Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/L-XB2GwhxDZh6YD64B0Sv_agfPs.roa
File: L-XB2GwhxDZh6YD64B0Sv_agfPs.roa (raw, json)
Hash identifier: GgFAimRmkjyA8OzP50Qd3zkvt7P7KmKB61LQd7ZMB9c=
Subject key identifier: 2F:E5:C1:D8:6C:21:C4:36:61:E9:80:FA:E0:1D:12:BF:F6:A0:7C:FB
Certificate issuer: /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial: 01937D8EC96FE1AD7933A6AFE4704706853A
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/L-XB2GwhxDZh6YD64B0Sv_agfPs.roa
Signing time: Sat 30 Nov 2024 14:52:09 +0000
ROA not before: Sat 30 Nov 2024 14:52:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210513
IP address blocks: 62.3.56.0/24 maxlen: 24
185.65.255.0/24 maxlen: 24
2a12:100:1a::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Dec 2024 19:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7d:8e:c9:6f:e1:ad:79:33:a6:af:e4:70:47:06:85:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Validity
Not Before: Nov 30 14:52:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fe5c1d86c21c43661e980fae01d12bff6a07cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1b:d1:2f:17:8c:5a:1e:f7:2f:ec:5c:2b:2d:
cf:5c:3b:26:1e:c3:fd:20:1d:da:94:78:1f:ae:d2:
01:a8:3d:7b:9b:85:f0:80:46:24:52:76:87:1a:41:
79:b6:cf:a6:fd:c0:7e:f6:cb:b9:61:85:ab:43:b4:
fa:93:58:ab:b2:ee:ce:f8:e3:b9:d4:24:6f:ad:53:
68:1d:fb:ef:20:40:29:3b:a8:29:da:fb:a8:90:02:
50:02:36:76:4b:d4:77:4e:cd:45:b6:e8:86:35:6a:
6f:99:07:a9:93:fd:95:98:c9:7c:a4:41:02:bc:f6:
2d:ab:3b:5f:c3:e4:cd:9f:6e:e3:4a:e6:93:00:0d:
37:41:02:9e:63:8f:07:b4:83:9a:31:38:a3:8d:bf:
76:9f:aa:a7:c8:67:6b:dc:ea:c4:2c:5d:e7:33:21:
5c:09:7f:89:bc:75:14:5f:81:44:01:7d:f2:ce:63:
62:7d:3e:92:4c:99:eb:5a:99:c6:9c:aa:7c:1e:8e:
95:6b:95:99:9c:59:81:45:1a:62:75:9f:17:08:ff:
1f:00:f3:be:a4:05:6c:62:5d:a1:94:46:a7:35:6e:
e9:41:05:81:33:d8:88:7a:27:10:02:bf:68:32:90:
56:5b:f8:f4:58:eb:73:5a:9f:4e:97:03:d0:86:26:
e8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E5:C1:D8:6C:21:C4:36:61:E9:80:FA:E0:1D:12:BF:F6:A0:7C:FB
X509v3 Authority Key Identifier:
keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/L-XB2GwhxDZh6YD64B0Sv_agfPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.56.0/24
185.65.255.0/24
IPv6:
2a12:100:1a::/48
Signature Algorithm: sha256WithRSAEncryption
90:99:1b:bc:fc:26:1c:26:3c:c5:43:22:14:cf:10:d1:21:fb:
d6:55:6c:29:29:97:3e:55:25:64:e7:df:95:b4:43:11:02:4d:
f6:0b:96:71:25:44:fe:b4:7a:c6:be:85:c7:ed:66:dc:2a:04:
90:09:fe:a1:62:05:59:e6:9c:d8:e0:77:14:b4:33:40:c0:e2:
c6:c0:da:b8:af:8c:02:70:c6:92:8b:2c:cb:6b:5d:03:db:0c:
00:17:8a:92:d0:0a:b9:fe:3f:1f:25:e0:b9:da:e3:59:44:b1:
61:65:73:2b:8b:36:9d:f2:26:62:18:f9:1f:4e:8d:f2:4b:00:
02:0b:f6:17:d6:cc:53:cd:51:92:e5:18:24:69:9e:c1:08:2e:
a1:09:a4:de:f4:b2:79:c1:c2:4d:5e:44:4e:27:38:05:ac:87:
dd:a6:27:dd:c7:99:09:a7:51:ce:bd:43:b7:8e:e8:18:b5:46:
0e:df:f3:e7:31:53:da:e0:bc:ab:74:43:45:b6:ba:50:78:6f:
49:ae:dc:d6:3d:94:e4:5c:3e:d5:da:95:f0:29:92:86:c4:5b:
2d:d3:8d:c8:a2:a3:6b:ea:af:89:07:50:23:e0:00:85:49:41:
71:e9:77:7e:2f:77:5d:23:dd:1a:62:53:a2:5d:b7:dd:fc:a3:
9a:d7:db:bb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZN9jslv4a15M6av5HBHBoU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjQxMTMwMTQ1MjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmU1YzFkODZjMjFjNDM2NjFlOTgwZmFlMDFkMTJiZmY2YTA3Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xvRLxeMWh73L+xcKy3PXDsmHsP9
IB3alHgfrtIBqD17m4XwgEYkUnaHGkF5ts+m/cB+9su5YYWrQ7T6k1irsu7O+OO5
1CRvrVNoHfvvIEApO6gp2vuokAJQAjZ2S9R3Ts1FtuiGNWpvmQepk/2VmMl8pEEC
vPYtqztfw+TNn27jSuaTAA03QQKeY48HtIOaMTijjb92n6qnyGdr3OrELF3nMyFc
CX+JvHUUX4FEAX3yzmNifT6STJnrWpnGnKp8Ho6Va5WZnFmBRRpidZ8XCP8fAPO+
pAVsYl2hlEanNW7pQQWBM9iIeicQAr9oMpBWW/j0WOtzWp9OlwPQhiborQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC/lwdhsIcQ2YemA+uAdEr/2oHz7MB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEvTC1YQjJHd2h4RFpoNllENjRCMFN2X2FnZlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAPgM4AwQA
uUH/MA8EAgACMAkDBwAqEgEAABowDQYJKoZIhvcNAQELBQADggEBAJCZG7z8Jhwm
PMVDIhTPENEh+9ZVbCkplz5VJWTn35W0QxECTfYLlnElRP60esa+hcftZtwqBJAJ
/qFiBVnmnNjgdxS0M0DA4sbA2rivjAJwxpKLLMtrXQPbDAAXipLQCrn+Px8l4Lna
41lEsWFlcyuLNp3yJmIY+R9OjfJLAAIL9hfWzFPNUZLlGCRpnsEILqEJpN70snnB
wk1eRE4nOAWsh92mJ93HmQmnUc69Q7eO6Bi1Rg7f8+cxU9rgvKt0Q0W2ulB4b0mu
3NY9lORcPtXalfApkobEWy3Tjciio2vqr4kHUCPgAIVJQXHpd34vd10j3RpiU6Jd
t938o5rX27s=
-----END CERTIFICATE-----
Generated at Tue Apr 15 06:07:13 2025 by rpki-client