Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/rwQsLqIl63GmaxfgcEwXD_Ujwq4.roa
File: rwQsLqIl63GmaxfgcEwXD_Ujwq4.roa (raw, json)
Hash identifier: L2/IcMV41yPL6bxG2lMbEZ49dpSyxq+4vaqRKLnrtQo=
Subject key identifier: AF:04:2C:2E:A2:25:EB:71:A6:6B:17:E0:70:4C:17:0F:F5:23:C2:AE
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 018674B7097ACB8CB05F046EC20BE5E47DAA
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/rwQsLqIl63GmaxfgcEwXD_Ujwq4.roa
Signing time: Tue 21 Feb 2023 16:03:17 +0000
ROA not before: Tue 21 Feb 2023 16:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61429
IP address blocks: 62.41.77.248/29 maxlen: 29
62.41.160.144/30 maxlen: 30
92.71.10.0/24 maxlen: 24
92.71.11.0/24 maxlen: 24
92.71.16.0/24 maxlen: 24
92.71.15.0/24 maxlen: 24
92.71.19.0/24 maxlen: 24
92.71.20.0/24 maxlen: 24
92.71.22.0/24 maxlen: 24
62.41.160.192/26 maxlen: 26
62.41.160.148/30 maxlen: 30
62.41.20.0/24 maxlen: 24
62.41.21.0/24 maxlen: 24
62.41.160.128/28 maxlen: 28
62.41.60.0/24 maxlen: 24
62.41.59.0/24 maxlen: 24
62.41.2.0/24 maxlen: 24
62.41.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:b7:09:7a:cb:8c:b0:5f:04:6e:c2:0b:e5:e4:7d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Feb 21 16:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af042c2ea225eb71a66b17e0704c170ff523c2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:e7:ca:34:af:66:28:72:4c:db:15:04:ae:
47:c8:df:5b:77:dd:56:3d:4a:85:47:5b:6c:b1:bb:
77:5c:63:74:15:b4:d0:01:42:75:d1:3c:a7:84:bf:
7f:01:cc:18:23:f8:76:bf:39:7b:09:cf:b0:b0:7c:
31:6f:36:6a:59:c9:b9:d9:ec:f5:c9:31:37:41:68:
9b:ef:fc:fe:84:0c:1f:59:86:8d:6f:4e:73:0d:41:
e6:ff:a6:7d:a0:9a:43:b9:ae:66:0e:60:2c:97:6b:
15:f3:f7:2d:b0:1b:7b:9b:1d:ef:4e:73:ba:41:b1:
3a:68:d6:99:b2:98:5d:0b:07:97:0e:8a:55:42:ff:
73:1e:bd:3f:bc:49:c9:3d:c5:24:b6:fd:69:4a:29:
79:9f:7c:57:f1:16:b9:6b:54:04:0a:0c:02:5f:f7:
88:90:ff:df:fc:f7:65:1c:4a:f1:f7:36:f4:09:4c:
d1:87:98:bd:17:61:39:99:ee:ec:df:91:36:4b:40:
fb:2d:1b:8f:d2:af:48:c3:a3:fb:df:6e:f1:55:17:
07:b7:1b:49:67:a9:83:f1:c8:d0:0c:9b:53:c4:7d:
2b:0f:31:b7:6a:2f:99:2a:74:e0:df:44:f8:b3:51:
6d:a7:48:b0:a6:fd:8f:3b:90:d5:1b:d2:bd:b0:d8:
6c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:04:2C:2E:A2:25:EB:71:A6:6B:17:E0:70:4C:17:0F:F5:23:C2:AE
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/rwQsLqIl63GmaxfgcEwXD_Ujwq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.2.0/24
62.41.10.0/24
62.41.20.0/23
62.41.59.0-62.41.60.255
62.41.77.248/29
62.41.160.128-62.41.160.151
62.41.160.192/26
92.71.10.0/23
92.71.15.0-92.71.16.255
92.71.19.0-92.71.20.255
92.71.22.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:82:45:61:b7:80:d5:e4:6a:49:f0:68:35:a5:f6:11:1b:2e:
d6:bf:11:2f:5a:7b:47:8f:62:d7:00:27:3a:b9:d1:98:3e:7f:
70:05:32:88:8e:98:cb:14:9d:c9:a9:57:0a:3a:47:66:5e:f2:
2b:c6:b8:4b:3a:04:8b:1c:8f:c6:5f:fa:7d:a8:88:9c:c6:7a:
12:a7:04:9d:32:c2:bd:04:68:07:1b:3a:b0:6d:63:a3:4d:2f:
c8:6a:22:f4:23:ac:54:27:c3:63:79:a5:f6:12:e3:57:f6:39:
78:ee:07:c6:95:f4:53:30:03:60:d9:f8:b3:f4:90:11:f0:e2:
ce:2a:26:cb:40:29:fb:85:d9:4e:11:dd:10:1c:78:a5:8b:62:
03:36:d6:59:fa:c4:70:e1:67:38:df:00:80:cf:6b:d2:af:78:
57:35:bc:99:e2:6d:b5:ce:14:4e:8c:fb:11:a0:63:f6:64:11:
4f:04:39:5f:7e:ef:38:fd:30:ee:df:4d:59:a5:79:a6:20:55:
b4:fd:4a:71:53:16:89:81:e3:e7:a2:95:d2:bc:54:32:f0:20:
c0:73:35:32:c8:0f:96:8b:c3:e1:21:e0:e7:54:d5:ee:14:34:
6b:c4:09:f2:fd:c9:f2:bc:48:fb:af:bd:15:50:c5:89:11:b1:
5c:c6:9d:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYZ0twl6y4ywXwRuwgvl5H2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMjIxMTYwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA0MmMyZWEyMjVlYjcxYTY2YjE3ZTA3MDRjMTcwZmY1MjNjMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr/nyjSvZihyTNsVBK5HyN9bd91W
PUqFR1tssbt3XGN0FbTQAUJ10TynhL9/AcwYI/h2vzl7Cc+wsHwxbzZqWcm52ez1
yTE3QWib7/z+hAwfWYaNb05zDUHm/6Z9oJpDua5mDmAsl2sV8/ctsBt7mx3vTnO6
QbE6aNaZsphdCweXDopVQv9zHr0/vEnJPcUktv1pSil5n3xX8Ra5a1QECgwCX/eI
kP/f/PdlHErx9zb0CUzRh5i9F2E5me7s35E2S0D7LRuP0q9Iw6P7327xVRcHtxtJ
Z6mD8cjQDJtTxH0rDzG3ai+ZKnTg30T4s1Ftp0iwpv2PO5DVG9K9sNhsnwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFK8ELC6iJetxpmsX4HBMFw/1I8KuMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvcndRc0xxSWw2M0dtYXhmZ2NFd1hEX1Vqd3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAPikCAwQA
PikKAwQBPikUMAwDBAA+KTsDBAA+KTwDBQM+KU34MA4DBQc+KaCAAwUDPimgkAMF
Bj4poMADBAFcRwowDAMEAFxHDwMEAFxHEDAMAwQAXEcTAwQAXEcUAwQAXEcWMA0G
CSqGSIb3DQEBCwUAA4IBAQCNgkVht4DV5GpJ8Gg1pfYRGy7WvxEvWntHj2LXACc6
udGYPn9wBTKIjpjLFJ3JqVcKOkdmXvIrxrhLOgSLHI/GX/p9qIicxnoSpwSdMsK9
BGgHGzqwbWOjTS/IaiL0I6xUJ8NjeaX2EuNX9jl47gfGlfRTMANg2fiz9JAR8OLO
KibLQCn7hdlOEd0QHHili2IDNtZZ+sRw4Wc43wCAz2vSr3hXNbyZ4m21zhROjPsR
oGP2ZBFPBDlffu84/TDu301ZpXmmIFW0/UpxUxaJgePnopXSvFQy8CDAczUyyA+W
i8PhIeDnVNXuFDRrxAny/cnyvEj7r70VUMWJEbFcxp3i
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:38 2024 by rpki-client on console-ams.rpki-client.org