Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/9GAPbdaa98M5OUkRp0Apz9JIBxc.roa
File: 9GAPbdaa98M5OUkRp0Apz9JIBxc.roa (raw, json)
Hash identifier: Rn9ooHx9PTnqtfH0Asd/C4ZgJbwaOQdtMREWMUlAaS0=
Subject key identifier: F4:60:0F:6D:D6:9A:F7:C3:39:39:49:11:A7:40:29:CF:D2:48:07:17
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01917F8E5FBC45612C37BA5F2C838A59D442
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/9GAPbdaa98M5OUkRp0Apz9JIBxc.roa
Signing time: Fri 23 Aug 2024 14:05:22 +0000
ROA not before: Fri 23 Aug 2024 14:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 62.133.60.0/24 maxlen: 24
62.133.61.0/24 maxlen: 24
62.133.62.0/24 maxlen: 24
62.133.63.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
194.156.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 20:28:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:8e:5f:bc:45:61:2c:37:ba:5f:2c:83:8a:59:d4:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Aug 23 14:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4600f6dd69af7c339394911a74029cfd2480717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:75:a2:bf:6e:89:9a:f7:3e:60:cf:02:2b:
73:bc:f7:53:e3:fa:32:6c:4c:40:f4:fb:70:4d:2c:
39:c0:57:76:03:94:b8:35:3f:b9:06:30:a0:a9:89:
d6:f9:9d:db:f5:e2:24:b5:2c:b9:d8:09:65:d7:a0:
24:96:6c:d0:a2:d6:b7:c4:8f:ea:2b:3a:59:89:8b:
33:b7:fc:6d:18:65:64:6c:42:47:1f:e0:b4:87:c2:
e2:ea:79:75:db:9d:7f:35:88:03:ad:29:e5:58:45:
e5:61:73:2e:fc:a9:2d:4f:a1:b3:47:98:28:ca:b9:
9a:55:2b:1b:08:e2:5a:4c:99:f0:ab:f7:e2:20:71:
ae:46:80:e4:f0:ae:7e:3b:3a:3f:f9:3c:36:ed:de:
e8:53:2e:21:ab:53:fb:54:00:7f:21:b9:d4:7a:d7:
f9:1b:59:45:c5:d0:d9:79:60:4a:4f:40:25:55:e3:
a1:9c:a2:1f:f3:5b:8a:c4:6c:69:b2:7f:e6:20:37:
d4:6e:b9:03:6b:da:71:63:ae:38:3e:9c:89:ee:53:
d2:56:41:85:58:4a:eb:33:a9:73:66:1c:43:33:1b:
c6:b8:7b:12:40:85:9d:56:c0:7d:a5:67:4b:b6:98:
64:53:af:59:10:2f:50:6f:f8:6a:a3:92:df:8f:64:
25:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:60:0F:6D:D6:9A:F7:C3:39:39:49:11:A7:40:29:CF:D2:48:07:17
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/9GAPbdaa98M5OUkRp0Apz9JIBxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.60.0/22
194.156.102.0/23
Signature Algorithm: sha256WithRSAEncryption
07:6e:e6:31:b5:60:1a:a7:a4:31:1b:f0:07:5d:4e:0d:0e:d6:
51:2d:c6:cf:f5:44:f4:ac:36:77:f9:c9:91:7c:a2:1b:c3:83:
41:30:71:0d:47:22:3f:a4:1b:47:ea:33:bb:17:4c:1b:c4:48:
25:a3:b5:43:3b:59:02:08:0f:e2:a3:cf:50:19:f0:26:24:08:
54:95:0e:22:a3:a9:f4:a7:1c:46:55:86:e3:6d:60:ad:7f:0a:
d4:36:c5:a1:23:7f:b8:99:bd:93:aa:6e:0c:0f:60:d1:21:c1:
35:fc:37:cc:6b:c7:36:75:45:6b:8a:b2:98:2c:60:b3:18:e8:
5b:83:78:1d:ed:c7:d7:c6:aa:b1:9e:ad:88:01:86:f9:54:82:
30:6f:8f:89:55:c7:de:5d:e0:df:31:48:d6:ed:af:b0:94:36:
c2:d7:86:02:29:44:ae:62:33:4e:0d:e5:fb:3f:a7:18:e1:cd:
dd:57:b9:40:12:1e:fd:44:67:f6:1b:a4:37:e9:60:33:ca:10:
68:c0:ac:c4:7e:94:4f:6b:6d:4b:92:a9:21:50:6b:ec:0e:82:
e4:e9:16:d2:7e:5e:35:e2:06:e6:3e:8c:bd:0e:20:35:d4:cf:
d4:47:44:a3:e2:59:fc:a1:41:d4:4d:e9:05:0d:f2:a7:e7:ae:
1e:b4:6d:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF/jl+8RWEsN7pfLIOKWdRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwODIzMTQwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDYwMGY2ZGQ2OWFmN2MzMzkzOTQ5MTFhNzQwMjljZmQyNDgwNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTp1or9uiZr3PmDPAitzvPdT4/oy
bExA9PtwTSw5wFd2A5S4NT+5BjCgqYnW+Z3b9eIktSy52All16AklmzQota3xI/q
KzpZiYszt/xtGGVkbEJHH+C0h8Li6nl1251/NYgDrSnlWEXlYXMu/KktT6GzR5go
yrmaVSsbCOJaTJnwq/fiIHGuRoDk8K5+Ozo/+Tw27d7oUy4hq1P7VAB/IbnUetf5
G1lFxdDZeWBKT0AlVeOhnKIf81uKxGxpsn/mIDfUbrkDa9pxY644PpyJ7lPSVkGF
WErrM6lzZhxDMxvGuHsSQIWdVsB9pWdLtphkU69ZEC9Qb/hqo5Lfj2QlRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPRgD23WmvfDOTlJEadAKc/SSAcXMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvOUdBUGJkYWE5OE01T1VrUnAwQXB6OUpJQnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPoU8AwQB
wpxmMA0GCSqGSIb3DQEBCwUAA4IBAQAHbuYxtWAap6QxG/AHXU4NDtZRLcbP9UT0
rDZ3+cmRfKIbw4NBMHENRyI/pBtH6jO7F0wbxEglo7VDO1kCCA/io89QGfAmJAhU
lQ4io6n0pxxGVYbjbWCtfwrUNsWhI3+4mb2Tqm4MD2DRIcE1/DfMa8c2dUVrirKY
LGCzGOhbg3gd7cfXxqqxnq2IAYb5VIIwb4+JVcfeXeDfMUjW7a+wlDbC14YCKUSu
YjNODeX7P6cY4c3dV7lAEh79RGf2G6Q36WAzyhBowKzEfpRPa21LkqkhUGvsDoLk
6RbSfl414gbmPoy9DiA11M/UR0Sj4ln8oUHUTekFDfKn564etG0l
-----END CERTIFICATE-----
Generated at Tue Oct 22 23:22:28 2024 by rpki-client on console-ams.rpki-client.org