Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/CUxYxaFcsdymbtTqU4RBSB03UKs.roa
File: CUxYxaFcsdymbtTqU4RBSB03UKs.roa (raw, json)
Hash identifier: P10oQ4zbvTtBydHT9WbP9r2ue0gF/CS/MpRfInSI5O4=
Subject key identifier: 09:4C:58:C5:A1:5C:B1:DC:A6:6E:D4:EA:53:84:41:48:1D:37:50:AB
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0187E5EA7E91167545CD3D3DA3861EA77BCC
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/CUxYxaFcsdymbtTqU4RBSB03UKs.roa
Signing time: Thu 04 May 2023 08:39:22 +0000
ROA not before: Thu 04 May 2023 08:39:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.72.164.0/24 maxlen: 24
62.72.168.0/24 maxlen: 24
62.72.177.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 08:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e5:ea:7e:91:16:75:45:cd:3d:3d:a3:86:1e:a7:7b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: May 4 08:39:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=094c58c5a15cb1dca66ed4ea538441481d3750ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d7:e3:9a:f1:33:76:7a:5d:3e:19:67:5a:94:
4d:89:ab:90:30:21:30:b0:e6:59:d4:df:00:d1:ab:
43:13:5a:6c:c3:c6:f8:7e:63:d9:dd:d5:6e:f2:40:
9e:22:ee:b0:ff:db:e8:3d:4d:7e:19:5c:0c:47:c6:
15:f2:ad:60:ae:e0:ca:3b:3e:72:80:33:5f:71:5a:
72:d9:af:3b:48:da:10:bc:13:4e:ca:80:30:9c:ce:
10:ca:8e:cd:c8:1b:ce:dc:78:0f:58:76:2c:8f:07:
a4:62:8d:dc:26:2a:70:69:4b:c7:ca:0c:34:11:9e:
a4:03:7d:4a:ef:ce:a3:a3:0a:04:8f:c4:96:a7:73:
00:70:32:b4:7c:7b:29:5d:18:a6:c9:c8:e0:56:9c:
b5:68:4c:fd:c8:23:e9:a4:36:ab:b2:45:1e:3c:47:
5d:1c:aa:b9:77:11:6a:d1:41:d8:7c:2b:5f:9c:e2:
ca:2b:7a:c4:c2:58:49:67:d5:b5:d6:11:88:6d:8b:
cc:00:0a:5a:66:22:ec:46:5e:aa:58:dc:a2:8d:95:
2b:11:92:90:fe:aa:ac:49:36:02:40:67:92:71:89:
12:20:02:c5:72:c4:1d:cc:49:66:a8:a4:8b:14:2c:
70:7c:74:23:81:c9:e0:74:c6:d2:bc:30:7c:e6:9a:
c5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4C:58:C5:A1:5C:B1:DC:A6:6E:D4:EA:53:84:41:48:1D:37:50:AB
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/CUxYxaFcsdymbtTqU4RBSB03UKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.164.0/24
62.72.168.0/24
62.72.177.0/24
62.72.184.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:5b:07:ef:91:b2:47:23:41:7c:d2:b7:61:1f:5a:6f:4f:9c:
a7:42:83:c1:43:f6:ac:d3:87:db:ec:4f:ed:a1:70:59:f4:0f:
dc:3f:0e:3a:23:79:53:6c:1a:13:1b:55:92:01:49:74:0c:45:
3f:84:fd:69:c7:9e:45:70:0f:34:f7:ee:43:de:24:08:69:71:
ae:71:99:31:23:ed:59:5d:1e:46:9e:c9:b6:04:f1:f9:23:2e:
c2:f7:a0:bd:f2:6f:2a:22:35:c8:6b:ae:a3:53:93:fe:aa:0f:
7e:ac:e8:01:16:01:de:4b:8b:7d:08:6c:04:53:d4:87:82:26:
8a:62:0b:4a:83:d9:7c:85:38:82:b8:e6:62:aa:8b:85:63:7e:
22:b8:96:b7:84:81:a8:4f:3d:57:10:b7:36:2f:dd:f6:19:79:
18:7a:2c:25:0a:9d:88:38:a5:a9:02:00:71:9e:48:78:a4:25:
5a:6d:d3:09:f0:e3:f1:12:a0:c5:08:92:59:1d:4b:cf:ca:43:
d9:cf:31:b0:e5:0c:a9:69:49:60:98:3a:ea:59:2a:b1:e9:b3:
fb:e8:3f:b9:cc:51:df:2d:03:5e:15:64:84:a7:6c:42:9f:32:
0e:fc:2c:85:99:97:ef:58:7c:69:49:1e:e6:e5:36:d3:f7:6a:
40:76:a3:e0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfl6n6RFnVFzT09o4Yep3vMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNTA0MDgzOTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTRjNThjNWExNWNiMWRjYTY2ZWQ0ZWE1Mzg0NDE0ODFkMzc1MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNfjmvEzdnpdPhlnWpRNiauQMCEw
sOZZ1N8A0atDE1psw8b4fmPZ3dVu8kCeIu6w/9voPU1+GVwMR8YV8q1gruDKOz5y
gDNfcVpy2a87SNoQvBNOyoAwnM4Qyo7NyBvO3HgPWHYsjwekYo3cJipwaUvHygw0
EZ6kA31K786jowoEj8SWp3MAcDK0fHspXRimycjgVpy1aEz9yCPppDarskUePEdd
HKq5dxFq0UHYfCtfnOLKK3rEwlhJZ9W11hGIbYvMAApaZiLsRl6qWNyijZUrEZKQ
/qqsSTYCQGeScYkSIALFcsQdzElmqKSLFCxwfHQjgcngdMbSvDB85prFmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAlMWMWhXLHcpm7U6lOEQUgdN1CrMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvQ1V4WXhhRmNzZHltYnRUcVU0UkJTQjAzVUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPkikAwQA
PkioAwQAPkixAwQAPki4AwQAsDk/MA0GCSqGSIb3DQEBCwUAA4IBAQCpWwfvkbJH
I0F80rdhH1pvT5ynQoPBQ/as04fb7E/toXBZ9A/cPw46I3lTbBoTG1WSAUl0DEU/
hP1px55FcA809+5D3iQIaXGucZkxI+1ZXR5Gnsm2BPH5Iy7C96C98m8qIjXIa66j
U5P+qg9+rOgBFgHeS4t9CGwEU9SHgiaKYgtKg9l8hTiCuOZiqouFY34iuJa3hIGo
Tz1XELc2L932GXkYeiwlCp2IOKWpAgBxnkh4pCVabdMJ8OPxEqDFCJJZHUvPykPZ
zzGw5QypaUlgmDrqWSqx6bP76D+5zFHfLQNeFWSEp2xCnzIO/CyFmZfvWHxpSR7m
5TbT92pAdqPg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org