Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/bwFfGFRYrRyt-Pom5KKD_ZaGi5I.roa
File: bwFfGFRYrRyt-Pom5KKD_ZaGi5I.roa (raw, json)
Hash identifier: Q2G+76CKqWm/dyojr4Eoe266RoUI7UCXpQYkPn7m1UM=
Subject key identifier: 6F:01:5F:18:54:58:AD:1C:AD:F8:FA:26:E4:A2:83:FD:96:86:8B:92
Certificate issuer: /CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Certificate serial: 018D8DD4460A1A9EFA81582AA7DC300D08A2
Authority key identifier: 9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/bwFfGFRYrRyt-Pom5KKD_ZaGi5I.roa
Signing time: Fri 09 Feb 2024 12:25:15 +0000
ROA not before: Fri 09 Feb 2024 12:25:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43940
IP address blocks: 62.4.32.0/19 maxlen: 19
109.72.96.0/20 maxlen: 20
185.64.0.0/22 maxlen: 22
185.179.92.0/22 maxlen: 22
213.133.0.0/19 maxlen: 19
213.196.64.0/19 maxlen: 19
2a03:7a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 May 2024 12:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:d4:46:0a:1a:9e:fa:81:58:2a:a7:dc:30:0d:08:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Validity
Not Before: Feb 9 12:25:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f015f185458ad1cadf8fa26e4a283fd96868b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:84:3f:f4:5e:31:9b:68:32:18:2b:8b:cc:f4:
4a:72:f2:38:94:c9:8f:19:8c:b8:ab:67:6f:de:7e:
3a:1c:42:48:17:58:a6:ed:dd:96:74:f4:8a:cd:a8:
38:cf:e7:27:99:b4:0d:69:0c:a5:b4:b3:00:0e:e2:
dd:c4:ad:28:03:c2:df:98:2b:5a:c9:82:21:e5:c4:
e6:47:e7:10:ea:f1:dc:21:4d:03:43:59:e0:7b:fd:
9c:61:be:88:6e:db:18:4f:3e:c5:35:b3:ee:96:d1:
bb:39:e6:82:33:71:98:6a:0d:bd:9e:07:e9:06:8e:
9d:8e:b6:c8:bf:d7:8e:6a:28:c8:52:f5:ab:2b:4b:
bc:e9:90:85:d1:6f:8b:a8:6a:a3:bf:2d:4c:58:a5:
40:1c:2c:0b:0b:77:cb:7d:14:47:19:0c:4e:2c:4a:
4d:dc:be:08:24:2a:85:8e:47:6d:ab:29:a7:99:34:
36:6d:20:b3:83:a6:02:34:4b:34:c2:94:d8:f6:b1:
86:0e:99:31:c1:50:5b:56:9d:d9:3f:06:57:d9:96:
81:77:c7:07:0b:97:ea:41:c4:57:a7:9b:c9:e9:8e:
47:9b:01:df:e8:4a:14:18:63:f7:ac:78:49:ea:f8:
77:e4:73:6f:ae:3e:54:e4:03:99:6e:f7:13:e2:9a:
af:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:01:5F:18:54:58:AD:1C:AD:F8:FA:26:E4:A2:83:FD:96:86:8B:92
X509v3 Authority Key Identifier:
keyid:9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/bwFfGFRYrRyt-Pom5KKD_ZaGi5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/m7xCOcnLmB8ZpJXmM9O-yIn8vok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.32.0/19
109.72.96.0/20
185.64.0.0/22
185.179.92.0/22
213.133.0.0/19
213.196.64.0/19
IPv6:
2a03:7a0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:1f:e6:28:d3:c3:b4:cd:71:9a:c1:f5:08:3c:43:38:dd:9d:
d7:7c:cf:75:77:c8:3b:3e:76:67:13:d5:12:a4:5f:3b:a1:72:
21:e8:36:84:8d:f5:f4:d4:14:3a:ee:8c:6d:83:17:2f:fe:39:
b7:59:f8:8b:0d:19:3e:41:14:7e:5d:e1:0e:44:e8:19:cb:89:
69:77:89:2c:bc:8e:54:29:97:27:6b:14:dd:78:51:ed:73:da:
72:8f:c8:a1:52:9c:e5:ec:c3:38:5d:17:5e:ec:00:08:99:6f:
51:84:d4:47:bd:db:9d:89:49:8f:d4:5c:46:7f:46:b6:9a:4a:
7a:21:f7:c3:e5:39:fc:cc:ad:88:bc:d0:eb:4b:2e:1f:d8:d8:
6a:28:fd:93:e6:de:4a:d6:46:28:41:e4:a9:15:f8:46:f0:84:
8e:a0:aa:42:7c:b9:37:5e:22:ec:ce:78:3a:2b:8a:7d:d1:3b:
8a:87:de:73:74:af:e0:b2:e4:42:1d:98:16:af:a9:6e:e8:9c:
a8:7d:c2:24:e0:e5:60:c3:2e:9e:9d:93:72:3e:7a:ea:71:f6:
b3:49:90:ef:f4:95:47:0e:ff:ec:07:64:78:1d:2a:b3:7a:1e:
31:c0:8c:84:ee:28:ce:80:79:bd:c7:24:a5:84:12:90:a0:ed:
16:40:7e:29
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY2N1EYKGp76gVgqp9wwDQiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmM0MjM5YzljYjk4MWYxOWE0OTVlNjMzZDNiZWM4ODlm
Y2JlODkwHhcNMjQwMjA5MTIyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAxNWYxODU0NThhZDFjYWRmOGZhMjZlNGEyODNmZDk2ODY4YjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIQ/9F4xm2gyGCuLzPRKcvI4lMmP
GYy4q2dv3n46HEJIF1im7d2WdPSKzag4z+cnmbQNaQyltLMADuLdxK0oA8LfmCta
yYIh5cTmR+cQ6vHcIU0DQ1nge/2cYb6IbtsYTz7FNbPultG7OeaCM3GYag29ngfp
Bo6djrbIv9eOaijIUvWrK0u86ZCF0W+LqGqjvy1MWKVAHCwLC3fLfRRHGQxOLEpN
3L4IJCqFjkdtqymnmTQ2bSCzg6YCNEs0wpTY9rGGDpkxwVBbVp3ZPwZX2ZaBd8cH
C5fqQcRXp5vJ6Y5HmwHf6EoUGGP3rHhJ6vh35HNvrj5U5AOZbvcT4pqvGwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFG8BXxhUWK0crfj6JuSig/2WhouSMB8GA1UdIwQY
MBaAFJu8QjnJy5gfGaSV5jPTvsiJ/L6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmIt
MDFhYTA1NmIxZjZmLzEvYndGZkdGUllyUnl0LVBvbTVLS0RfWmFHaTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmItMDFhYTA1NmIxZjZm
LzEvbTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFPgQgAwQE
bUhgAwQCuUAAAwQCubNcAwQF1YUAAwQF1cRAMA0EAgACMAcDBQMqAwegMA0GCSqG
SIb3DQEBCwUAA4IBAQCgH+Yo08O0zXGawfUIPEM43Z3XfM91d8g7PnZnE9USpF87
oXIh6DaEjfX01BQ67oxtgxcv/jm3WfiLDRk+QRR+XeEOROgZy4lpd4ksvI5UKZcn
axTdeFHtc9pyj8ihUpzl7MM4XRde7AAImW9RhNRHvdudiUmP1FxGf0a2mkp6IffD
5Tn8zK2IvNDrSy4f2NhqKP2T5t5K1kYoQeSpFfhG8ISOoKpCfLk3XiLszng6K4p9
0TuKh95zdK/gsuRCHZgWr6lu6JyofcIk4OVgwy6enZNyPnrqcfazSZDv9JVHDv/s
B2R4HSqzeh4xwIyE7ijOgHm9xySlhBKQoO0WQH4p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:06 2024 by rpki-client on console-ams.rpki-client.org