGhNaTZjTFVyMWxaTGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUtYTE5NDQ0ZjdhMzM3
LzEvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwWAQCAAEwUgMEBz4ogAMD
AFHZAwQFUpVgAwMAUtoDBAVZaAADBARcPhADBAVeECADBARfj+ADBASyEqADBAK5
ZGADBAXCauADBAbDyoADBAXD5qADBAPKqlAwFAQCAAIwDgMFACoAGzgDBQIqAuIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgcM7yZTI6Bmt4cK5QuuVwxwJOa8n9cHTUG+5/
fWhlLc7xE2EqXPwmDwm9iduZT+tuHev1n4ki5aoM7unW4DvCc0Kg2fX3TzjFOPmj
/avE5dFci18Ipahmd6K8zpxlxIdLX8ssTZYPi2dsriQHuaIyBzOdQLTW8kB62KyO
KX1FBFOgHSWanH5xjs/AvTsWTLwmZSy1Wg1zsGe3D+nvnnHqn5X3G+vBBNcmUUgD
t0xHqUDmwY5MhOLKGCIRLfmgMZm91WcySxbzQsiwPLSc2gvcUAXN/LMMvgbcSpwj
zYcvYXjEBni4sFlRjZ38a4o7nDEFiFUMsJjYsr20BwWcDfse
-----END CERTIFICATE-----
Generated at Tue Aug 13 06:55:10 2024 by rpki-client on console-ams.rpki-client.org