Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/2_6uwH_RAI0hKfLLRgzbFjBRhyg.roa
File: 2_6uwH_RAI0hKfLLRgzbFjBRhyg.roa (raw, json)
Hash identifier: oCzURLDgxFHR3oohNgq1Bdij+JDHNXjRkI/a2Mynh9U=
Subject key identifier: DB:FE:AE:C0:7F:D1:00:8D:21:29:F2:CB:46:0C:DB:16:30:51:87:28
Certificate issuer: /CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Certificate serial: 018CC2DACDCF12DC905BE0DC94C1ED9697DF
Authority key identifier: 1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/2_6uwH_RAI0hKfLLRgzbFjBRhyg.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15472
IP address blocks: 62.100.64.0/21 maxlen: 21
185.193.188.0/22 maxlen: 22
62.100.72.0/23 maxlen: 23
62.100.85.0/24 maxlen: 24
62.100.88.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sun 07 Apr 2024 15:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cd:cf:12:dc:90:5b:e0:dc:94:c1:ed:96:97:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbfeaec07fd1008d2129f2cb460cdb1630518728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cb:c5:3c:46:4d:b4:b8:80:8c:ef:a9:e2:f2:
9e:1e:98:60:b1:fb:86:60:24:40:4e:8e:60:a9:2c:
fe:b3:cd:49:e0:3d:45:2a:ea:c0:6c:9c:40:e1:1f:
49:a2:9e:ea:31:de:a7:ad:2c:70:f7:aa:57:83:fd:
7d:26:52:13:52:22:3b:c4:3e:0c:33:e6:de:ae:b9:
aa:cf:0c:5d:90:ca:42:d6:6d:06:34:93:2b:19:b3:
83:de:e4:46:77:48:47:99:5b:a5:ae:c6:ff:12:bf:
9d:a5:60:15:29:64:32:6b:73:cc:60:d7:76:a0:1f:
19:66:b2:d3:e7:91:ac:f5:e8:a3:12:c1:f4:de:8b:
c9:e2:e8:af:fa:43:6e:5c:30:e0:1f:e7:b8:e7:09:
33:54:3f:9b:c6:7d:ca:17:a0:6a:88:9d:a8:aa:6a:
67:99:a1:c6:e4:28:c0:31:59:1d:5a:32:48:a6:91:
f3:95:e9:f3:29:b5:88:50:aa:79:d9:1b:07:00:2e:
7c:ae:bf:4e:46:f3:35:f1:14:2f:fd:27:61:2a:3a:
e3:0c:98:a4:0b:08:0b:21:50:d4:27:ee:a3:d2:c0:
6c:62:9f:e5:3e:61:dc:06:f9:f1:01:18:f4:36:8f:
67:9c:a3:ef:c1:c8:d4:8e:33:9f:a4:88:be:de:cc:
b1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FE:AE:C0:7F:D1:00:8D:21:29:F2:CB:46:0C:DB:16:30:51:87:28
X509v3 Authority Key Identifier:
keyid:1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/2_6uwH_RAI0hKfLLRgzbFjBRhyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/H8SSerGUrhI3_eLTvvaQOIk_DcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.64.0-62.100.73.255
62.100.85.0/24
62.100.88.0/21
185.193.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:e3:22:eb:12:a1:be:05:67:80:14:5d:ae:30:be:e6:94:b3:
37:a2:8a:42:50:33:35:f7:e6:a9:db:87:f6:e4:1c:7b:a5:3d:
33:f9:41:74:53:e6:d4:2e:b3:23:77:89:64:fc:a6:2d:ab:eb:
60:03:ff:76:e2:bb:14:9c:9e:10:98:8e:23:f5:a1:9e:a6:7c:
85:24:ad:ec:91:87:b5:9e:53:a1:50:a1:e2:a9:81:69:59:2b:
66:8e:69:23:34:63:cb:59:57:93:a0:82:28:22:84:58:7c:e5:
60:54:b0:b6:21:95:3e:80:0d:1b:d9:20:54:62:55:5c:e5:34:
76:cb:92:15:2f:1b:fe:e7:5a:20:40:92:2f:4e:aa:a2:82:29:
87:79:ec:27:55:19:0f:dd:c0:ef:5a:d8:14:a0:ae:08:05:eb:
30:d1:2f:ba:2f:71:5e:2e:8d:53:04:77:98:0b:d3:8e:91:cc:
b6:c0:3c:8a:f3:37:c3:64:3c:d4:b6:35:eb:08:89:93:1f:a6:
b2:e2:45:d7:af:5c:a5:3e:35:82:8f:1a:36:c5:54:b8:e4:61:
85:dc:1a:1e:9b:1b:b0:72:5c:a9:da:ba:5f:d6:e5:ad:12:69:
34:82:fe:3b:4b:80:7a:66:82:ad:6e:c6:49:27:56:e5:c2:ca:
41:ed:c6:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzC2s3PEtyQW+DclMHtlpffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzQ5MjdhYjE5NGFlMTIzN2ZkZTJkM2JlZjY5MDM4ODkz
ZjBkYzUwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZlYWVjMDdmZDEwMDhkMjEyOWYyY2I0NjBjZGIxNjMwNTE4NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMvFPEZNtLiAjO+p4vKeHphgsfuG
YCRATo5gqSz+s81J4D1FKurAbJxA4R9Jop7qMd6nrSxw96pXg/19JlITUiI7xD4M
M+berrmqzwxdkMpC1m0GNJMrGbOD3uRGd0hHmVulrsb/Er+dpWAVKWQya3PMYNd2
oB8ZZrLT55Gs9eijEsH03ovJ4uiv+kNuXDDgH+e45wkzVD+bxn3KF6BqiJ2oqmpn
maHG5CjAMVkdWjJIppHzlenzKbWIUKp52RsHAC58rr9ORvM18RQv/SdhKjrjDJik
CwgLIVDUJ+6j0sBsYp/lPmHcBvnxARj0No9nnKPvwcjUjjOfpIi+3syxBwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNv+rsB/0QCNISnyy0YM2xYwUYcoMB8GA1UdIwQY
MBaAFB/EknqxlK4SN/3i0772kDiJPw3FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhTU2VyR1VyaEkzX2VMVHZ2YVFPSWtfRGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85NDNkNWQtNTYwYy00MzE0LWFmODIt
OGI4YTAxYmQ3NDE0LzEvMl82dXdIX1JBSTBoS2ZMTFJnemJGakJSaHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85NDNkNWQtNTYwYy00MzE0LWFmODItOGI4YTAxYmQ3NDE0
LzEvSDhTU2VyR1VyaEkzX2VMVHZ2YVFPSWtfRGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAY+ZEAD
BAE+ZEgDBAA+ZFUDBAM+ZFgDBAK5wbwwDQYJKoZIhvcNAQELBQADggEBAEzjIusS
ob4FZ4AUXa4wvuaUszeiikJQMzX35qnbh/bkHHulPTP5QXRT5tQusyN3iWT8pi2r
62AD/3biuxScnhCYjiP1oZ6mfIUkreyRh7WeU6FQoeKpgWlZK2aOaSM0Y8tZV5Og
gigihFh85WBUsLYhlT6ADRvZIFRiVVzlNHbLkhUvG/7nWiBAki9OqqKCKYd57CdV
GQ/dwO9a2BSgrggF6zDRL7ovcV4ujVMEd5gL046RzLbAPIrzN8NkPNS2NesIiZMf
prLiRdevXKU+NYKPGjbFVLjkYYXcGh6bG7ByXKnaul/W5a0SaTSC/jtLgHpmgq1u
xkknVuXCykHtxgQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:16 2025 by rpki-client