Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AYfIO9ZmO8F4zxEcmt4eO8YFmck.roa
File: AYfIO9ZmO8F4zxEcmt4eO8YFmck.roa (raw, json)
Hash identifier: 9pUGwnfxv3DyKcwwafgPuebQhO6L01gi/7EncibPkSE=
Subject key identifier: 01:87:C8:3B:D6:66:3B:C1:78:CF:11:1C:9A:DE:1E:3B:C6:05:99:C9
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01889AFE39A807334A6A96D06CA18510CBF5
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AYfIO9ZmO8F4zxEcmt4eO8YFmck.roa
Signing time: Thu 08 Jun 2023 12:32:12 +0000
ROA not before: Thu 08 Jun 2023 12:32:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/24 maxlen: 24
62.72.185.0/24 maxlen: 24
62.72.186.0/24 maxlen: 24
62.72.190.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.62.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
81.21.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 06:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:fe:39:a8:07:33:4a:6a:96:d0:6c:a1:85:10:cb:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jun 8 12:32:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0187c83bd6663bc178cf111c9ade1e3bc60599c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:67:70:53:f7:25:69:bc:c1:81:09:57:7f:
13:2c:93:e0:01:ce:a4:4f:9e:8f:01:1f:f8:89:8b:
d1:e3:f0:47:13:70:1a:2a:c7:ea:af:1b:2d:03:8a:
78:1c:0a:89:82:39:6f:52:55:15:07:89:32:09:61:
cf:c3:7d:15:dc:7e:29:44:11:1e:69:15:8d:3a:b3:
a6:3c:02:a8:b8:52:fb:c7:15:6d:2f:fb:21:41:aa:
1d:f3:37:fb:75:89:a1:c0:30:8c:2c:20:47:e7:fa:
01:1b:e6:20:f8:bd:ab:f1:74:52:ca:af:97:c4:33:
1f:33:c3:e4:05:30:fc:85:10:f2:bd:10:b5:37:18:
27:65:4b:32:c4:b7:38:f0:1a:1f:3d:92:0c:77:da:
e8:1a:34:9e:ab:78:1f:26:5d:87:73:01:54:66:49:
e0:fe:b7:cc:b1:f6:24:96:e0:f1:1c:55:d2:dd:6e:
ae:e6:bb:33:8f:49:ff:0e:2c:1d:e4:e5:53:78:68:
db:c8:d3:16:17:df:2c:03:5c:7e:b0:7a:a3:9b:7e:
ad:af:7f:9a:16:09:15:00:37:34:a2:4b:9f:8f:7b:
48:c7:e6:04:37:0f:3d:ab:81:1e:25:40:46:3e:10:
59:f3:77:4e:ef:c6:48:9e:17:01:a7:c0:d9:95:10:
dc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:87:C8:3B:D6:66:3B:C1:78:CF:11:1C:9A:DE:1E:3B:C6:05:99:C9
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AYfIO9ZmO8F4zxEcmt4eO8YFmck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0/24
62.72.185.0-62.72.187.255
62.72.190.0/23
81.21.12.0/22
176.57.51.0/24
176.57.62.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:41:7a:c5:c8:12:3d:38:c5:7e:10:b1:96:a7:cc:c7:bd:65:
9b:46:b1:51:5d:f5:3a:93:02:0c:aa:ef:e0:25:6a:1e:31:8b:
36:45:3d:15:f5:29:3d:98:fa:b1:dc:84:46:fa:db:11:fe:5f:
ec:de:4b:39:da:49:c1:3c:03:37:b8:b0:5b:8a:c1:c8:c5:70:
e8:d5:20:44:6f:ec:ec:23:b5:b6:8b:4d:b7:25:fb:c9:30:c2:
c1:62:0e:45:d4:ba:57:f7:53:3c:6b:c0:8f:ad:1b:73:88:79:
50:5b:a7:5d:37:79:14:50:d2:8e:c9:41:43:a6:5b:c5:89:80:
92:80:a0:c9:54:ea:cc:33:69:da:d0:97:e7:a6:1b:b5:35:b1:
9c:70:d3:e8:52:e4:e0:54:85:98:dc:90:7b:ef:fd:af:25:d9:
87:52:c8:33:ea:6a:50:3b:49:7e:b5:95:90:4c:1e:47:37:26:
7a:8c:01:90:f1:be:9f:f2:98:32:df:e1:31:d7:3f:79:45:6c:
d0:77:10:e6:8b:a4:19:18:2e:ad:93:73:fc:79:9c:50:69:8c:
ab:45:4a:3a:5e:8a:df:2b:be:1d:af:6f:ef:99:5d:91:2f:d1:
72:a0:70:53:86:42:09:8a:fe:e1:36:3c:3a:c2:5c:05:20:b0:
1b:8f:a8:e0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYia/jmoBzNKapbQbKGFEMv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNjA4MTIzMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg3YzgzYmQ2NjYzYmMxNzhjZjExMWM5YWRlMWUzYmM2MDU5OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhVncFP3JWm8wYEJV38TLJPgAc6k
T56PAR/4iYvR4/BHE3AaKsfqrxstA4p4HAqJgjlvUlUVB4kyCWHPw30V3H4pRBEe
aRWNOrOmPAKouFL7xxVtL/shQaod8zf7dYmhwDCMLCBH5/oBG+Yg+L2r8XRSyq+X
xDMfM8PkBTD8hRDyvRC1NxgnZUsyxLc48BofPZIMd9roGjSeq3gfJl2HcwFUZkng
/rfMsfYkluDxHFXS3W6u5rszj0n/Diwd5OVTeGjbyNMWF98sA1x+sHqjm36tr3+a
FgkVADc0okufj3tIx+YENw89q4EeJUBGPhBZ83dO78ZInhcBp8DZlRDcvQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAGHyDvWZjvBeM8RHJreHjvGBZnJMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvQVlmSU85Wm1POEY0enhFY210NGVPOFlGbWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAPkiiMAwD
BAA+SLkDBAI+SLgDBAE+SL4DBAJRFQwDBACwOTMDBAGwOT4wDQYJKoZIhvcNAQEL
BQADggEBADpBesXIEj04xX4QsZanzMe9ZZtGsVFd9TqTAgyq7+Alah4xizZFPRX1
KT2Y+rHchEb62xH+X+zeSznaScE8Aze4sFuKwcjFcOjVIERv7OwjtbaLTbcl+8kw
wsFiDkXUulf3UzxrwI+tG3OIeVBbp103eRRQ0o7JQUOmW8WJgJKAoMlU6swzadrQ
l+emG7U1sZxw0+hS5OBUhZjckHvv/a8l2YdSyDPqalA7SX61lZBMHkc3JnqMAZDx
vp/ymDLf4THXP3lFbNB3EOaLpBkYLq2Tc/x5nFBpjKtFSjpeit8rvh2vb++ZXZEv
0XKgcFOGQgmK/uE2PDrCXAUgsBuPqOA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org