Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/NXxf80sGQ9HPKhUn_98ECmT1M0A.roa
File: NXxf80sGQ9HPKhUn_98ECmT1M0A.roa (raw, json)
Hash identifier: Chdb9NWRxcKCco5ou26tSi4l5ohr2N6DC6i3+InOXeE=
Subject key identifier: 35:7C:5F:F3:4B:06:43:D1:CF:2A:15:27:FF:DF:04:0A:64:F5:33:40
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018D96B49D1F4088603A7490BC00ADD44111
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/NXxf80sGQ9HPKhUn_98ECmT1M0A.roa
Signing time: Sun 11 Feb 2024 05:47:15 +0000
ROA not before: Sun 11 Feb 2024 05:47:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.189.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
81.21.10.0/23 maxlen: 23
81.21.12.0/22 maxlen: 24
81.21.14.0/23 maxlen: 24
176.57.52.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:96:b4:9d:1f:40:88:60:3a:74:90:bc:00:ad:d4:41:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Feb 11 05:47:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=357c5ff34b0643d1cf2a1527ffdf040a64f53340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2e:33:5d:62:bc:89:56:07:23:09:7d:11:65:
d3:0f:ca:f7:6a:f3:e4:c1:0a:db:64:27:ee:86:99:
d7:3c:5e:5d:3b:76:19:dd:ab:e7:b6:6e:3d:9c:9b:
13:dd:4f:be:dc:4a:1c:d7:55:84:37:a2:ef:04:87:
73:bd:73:d8:27:49:ed:19:77:a3:15:2e:72:d6:cc:
ce:12:c3:f6:66:4f:dd:46:48:5e:3b:56:67:48:10:
79:4f:f7:6f:89:05:80:68:ee:06:d3:8d:fb:29:82:
2d:68:58:8e:28:2b:e7:6b:8f:62:91:0a:6e:14:cb:
92:2f:2e:85:59:38:a2:9c:01:0d:fe:97:54:ef:9d:
35:39:85:04:35:dd:ab:f8:d4:23:02:1e:63:23:82:
0f:1c:d7:c1:8b:26:b8:b5:3e:6a:d9:c2:7c:35:df:
c6:02:69:2a:58:af:06:6e:f5:dd:ae:66:37:e9:b5:
87:d3:0f:15:3d:a5:5f:32:a2:23:59:f9:ee:6e:b7:
f7:3c:2a:2f:25:85:dc:4f:fa:09:52:1e:30:e7:9f:
d3:db:d3:98:85:db:51:5b:07:ea:87:fa:f9:66:bf:
aa:36:1f:28:f0:88:09:50:de:22:67:5c:ea:de:35:
d7:99:17:06:50:f4:94:00:14:d4:e2:2d:c3:c4:e7:
36:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7C:5F:F3:4B:06:43:D1:CF:2A:15:27:FF:DF:04:0A:64:F5:33:40
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/NXxf80sGQ9HPKhUn_98ECmT1M0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.189.0/24
81.21.2.0-81.21.7.255
81.21.10.0-81.21.15.255
176.57.52.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:5a:5f:e1:2c:3b:5e:ef:b2:bb:08:ec:d7:c8:33:f2:1e:58:
53:ae:76:60:a2:4c:03:4b:f2:d9:28:45:cb:e0:09:95:12:32:
26:ad:b1:af:4e:f6:15:f9:7f:b3:5a:0a:fc:67:87:ab:15:c5:
51:4e:04:6c:2f:3d:58:4d:33:c7:e7:8c:cb:ba:20:75:fc:ab:
7c:69:89:90:44:14:09:cc:fe:80:72:4f:03:c0:cb:f3:21:a7:
20:b0:85:45:72:6d:72:ff:4c:0b:25:21:40:97:c6:71:eb:7b:
18:33:3f:a6:05:39:e4:b3:92:82:c5:6c:95:9c:c7:50:19:25:
a5:5b:38:34:3c:a3:a6:d5:95:25:15:f3:82:e1:d4:ee:d3:1d:
4f:b4:9d:81:2e:f0:15:b2:58:52:77:b6:5d:3c:54:3e:c9:c7:
02:d3:58:f6:b6:1f:2d:c1:bf:42:a4:06:5e:d4:5f:71:74:57:
08:48:dc:6f:4e:64:66:8d:ab:03:70:52:63:d1:42:c0:ba:34:
4c:0d:42:c0:58:f3:0a:bf:b4:a7:ad:7e:69:1e:81:49:a2:e2:
65:d9:03:87:c0:f9:dd:7c:64:bc:9b:1c:76:54:18:bc:c9:eb:
5f:31:fd:b1:3b:dc:05:04:ae:26:35:cb:4f:22:1d:86:f2:5c:
39:c5:ac:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY2WtJ0fQIhgOnSQvACt1EERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMjExMDU0NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdjNWZmMzRiMDY0M2QxY2YyYTE1MjdmZmRmMDQwYTY0ZjUzMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC4zXWK8iVYHIwl9EWXTD8r3avPk
wQrbZCfuhpnXPF5dO3YZ3avntm49nJsT3U++3Eoc11WEN6LvBIdzvXPYJ0ntGXej
FS5y1szOEsP2Zk/dRkheO1ZnSBB5T/dviQWAaO4G0437KYItaFiOKCvna49ikQpu
FMuSLy6FWTiinAEN/pdU7501OYUENd2r+NQjAh5jI4IPHNfBiya4tT5q2cJ8Nd/G
AmkqWK8GbvXdrmY36bWH0w8VPaVfMqIjWfnubrf3PCovJYXcT/oJUh4w55/T29OY
hdtRWwfqh/r5Zr+qNh8o8IgJUN4iZ1zq3jXXmRcGUPSUABTU4i3DxOc29wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDV8X/NLBkPRzyoVJ//fBApk9TNAMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvTlh4Zjgwc0dROUhQS2hVbl85OEVDbVQxTTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAE+SKID
BAM+SKADBAA+SL0wDAMEAVEVAgMEA1EVADAMAwQBURUKAwQEURUAAwQAsDk0AwQA
sDk/MA0GCSqGSIb3DQEBCwUAA4IBAQChWl/hLDte77K7COzXyDPyHlhTrnZgokwD
S/LZKEXL4AmVEjImrbGvTvYV+X+zWgr8Z4erFcVRTgRsLz1YTTPH54zLuiB1/Kt8
aYmQRBQJzP6Ack8DwMvzIacgsIVFcm1y/0wLJSFAl8Zx63sYMz+mBTnks5KCxWyV
nMdQGSWlWzg0PKOm1ZUlFfOC4dTu0x1PtJ2BLvAVslhSd7ZdPFQ+yccC01j2th8t
wb9CpAZe1F9xdFcISNxvTmRmjasDcFJj0ULAujRMDULAWPMKv7SnrX5pHoFJouJl
2QOHwPndfGS8mxx2VBi8yetfMf2xO9wFBK4mNctPIh2G8lw5xawI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org