Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/MY2cSVBRvvOOsR3SOl4xZvMOoMg.roa
File: MY2cSVBRvvOOsR3SOl4xZvMOoMg.roa (raw, json)
Hash identifier: N7imj246NySZcaBGdAPRJwf6N4K0PozjhJFBI36z1Jg=
Subject key identifier: 31:8D:9C:49:50:51:BE:F3:8E:B1:1D:D2:3A:5E:31:66:F3:0E:A0:C8
Certificate issuer: /CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Certificate serial: 01856E1D38E16D8A7647A3BC3E800E0A9D3E
Authority key identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/MY2cSVBRvvOOsR3SOl4xZvMOoMg.roa
Signing time: Sun 01 Jan 2023 16:14:46 +0000
ROA not before: Sun 01 Jan 2023 16:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8560
IP address blocks: 82.223.0.0/16 maxlen: 24
217.76.128.0/19 maxlen: 24
94.143.136.0/21 maxlen: 24
93.93.112.0/21 maxlen: 24
62.151.160.0/21 maxlen: 24
62.151.176.0/21 maxlen: 24
2001:ba0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Jan 2023 13:42:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:38:e1:6d:8a:76:47:a3:bc:3e:80:0e:0a:9d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Validity
Not Before: Jan 1 16:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=318d9c495051bef38eb11dd23a5e3166f30ea0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:a4:b4:4c:64:06:f3:73:78:d5:b9:78:e2:
31:56:86:7c:7f:17:16:a4:c1:0e:56:e7:35:3d:d9:
86:e9:40:64:0e:2a:24:99:2b:76:c9:c6:a6:03:d5:
33:e0:ed:7f:ad:98:47:fe:b8:f0:fa:58:78:8d:61:
5c:6b:c2:32:b3:98:1e:0f:e6:8f:75:f4:4e:05:ab:
8f:bd:ab:00:f1:8b:6e:37:e7:8c:0f:f2:c1:a5:6b:
4f:aa:51:dc:31:b4:49:59:97:7d:f4:60:6b:26:b9:
0a:40:3d:ec:f3:9d:5d:fd:52:f7:ee:17:62:34:21:
b0:e0:e0:ff:f2:d4:fb:53:75:a9:f8:b8:be:32:20:
98:9d:4b:c9:5f:0b:2a:43:85:4f:77:a1:f5:71:5b:
45:dd:fe:96:2f:e6:3f:b6:62:bc:29:1e:28:0a:61:
b5:d3:48:84:8f:e5:f1:3d:d3:2a:bb:84:be:ed:ea:
b9:a5:36:b2:ac:e7:ab:ed:a1:43:91:e0:7e:33:43:
35:9f:fb:de:d0:17:40:dc:e6:a7:6a:71:80:12:d3:
1b:c3:4b:3e:cf:ca:58:76:19:e1:72:fc:b0:9e:52:
59:52:05:d9:cb:ae:8f:73:ee:15:d2:c3:b6:7d:e2:
85:69:68:0e:4d:09:03:08:30:ff:db:79:c9:eb:e3:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8D:9C:49:50:51:BE:F3:8E:B1:1D:D2:3A:5E:31:66:F3:0E:A0:C8
X509v3 Authority Key Identifier:
keyid:7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/MY2cSVBRvvOOsR3SOl4xZvMOoMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.151.160.0/21
62.151.176.0/21
82.223.0.0/16
93.93.112.0/21
94.143.136.0/21
217.76.128.0/19
IPv6:
2001:ba0::/32
Signature Algorithm: sha256WithRSAEncryption
bb:43:d2:99:4a:63:8b:90:0d:f5:2a:4d:40:1a:4c:fe:12:eb:
e1:83:c8:f1:79:2e:87:6f:4b:c0:79:3f:51:ab:3c:bc:7d:d0:
3a:b7:4c:44:b1:e3:ac:b0:10:fc:92:99:61:7b:3d:4a:5e:d1:
13:82:63:05:02:3a:43:91:e5:9a:f5:09:2a:02:bb:3e:fa:e4:
35:b8:7b:d1:cb:6c:35:b3:e0:e6:ed:24:61:cd:16:c3:95:59:
68:1c:f7:63:2d:19:f3:bb:5c:01:a5:11:34:00:e3:46:76:b3:
be:58:2a:18:4d:c5:63:16:12:3f:80:0b:ae:56:09:06:56:67:
71:e5:7d:73:ec:41:c6:c7:df:18:18:ba:35:14:59:19:f3:25:
d5:cf:4c:71:85:8d:cb:3c:48:8d:5e:79:19:05:20:0c:02:96:
fc:91:91:21:54:db:ad:94:4d:56:56:52:d3:64:f6:79:9a:3e:
ae:e9:98:6b:8d:ac:6c:c2:25:b7:7c:0c:1a:63:c8:ce:62:cd:
7c:a9:5b:ec:f4:ea:c7:2a:8c:8d:8f:1a:b7:20:f8:c7:85:26:
09:2b:70:51:8d:58:dd:f6:2b:56:a0:16:f6:57:cc:60:b7:71:
88:00:65:28:4d:a2:31:89:de:a5:5c:b4:c0:49:ec:84:c9:f5:
de:71:cf:ad
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVuHTjhbYp2R6O8PoAOCp0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNmRjNzM5NTgxNWFmMDQ1MDQ4ZjRjZTM5MTBkMDQwMDhm
ZjNhN2MwHhcNMjMwMTAxMTYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMThkOWM0OTUwNTFiZWYzOGViMTFkZDIzYTVlMzE2NmYzMGVhMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsCktExkBvNzeNW5eOIxVoZ8fxcW
pMEOVuc1PdmG6UBkDiokmSt2ycamA9Uz4O1/rZhH/rjw+lh4jWFca8Iys5geD+aP
dfROBauPvasA8YtuN+eMD/LBpWtPqlHcMbRJWZd99GBrJrkKQD3s851d/VL37hdi
NCGw4OD/8tT7U3Wp+Li+MiCYnUvJXwsqQ4VPd6H1cVtF3f6WL+Y/tmK8KR4oCmG1
00iEj+XxPdMqu4S+7eq5pTayrOer7aFDkeB+M0M1n/ve0BdA3OananGAEtMbw0s+
z8pYdhnhcvywnlJZUgXZy66Pc+4V0sO2feKFaWgOTQkDCDD/23nJ6+M19QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDGNnElQUb7zjrEd0jpeMWbzDqDIMB8GA1UdIwQY
MBaAFHxtxzlYFa8EUEj0zjkQ0EAI/zp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkczSE9WZ1Zyd1JRU1BUT09SRFFRQWpfT253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NDY4N2YtZWZhNS00NjIwLTg2MTkt
MzE1NWJhOGNiNzRmLzEvTVkyY1NWQlJ2dk9Pc1IzU09sNHhadk1Pb01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NDY4N2YtZWZhNS00NjIwLTg2MTktMzE1NWJhOGNiNzRm
LzEvZkczSE9WZ1Zyd1JRU1BUT09SRFFRQWpfT253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDPpegAwQD
PpewAwMAUt8DBANdXXADBANej4gDBAXZTIAwDQQCAAIwBwMFACABC6AwDQYJKoZI
hvcNAQELBQADggEBALtD0plKY4uQDfUqTUAaTP4S6+GDyPF5LodvS8B5P1GrPLx9
0Dq3TESx46ywEPySmWF7PUpe0ROCYwUCOkOR5Zr1CSoCuz765DW4e9HLbDWz4Obt
JGHNFsOVWWgc92MtGfO7XAGlETQA40Z2s75YKhhNxWMWEj+AC65WCQZWZ3HlfXPs
QcbH3xgYujUUWRnzJdXPTHGFjcs8SI1eeRkFIAwClvyRkSFU262UTVZWUtNk9nma
Pq7pmGuNrGzCJbd8DBpjyM5izXypW+z06scqjI2PGrcg+MeFJgkrcFGNWN32K1ag
FvZXzGC3cYgAZShNojGJ3qVctMBJ7ITJ9d5xz60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:46 2024 by rpki-client on console-ams.rpki-client.org