Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gveebrIAwyBvR6ojtCS-TSvbSY.roa
File: 6gveebrIAwyBvR6ojtCS-TSvbSY.roa (raw, json)
Hash identifier: sDSA6NMXd+n9imZvht0Rolg6h87Tq+9f4ZaTUA8ObzY=
Subject key identifier: EA:0B:DE:79:BA:C8:03:0C:81:BD:1E:A8:8E:D0:92:F9:34:AF:6D:26
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018CC500DEEAB5B709D55CA2C89ED9342729
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gveebrIAwyBvR6ojtCS-TSvbSY.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 62.100.220.0/22 maxlen: 22
185.71.220.0/22 maxlen: 22
157.97.145.0/24 maxlen: 24
185.92.27.0/24 maxlen: 24
93.188.68.0/22 maxlen: 22
62.100.192.0/22 maxlen: 22
62.100.196.0/22 maxlen: 24
62.100.200.0/22 maxlen: 24
62.100.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 18 Sep 2024 12:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:de:ea:b5:b7:09:d5:5c:a2:c8:9e:d9:34:27:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea0bde79bac8030c81bd1ea88ed092f934af6d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:12:7a:cd:1f:79:f9:20:47:56:7c:2e:ec:a4:
dd:13:90:90:4d:66:65:ce:51:20:9d:14:82:6c:1a:
22:80:a8:a1:3a:95:2c:ce:7f:71:3b:00:dc:ca:dc:
6d:68:44:f2:60:cc:13:e9:8c:97:20:29:da:22:4f:
ba:6f:88:9b:9e:fe:a5:2c:86:95:37:dd:09:34:2e:
bf:15:6c:f9:f6:8e:82:43:0b:f7:de:e2:23:dc:8d:
01:01:6c:6a:25:ee:1b:fd:f6:59:29:08:81:1b:96:
30:45:b1:f4:74:2a:b0:b1:24:8f:a1:05:a7:a4:dd:
2a:0f:44:5e:10:a0:4c:75:54:97:be:ce:cc:fc:7b:
e0:9c:67:fc:d5:40:08:ab:aa:83:e5:10:af:e0:ab:
32:9f:83:66:53:7d:9f:f4:5d:a6:05:05:39:78:20:
e8:1c:d0:80:1f:be:71:a7:32:d3:ee:8f:06:f6:10:
16:70:1e:24:fc:45:30:5b:94:d0:84:b6:60:34:ce:
fc:b2:08:d6:f0:c1:b6:d5:1a:4b:41:c7:6e:e7:53:
3a:37:fa:4b:ca:7a:00:03:37:3e:94:19:72:36:6a:
78:f1:6c:cd:1c:2f:aa:00:e7:37:3e:0b:14:ab:0f:
fd:37:e0:c7:7c:9b:cb:61:9b:89:88:6b:49:a0:f4:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0B:DE:79:BA:C8:03:0C:81:BD:1E:A8:8E:D0:92:F9:34:AF:6D:26
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gveebrIAwyBvR6ojtCS-TSvbSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.192.0-62.100.203.255
62.100.212.0/22
62.100.220.0/22
93.188.68.0/22
157.97.145.0/24
185.71.220.0/22
185.92.27.0/24
Signature Algorithm: sha256WithRSAEncryption
01:5a:44:be:0e:8d:f0:f7:82:f5:a6:56:c2:03:2b:55:60:ef:
d9:be:55:ae:c5:c9:65:f6:c8:4e:ea:fd:fe:46:8b:6a:81:4e:
1d:6f:45:da:03:d0:cd:df:12:54:c9:64:5e:f2:c5:46:b2:92:
8f:6c:a0:9e:51:3e:75:4b:d3:4b:f6:f5:89:ac:8f:b4:04:6f:
6f:6c:b5:f1:9b:e0:5e:1f:f9:98:4f:0f:67:cc:74:95:ac:24:
cf:46:91:fd:86:dd:7d:89:1c:e6:48:bb:08:38:ee:ba:21:ed:
f9:0b:e0:ea:aa:0c:ff:a0:22:96:e3:ac:85:bd:c4:72:9a:ed:
0c:31:8b:d2:a2:c4:d1:7b:d9:66:8d:5f:7a:42:b0:25:eb:4c:
a7:c8:07:f1:99:b0:f7:21:67:87:a3:29:9c:72:af:fc:70:8a:
83:8a:df:98:4f:02:cd:34:27:4a:1c:44:dd:6f:92:ce:68:2a:
f2:2d:e1:4b:7e:13:4a:39:39:c0:c9:40:7e:5d:fd:b6:ac:17:
b8:7d:62:dc:b5:8b:f7:79:c8:ad:0b:cd:5a:d9:97:e8:b4:47:
23:d7:30:46:b8:8c:e4:16:58:f9:38:3e:70:3c:c0:84:45:92:
0f:26:2f:d4:02:31:d3:2b:07:53:db:fe:52:f5:b0:98:a8:db:
cf:d2:d9:da
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFAN7qtbcJ1VyiyJ7ZNCcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTBiZGU3OWJhYzgwMzBjODFiZDFlYTg4ZWQwOTJmOTM0YWY2ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RJ6zR95+SBHVnwu7KTdE5CQTWZl
zlEgnRSCbBoigKihOpUszn9xOwDcytxtaETyYMwT6YyXICnaIk+6b4ibnv6lLIaV
N90JNC6/FWz59o6CQwv33uIj3I0BAWxqJe4b/fZZKQiBG5YwRbH0dCqwsSSPoQWn
pN0qD0ReEKBMdVSXvs7M/HvgnGf81UAIq6qD5RCv4Ksyn4NmU32f9F2mBQU5eCDo
HNCAH75xpzLT7o8G9hAWcB4k/EUwW5TQhLZgNM78sgjW8MG21RpLQcdu51M6N/pL
ynoAAzc+lBlyNmp48WzNHC+qAOc3PgsUqw/9N+DHfJvLYZuJiGtJoPQNqQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOoL3nm6yAMMgb0eqI7Qkvk0r20mMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvNmd2ZWVicklBd3lCdlI2b2p0Q1MtVFN2YlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAY+ZMAD
BAI+ZMgDBAI+ZNQDBAI+ZNwDBAJdvEQDBACdYZEDBAK5R9wDBAC5XBswDQYJKoZI
hvcNAQELBQADggEBAAFaRL4OjfD3gvWmVsIDK1Vg79m+Va7FyWX2yE7q/f5Gi2qB
Th1vRdoD0M3fElTJZF7yxUayko9soJ5RPnVL00v29Ymsj7QEb29stfGb4F4f+ZhP
D2fMdJWsJM9Gkf2G3X2JHOZIuwg47roh7fkL4OqqDP+gIpbjrIW9xHKa7Qwxi9Ki
xNF72WaNX3pCsCXrTKfIB/GZsPchZ4ejKZxyr/xwioOK35hPAs00J0ocRN1vks5o
KvIt4Ut+E0o5OcDJQH5d/basF7h9Yty1i/d5yK0LzVrZl+i0RyPXMEa4jOQWWPk4
PnA8wIRFkg8mL9QCMdMrB1Pb/lL1sJio28/S2do=
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:07:30 2024 by rpki-client on console-ams.rpki-client.org