Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/fGpOTmPqV0gEWtQehwufGmFDxZI.roa
File: fGpOTmPqV0gEWtQehwufGmFDxZI.roa (raw, json)
Hash identifier: XlG2FLw52h9VgkIGUN6g+mYYxWT8qZAhdd7Tff8SV14=
Subject key identifier: 7C:6A:4E:4E:63:EA:57:48:04:5A:D4:1E:87:0B:9F:1A:61:43:C5:92
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 01857355D5599C32AE282253C53DABDB503C
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/fGpOTmPqV0gEWtQehwufGmFDxZI.roa
Signing time: Mon 02 Jan 2023 16:34:42 +0000
ROA not before: Mon 02 Jan 2023 16:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 213.200.64.0/18 maxlen: 18
141.136.96.0/20 maxlen: 20
46.33.64.0/19 maxlen: 24
213.254.192.0/18 maxlen: 24
89.149.128.0/18 maxlen: 24
213.251.0.0/18 maxlen: 24
77.67.0.0/17 maxlen: 24
185.160.40.0/22 maxlen: 22
2001:668::/29 maxlen: 29
2001:668::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Jan 2023 10:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:d5:59:9c:32:ae:28:22:53:c5:3d:ab:db:50:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 2 16:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c6a4e4e63ea5748045ad41e870b9f1a6143c592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:11:23:09:da:be:9d:11:07:e5:94:0a:43:9f:
6c:41:b2:83:f0:c5:8e:8c:ff:03:0a:8c:6a:aa:37:
ae:4d:03:e7:76:08:38:6d:70:b8:06:44:48:bc:b5:
5d:98:9b:06:e3:a7:d8:ca:6d:21:4c:2e:87:b9:f9:
4f:78:5c:14:9e:21:8a:bc:fc:59:26:10:23:c0:33:
8d:6b:69:65:74:fa:8f:a8:65:7d:43:2f:fa:c3:5d:
fc:b9:a5:4d:9e:e9:ed:2c:89:22:c2:7e:6a:ef:ad:
c1:b4:59:48:b5:33:08:90:30:78:f7:90:0c:e2:08:
17:19:c0:72:be:15:90:ed:95:e9:3d:89:62:07:f8:
04:b0:fa:40:1c:67:7b:ac:14:60:5b:0d:4d:b3:91:
73:29:3e:c4:ab:50:15:16:c3:c7:34:d1:90:8e:97:
7b:f7:9f:f7:cb:ea:6b:f3:3e:de:46:b0:39:a1:c6:
44:12:d5:53:8e:dc:ae:2f:eb:9f:3b:06:2a:42:97:
9f:d2:f7:e2:95:34:f2:47:68:9b:e8:f0:86:87:51:
7e:f5:4c:4e:78:1a:96:33:ee:36:e3:58:53:f7:9f:
a9:ec:de:2f:16:af:da:7b:72:ea:18:43:da:eb:4b:
3e:2c:4e:3f:11:ba:c2:2e:d8:b0:11:f9:46:c4:ea:
de:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6A:4E:4E:63:EA:57:48:04:5A:D4:1E:87:0B:9F:1A:61:43:C5:92
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/fGpOTmPqV0gEWtQehwufGmFDxZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
77.67.0.0/17
89.149.128.0/18
141.136.96.0/20
185.160.40.0/22
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
IPv6:
2001:668::/29
Signature Algorithm: sha256WithRSAEncryption
b9:7b:67:2b:f1:c0:22:c3:eb:41:d9:a2:56:af:e0:1e:7d:9c:
9f:c3:fc:f8:ee:d1:9b:08:10:19:8a:fa:7d:d0:22:7a:33:2b:
53:69:7d:59:a9:20:74:b1:8e:0c:87:18:8e:1c:d5:27:f4:a4:
2c:f4:62:d7:c0:1a:bf:d8:46:6a:a7:07:ca:9e:cc:ed:d1:77:
89:36:8c:d7:5b:6a:06:51:64:0d:f8:af:b0:1c:1c:22:1e:5b:
66:e4:8b:cb:83:56:1b:73:a5:32:7d:38:2c:4b:59:61:b3:75:
5f:a6:3d:db:60:e0:9e:50:33:c6:1c:db:4e:fc:83:49:6e:29:
b6:b1:57:7c:8f:7c:ce:c2:31:95:81:5c:1b:53:d6:62:f2:58:
e4:60:39:65:d5:bb:56:f5:b8:08:98:36:cb:78:39:86:b4:62:
93:23:d4:b7:b8:cd:51:c7:8b:3a:fb:8a:34:36:76:ac:eb:41:
2d:4a:0b:47:0c:2c:11:34:fa:fb:5b:64:d4:71:38:87:c6:a7:
0e:3f:a9:99:53:41:ec:c9:fd:1e:c3:c5:81:ab:f9:5a:38:43:
ec:fa:0b:76:f9:4b:8f:62:27:98:fd:ad:79:8e:c9:ac:4c:6f:
0d:d2:95:f3:53:5a:5d:49:9a:7b:61:17:68:65:1c:8c:4f:0f:
8d:a7:82:b4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVzVdVZnDKuKCJTxT2r21A8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZhNGU0ZTYzZWE1NzQ4MDQ1YWQ0MWU4NzBiOWYxYTYxNDNjNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihEjCdq+nREH5ZQKQ59sQbKD8MWO
jP8DCoxqqjeuTQPndgg4bXC4BkRIvLVdmJsG46fYym0hTC6HuflPeFwUniGKvPxZ
JhAjwDONa2lldPqPqGV9Qy/6w138uaVNnuntLIkiwn5q763BtFlItTMIkDB495AM
4ggXGcByvhWQ7ZXpPYliB/gEsPpAHGd7rBRgWw1Ns5FzKT7Eq1AVFsPHNNGQjpd7
95/3y+pr8z7eRrA5ocZEEtVTjtyuL+ufOwYqQpef0vfilTTyR2ib6PCGh1F+9UxO
eBqWM+4241hT95+p7N4vFq/ae3LqGEPa60s+LE4/EbrCLtiwEflGxOreTwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHxqTk5j6ldIBFrUHocLnxphQ8WSMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvZkdwT1RtUHFWMGdFV3RRZWh3dWZHbUZEeFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFLiFAAwQH
TUMAAwQGWZWAAwQEjYhgAwQCuaAoAwQG1chAAwQG1fsAAwQG1f7AMA0EAgACMAcD
BQMgAQZoMA0GCSqGSIb3DQEBCwUAA4IBAQC5e2cr8cAiw+tB2aJWr+AefZyfw/z4
7tGbCBAZivp90CJ6MytTaX1ZqSB0sY4MhxiOHNUn9KQs9GLXwBq/2EZqpwfKnszt
0XeJNozXW2oGUWQN+K+wHBwiHltm5IvLg1Ybc6UyfTgsS1lhs3Vfpj3bYOCeUDPG
HNtO/INJbim2sVd8j3zOwjGVgVwbU9Zi8ljkYDll1btW9bgImDbLeDmGtGKTI9S3
uM1Rx4s6+4o0Nnas60EtSgtHDCwRNPr7W2TUcTiHxqcOP6mZU0Hsyf0ew8WBq/la
OEPs+gt2+UuPYieY/a15jsmsTG8N0pXzU1pdSZp7YRdoZRyMTw+Np4K0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:12 2024 by rpki-client on console-fra.rpki-client.org