Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/IwjcwbQJpY4uuhWl5KptCfJVB7c.roa
File: IwjcwbQJpY4uuhWl5KptCfJVB7c.roa (raw, json)
Hash identifier: G8Q2P2NmSeK5nYIoasywHE15osdU8ty8qJMvGQF1Ys0=
Subject key identifier: 23:08:DC:C1:B4:09:A5:8E:2E:BA:15:A5:E4:AA:6D:09:F2:55:07:B7
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0186B12CAE91C5CE29E1E0FC71E6317783E7
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/IwjcwbQJpY4uuhWl5KptCfJVB7c.roa
Signing time: Sun 05 Mar 2023 09:49:00 +0000
ROA not before: Sun 05 Mar 2023 09:49:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 62.72.164.0/24 maxlen: 24
62.72.162.0/24 maxlen: 24
62.72.163.0/24 maxlen: 24
62.72.160.0/24 maxlen: 24
62.72.161.0/24 maxlen: 24
62.72.169.0/24 maxlen: 24
62.72.168.0/24 maxlen: 24
62.72.176.0/24 maxlen: 24
62.72.183.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
62.72.190.0/24 maxlen: 24
176.57.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 07:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b1:2c:ae:91:c5:ce:29:e1:e0:fc:71:e6:31:77:83:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 5 09:49:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2308dcc1b409a58e2eba15a5e4aa6d09f25507b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5d:81:f3:a5:ea:1d:68:05:fe:b0:82:24:62:
20:e5:b0:e8:99:fd:e4:e3:8f:82:f5:1d:fb:bb:36:
d1:f3:93:4b:40:11:45:d0:0c:09:33:84:5a:e3:f0:
c5:79:25:87:c4:79:6e:6b:84:1b:b3:ac:00:83:50:
a6:d0:f1:9c:46:a6:3d:1c:27:02:77:9f:e4:00:47:
c4:9b:c1:3f:ee:2e:75:4a:c4:71:88:ff:ba:95:08:
10:69:19:dd:0f:f5:fb:f1:0d:25:1d:3d:fe:63:ce:
fa:88:f0:32:b0:2a:f5:ec:c8:fd:77:50:83:46:f9:
ad:f4:2f:21:5c:97:03:be:b7:ea:87:5a:4f:ec:4d:
94:6b:d0:af:15:84:4a:29:e4:38:50:b8:32:09:b8:
fa:5f:22:09:47:ec:3e:45:13:d0:53:c6:7a:47:c5:
b7:e0:96:66:5e:11:d7:ee:cc:9d:5e:92:a9:5c:96:
7f:62:4d:6c:89:46:c0:a0:e4:f6:01:a7:80:24:dd:
f3:c3:5d:ed:1b:35:dd:fe:62:84:45:df:86:4f:07:
71:dc:1d:c3:24:b5:b3:9f:68:58:79:4b:3d:4e:c8:
b4:ff:2a:bd:fe:63:b9:83:97:da:01:a2:88:57:3a:
b2:5b:7e:a3:f9:c5:48:54:05:c4:6d:b7:29:d1:03:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:08:DC:C1:B4:09:A5:8E:2E:BA:15:A5:E4:AA:6D:09:F2:55:07:B7
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/IwjcwbQJpY4uuhWl5KptCfJVB7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.160.0-62.72.164.255
62.72.168.0/23
62.72.176.0/24
62.72.183.0-62.72.184.255
62.72.190.0/24
176.57.62.0/24
Signature Algorithm: sha256WithRSAEncryption
14:02:2c:38:ba:de:56:43:d2:05:e7:3f:16:9a:53:c3:d0:68:
b9:68:74:85:cb:ee:43:b8:0c:c6:25:da:86:e0:a3:7b:c7:6c:
e6:c4:42:10:d4:dc:1e:37:c6:b3:0f:77:36:30:50:91:7b:6d:
4a:4a:65:5c:49:3a:0a:4b:f1:a8:86:77:a4:bd:41:ee:14:73:
ba:fd:91:10:f0:a4:5d:d1:bb:2f:ce:28:e1:82:f2:b8:77:4a:
81:df:77:21:7c:19:96:c1:3d:aa:35:85:57:b0:01:cd:cd:57:
32:f3:b6:8f:59:c3:42:c1:5a:c5:ab:5e:2d:e2:07:de:33:b8:
ca:b7:13:7d:e5:c3:b4:15:ab:c6:bd:16:b2:69:b9:cc:3b:8d:
5e:fe:31:66:7e:ff:ef:c6:c9:33:6f:e5:5e:1d:e4:fd:2a:f1:
40:7e:30:92:2e:8f:59:5e:f4:c3:60:34:8b:b9:0f:40:32:04:
81:88:10:6d:d2:45:a4:e4:a9:c2:80:df:88:ec:dc:3c:1c:4b:
6b:0a:b5:74:75:b8:30:2f:d3:bc:80:ee:04:5c:af:66:93:c0:
9c:eb:ab:cd:28:86:b9:8f:b9:de:d7:65:58:0e:f0:a3:ea:44:
db:3a:43:a3:27:32:84:7a:ca:a4:72:07:3f:fc:06:8c:5c:0c:
b4:43:6f:e8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYaxLK6Rxc4p4eD8ceYxd4PnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwMzA1MDk0OTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA4ZGNjMWI0MDlhNThlMmViYTE1YTVlNGFhNmQwOWYyNTUwN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF2B86XqHWgF/rCCJGIg5bDomf3k
44+C9R37uzbR85NLQBFF0AwJM4Ra4/DFeSWHxHlua4Qbs6wAg1Cm0PGcRqY9HCcC
d5/kAEfEm8E/7i51SsRxiP+6lQgQaRndD/X78Q0lHT3+Y876iPAysCr17Mj9d1CD
Rvmt9C8hXJcDvrfqh1pP7E2Ua9CvFYRKKeQ4ULgyCbj6XyIJR+w+RRPQU8Z6R8W3
4JZmXhHX7sydXpKpXJZ/Yk1siUbAoOT2AaeAJN3zw13tGzXd/mKERd+GTwdx3B3D
JLWzn2hYeUs9Tsi0/yq9/mO5g5faAaKIVzqyW36j+cVIVAXEbbcp0QPbcwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCMI3MG0CaWOLroVpeSqbQnyVQe3MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSXdqY3diUUpwWTR1dWhXbDVLcHRDZkpWQjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAU+SKAD
BAA+SKQDBAE+SKgDBAA+SLAwDAMEAD5ItwMEAD5IuAMEAD5IvgMEALA5PjANBgkq
hkiG9w0BAQsFAAOCAQEAFAIsOLreVkPSBec/FppTw9BouWh0hcvuQ7gMxiXahuCj
e8ds5sRCENTcHjfGsw93NjBQkXttSkplXEk6CkvxqIZ3pL1B7hRzuv2REPCkXdG7
L84o4YLyuHdKgd93IXwZlsE9qjWFV7ABzc1XMvO2j1nDQsFaxateLeIH3jO4yrcT
feXDtBWrxr0Wsmm5zDuNXv4xZn7/78bJM2/lXh3k/SrxQH4wki6PWV70w2A0i7kP
QDIEgYgQbdJFpOSpwoDfiOzcPBxLawq1dHW4MC/TvIDuBFyvZpPAnOurzSiGuY+5
3tdlWA7wo+pE2zpDoycyhHrKpHIHP/wGjFwMtENv6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org