Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gdMVm6nKpxBMSDWjO455IheEKY.roa
File: 6gdMVm6nKpxBMSDWjO455IheEKY.roa (raw, json)
Hash identifier: +3Qpu9kVAdeKOaHvOjTrZt3Iy/4iDT606XZIH1S9qwg=
Subject key identifier: EA:07:4C:56:6E:A7:2A:9C:41:31:20:D6:8C:EE:39:E4:88:5E:10:A6
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018570796E98473DAD0B1705409F5C1F7105
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gdMVm6nKpxBMSDWjO455IheEKY.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 62.100.220.0/22 maxlen: 22
185.71.220.0/22 maxlen: 22
157.97.145.0/24 maxlen: 24
185.92.27.0/24 maxlen: 24
93.188.68.0/22 maxlen: 22
62.100.192.0/22 maxlen: 22
62.100.196.0/22 maxlen: 24
62.100.200.0/22 maxlen: 24
62.100.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6e:98:47:3d:ad:0b:17:05:40:9f:5c:1f:71:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea074c566ea72a9c413120d68cee39e4885e10a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d2:e2:d9:af:b7:f2:3d:18:51:e8:c6:3f:0e:
fe:00:89:f2:8c:a5:6d:13:5d:a7:43:f8:a2:19:cb:
6a:84:3a:e9:ba:81:02:b1:ec:bd:17:a3:ce:86:23:
0a:28:af:f4:c1:fe:d6:3f:f9:c7:59:d9:e2:50:56:
6a:13:e4:2d:98:16:67:29:a2:0f:b6:af:5b:a4:05:
1c:16:38:ae:13:32:ea:78:17:7b:be:a9:d3:38:30:
d9:e9:f7:3d:8c:a3:50:45:eb:74:a5:14:15:d7:ea:
aa:6a:77:eb:ee:e8:ed:9b:fc:d0:9a:55:28:48:d1:
de:df:5a:44:8b:22:15:24:ec:bc:11:dc:e2:3f:c3:
e2:01:e3:33:93:e7:30:43:ba:71:19:81:5d:86:87:
ed:20:d1:88:4d:79:22:be:29:fe:88:39:9c:53:06:
ea:ae:fe:a6:d3:3e:92:02:dd:3d:08:5b:18:27:34:
02:85:e9:f0:e0:ac:0f:bf:c3:86:df:bd:1f:35:cd:
ed:1a:06:52:a8:aa:39:a3:ff:1b:bc:cc:e1:01:ab:
e3:ef:f7:84:c2:f0:c2:55:35:40:7d:5a:8f:a8:51:
a6:f1:be:d8:64:20:76:1e:51:27:ff:2e:71:25:0d:
0b:60:fc:4e:30:d1:cf:38:ad:ad:f7:dd:a4:52:6b:
2a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:07:4C:56:6E:A7:2A:9C:41:31:20:D6:8C:EE:39:E4:88:5E:10:A6
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gdMVm6nKpxBMSDWjO455IheEKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.192.0-62.100.203.255
62.100.212.0/22
62.100.220.0/22
93.188.68.0/22
157.97.145.0/24
185.71.220.0/22
185.92.27.0/24
Signature Algorithm: sha256WithRSAEncryption
54:03:56:13:11:e6:b3:25:2c:38:94:4f:c9:e5:4b:f0:83:4a:
d3:00:cc:2d:b3:c1:63:c3:60:b2:91:d1:dd:0d:62:03:5b:30:
13:4c:50:e5:bb:ad:ec:b3:08:8d:61:e6:54:d6:0b:72:3d:1c:
fa:73:c1:ad:d7:26:73:b1:8e:c1:94:44:3d:99:d7:b1:b4:77:
17:58:4a:ac:7b:e2:fb:f0:29:13:35:7f:cf:8e:0d:70:31:c2:
5d:81:58:80:97:e4:00:7f:dd:f1:00:72:3c:75:ee:03:63:ce:
6f:6c:5d:77:8f:a2:3d:f6:11:17:87:71:ae:37:2a:9f:7b:03:
9a:c3:bb:08:58:22:a6:b9:7f:8e:7c:e9:41:38:a2:d0:08:1e:
ab:61:4b:e3:9a:ca:db:7b:b3:b3:e6:2d:96:5a:68:86:a9:a4:
19:b8:f2:aa:c3:f4:4e:5e:b9:bd:88:d1:ae:d6:c2:b9:75:5f:
d0:93:f7:79:10:ae:64:bf:0b:dc:5a:8b:34:9f:02:75:ec:0b:
3f:22:5b:e5:57:32:fa:e2:cc:d3:6e:ae:7e:26:f3:79:50:3d:
ec:b0:76:23:53:c7:77:32:38:2e:01:c0:7c:ba:f5:1b:1d:03:
b9:19:c6:5a:43:28:79:46:f8:d4:ee:af:f1:76:7d:0c:fb:65:
37:11:0f:e8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVweW6YRz2tCxcFQJ9cH3EFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTA3NGM1NjZlYTcyYTljNDEzMTIwZDY4Y2VlMzllNDg4NWUxMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tLi2a+38j0YUejGPw7+AInyjKVt
E12nQ/iiGctqhDrpuoECsey9F6POhiMKKK/0wf7WP/nHWdniUFZqE+QtmBZnKaIP
tq9bpAUcFjiuEzLqeBd7vqnTODDZ6fc9jKNQRet0pRQV1+qqanfr7ujtm/zQmlUo
SNHe31pEiyIVJOy8EdziP8PiAeMzk+cwQ7pxGYFdhoftINGITXkivin+iDmcUwbq
rv6m0z6SAt09CFsYJzQChenw4KwPv8OG370fNc3tGgZSqKo5o/8bvMzhAavj7/eE
wvDCVTVAfVqPqFGm8b7YZCB2HlEn/y5xJQ0LYPxOMNHPOK2t992kUmsqdwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOoHTFZupyqcQTEg1ozuOeSIXhCmMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvNmdkTVZtNm5LcHhCTVNEV2pPNDU1SWhlRUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAY+ZMAD
BAI+ZMgDBAI+ZNQDBAI+ZNwDBAJdvEQDBACdYZEDBAK5R9wDBAC5XBswDQYJKoZI
hvcNAQELBQADggEBAFQDVhMR5rMlLDiUT8nlS/CDStMAzC2zwWPDYLKR0d0NYgNb
MBNMUOW7reyzCI1h5lTWC3I9HPpzwa3XJnOxjsGURD2Z17G0dxdYSqx74vvwKRM1
f8+ODXAxwl2BWICX5AB/3fEAcjx17gNjzm9sXXePoj32EReHca43Kp97A5rDuwhY
Iqa5f4586UE4otAIHqthS+Oaytt7s7PmLZZaaIappBm48qrD9E5eub2I0a7Wwrl1
X9CT93kQrmS/C9xaizSfAnXsCz8iW+VXMvrizNNurn4m83lQPeywdiNTx3cyOC4B
wHy69RsdA7kZxlpDKHlG+NTur/F2fQz7ZTcRD+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:19 2024 by rpki-client on console-fra.rpki-client.org