Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/PqiSkNDA32lME8gxigxAiV4wcRY.roa
File: PqiSkNDA32lME8gxigxAiV4wcRY.roa (raw, json)
Hash identifier: ffjBlGgE9oCVElsDm2NGOLPTfxaZZqU8SlA6sLAiq0s=
Subject key identifier: 3E:A8:92:90:D0:C0:DF:69:4C:13:C8:31:8A:0C:40:89:5E:30:71:16
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018CC6B7A21F5530228329ADD77EDA8FAEF0
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/PqiSkNDA32lME8gxigxAiV4wcRY.roa
Signing time: Mon 01 Jan 2024 20:29:32 +0000
ROA not before: Mon 01 Jan 2024 20:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 62.72.180.0/24 maxlen: 24
176.57.48.0/24 maxlen: 24
176.57.54.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
81.21.0.0/24 maxlen: 24
176.57.60.0/24 maxlen: 24
81.21.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 13:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a2:1f:55:30:22:83:29:ad:d7:7e:da:8f:ae:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 20:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ea89290d0c0df694c13c8318a0c40895e307116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fb:42:d5:22:70:4f:b0:63:7f:dd:a9:5a:a1:
38:c9:e4:a4:59:d9:0f:b2:07:eb:87:3a:e6:5f:35:
1f:e4:69:2b:87:bc:f4:ac:ff:e3:c8:fd:c7:b9:70:
66:77:7c:90:cd:c7:d4:e6:2a:11:8e:eb:d1:cc:75:
e1:c1:43:02:6d:36:5e:93:54:0a:21:27:98:3e:a6:
e0:2a:c9:7a:43:66:8d:9f:7b:22:e2:e6:88:0e:35:
2d:f0:ee:66:53:ae:1e:d0:d5:ef:8f:f5:a6:b8:cb:
8b:ec:1a:5e:31:41:d5:15:28:09:b4:bb:04:be:32:
93:5a:0c:6f:d0:f9:13:28:b7:0c:b6:2a:a6:0d:96:
8d:f9:4d:89:77:68:38:a7:9b:d1:14:ad:b1:eb:8c:
a4:38:47:25:1d:c1:e2:fe:cd:55:b2:8f:e7:63:86:
c1:0c:33:26:d1:b8:66:7a:64:66:f2:59:86:69:97:
df:ef:8d:e0:22:28:03:a5:25:67:d7:a8:56:df:44:
42:37:d2:68:19:81:c2:a5:c3:09:31:c2:12:0b:ef:
a6:7d:17:a4:45:5e:00:16:a1:cb:e5:16:d8:2a:ed:
2c:c6:30:54:80:75:da:75:43:7b:43:21:ae:6a:19:
42:55:57:2e:b9:59:ab:12:5d:71:69:bd:b3:68:18:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A8:92:90:D0:C0:DF:69:4C:13:C8:31:8A:0C:40:89:5E:30:71:16
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/PqiSkNDA32lME8gxigxAiV4wcRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.180.0/24
81.21.0.0/24
81.21.12.0/24
176.57.48.0/24
176.57.54.0/24
176.57.56.0/23
176.57.60.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ab:8e:29:0a:d4:34:f2:9a:be:9a:c1:89:2b:0c:30:52:24:
ef:d2:b6:c8:d8:53:83:84:91:5a:53:a0:8f:2f:9e:1d:e5:39:
88:b1:d5:70:b0:7a:9b:c3:9a:a7:02:c6:43:f5:f5:91:27:12:
49:cf:4d:56:cc:fe:ee:27:a6:46:f9:1a:25:71:10:07:37:0e:
23:15:75:b3:fc:8d:de:0f:bc:10:11:f0:f3:bf:34:8f:b0:54:
86:2f:44:52:f6:60:b9:fc:1d:96:f2:f1:12:23:5c:c9:24:7d:
ed:ff:db:eb:3d:8c:44:b1:5e:8d:3f:15:e4:70:33:37:90:98:
c6:12:d2:45:6a:b8:c3:99:a8:a6:01:8c:87:bf:cd:a0:d4:a8:
31:6c:99:94:36:22:f7:dd:71:41:4c:96:52:15:68:58:57:96:
0c:f0:51:8c:48:14:51:35:f7:1b:5f:57:46:9e:08:78:95:cf:
cd:0a:ec:85:46:d2:a3:ef:64:23:ec:1c:2f:e5:ad:04:6a:c1:
c5:f4:92:de:17:5b:25:5e:55:3c:a3:c2:2e:91:ee:49:ae:8d:
81:5a:ba:44:7b:10:a9:11:68:7a:ae:bc:70:02:b0:b3:0f:e6:
11:b1:ca:fa:0a:b6:c8:d2:15:4d:75:d2:1c:ae:24:9c:97:71:
78:f8:fe:28
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzGt6IfVTAigymt137aj67wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTAxMjAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE4OTI5MGQwYzBkZjY5NGMxM2M4MzE4YTBjNDA4OTVlMzA3MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/tC1SJwT7Bjf92pWqE4yeSkWdkP
sgfrhzrmXzUf5Gkrh7z0rP/jyP3HuXBmd3yQzcfU5ioRjuvRzHXhwUMCbTZek1QK
ISeYPqbgKsl6Q2aNn3si4uaIDjUt8O5mU64e0NXvj/WmuMuL7BpeMUHVFSgJtLsE
vjKTWgxv0PkTKLcMtiqmDZaN+U2Jd2g4p5vRFK2x64ykOEclHcHi/s1Vso/nY4bB
DDMm0bhmemRm8lmGaZff743gIigDpSVn16hW30RCN9JoGYHCpcMJMcISC++mfRek
RV4AFqHL5RbYKu0sxjBUgHXadUN7QyGuahlCVVcuuVmrEl1xab2zaBhpwwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD6okpDQwN9pTBPIMYoMQIleMHEWMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUHFpU2tOREEzMmxNRThneGlneEFpVjR3Y1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPki0AwQA
URUAAwQAURUMAwQAsDkwAwQAsDk2AwQBsDk4AwQAsDk8MA0GCSqGSIb3DQEBCwUA
A4IBAQCOq44pCtQ08pq+msGJKwwwUiTv0rbI2FODhJFaU6CPL54d5TmIsdVwsHqb
w5qnAsZD9fWRJxJJz01WzP7uJ6ZG+RolcRAHNw4jFXWz/I3eD7wQEfDzvzSPsFSG
L0RS9mC5/B2W8vESI1zJJH3t/9vrPYxEsV6NPxXkcDM3kJjGEtJFarjDmaimAYyH
v82g1KgxbJmUNiL33XFBTJZSFWhYV5YM8FGMSBRRNfcbX1dGngh4lc/NCuyFRtKj
72Qj7Bwv5a0EasHF9JLeF1slXlU8o8Iuke5Jro2BWrpEexCpEWh6rrxwArCzD+YR
scr6CrbI0hVNddIcriScl3F4+P4o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org