Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/SUTjg4W8OcPlD0I0E7ny3bTuKiI.roa
File: SUTjg4W8OcPlD0I0E7ny3bTuKiI.roa (raw, json)
Hash identifier: ogUwPg4C25Ep97Q7RgbykoXVNmD1Wp/gMm3G9/Wl8TQ=
Subject key identifier: 49:44:E3:83:85:BC:39:C3:E5:0F:42:34:13:B9:F2:DD:B4:EE:2A:22
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01874B1F4A26178D085DB34B55667DDF9069
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/SUTjg4W8OcPlD0I0E7ny3bTuKiI.roa
Signing time: Tue 04 Apr 2023 07:15:54 +0000
ROA not before: Tue 04 Apr 2023 07:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 62.72.164.0/24 maxlen: 24
62.72.163.0/24 maxlen: 24
62.72.160.0/24 maxlen: 24
62.72.161.0/24 maxlen: 24
62.72.169.0/24 maxlen: 24
62.72.168.0/24 maxlen: 24
62.72.176.0/24 maxlen: 24
62.72.183.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
62.72.190.0/24 maxlen: 24
176.57.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 09:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:1f:4a:26:17:8d:08:5d:b3:4b:55:66:7d:df:90:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Apr 4 07:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4944e38385bc39c3e50f423413b9f2ddb4ee2a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:20:47:76:cc:d5:11:0d:0f:66:5b:42:af:74:
86:52:38:a5:0a:e7:38:03:c1:7d:2e:ec:b0:e9:5a:
78:8d:f3:36:b7:47:13:f4:08:d5:66:07:a0:a9:6a:
ac:7a:a1:bf:00:9a:1b:4a:23:f1:fa:62:e2:e5:ba:
cc:7a:ae:94:e0:52:df:44:94:78:8c:13:aa:db:7e:
50:c3:cf:62:38:5c:c0:e1:9e:5f:c5:2c:5b:a5:9e:
40:09:8e:a9:5f:02:f7:f1:e3:7f:c1:fd:c9:ec:77:
fb:57:15:81:7e:21:5d:6c:1e:9e:80:8c:e7:66:90:
ce:33:b1:9d:63:02:67:22:9f:c7:f7:3d:95:30:e6:
a2:ec:02:72:01:04:b9:25:6e:8b:a6:96:9a:51:85:
90:6e:21:35:d6:af:c9:e8:03:52:89:61:31:77:5a:
67:b6:b4:d9:a3:09:d8:52:db:bb:02:f0:ab:03:0d:
67:3b:46:a3:79:6d:11:78:33:15:94:f4:b4:21:07:
ec:64:42:c1:a1:fb:fb:a4:a1:47:1a:97:82:f2:86:
7b:9e:ce:5e:51:7f:28:de:7c:db:fe:b3:71:20:13:
0c:fc:cf:76:cf:61:4f:a8:5a:b6:6a:fd:d4:bd:82:
cf:8d:6b:8a:3b:1d:84:d0:59:33:f8:54:37:54:b0:
e7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:44:E3:83:85:BC:39:C3:E5:0F:42:34:13:B9:F2:DD:B4:EE:2A:22
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/SUTjg4W8OcPlD0I0E7ny3bTuKiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.160.0/23
62.72.163.0-62.72.164.255
62.72.168.0/23
62.72.176.0/24
62.72.183.0-62.72.184.255
62.72.190.0/24
176.57.62.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:84:8e:aa:ac:91:25:9c:95:ca:13:29:6a:d0:cf:77:0e:af:
13:37:32:5a:b2:cf:e3:5a:c3:36:1e:41:5f:35:35:e1:46:d8:
e5:5f:20:fa:95:48:9f:ef:d7:e7:3f:3e:07:5e:f7:ea:c0:9b:
f5:3a:04:49:9a:af:89:31:f1:e2:4d:98:2e:b2:40:67:4d:2b:
53:78:60:10:f3:61:7e:d8:72:98:d9:3f:8f:09:a3:95:6a:19:
57:06:bd:b8:78:83:a6:07:40:01:fa:64:4d:ad:e8:0b:47:86:
33:36:2f:d6:27:b7:5a:30:2f:c3:b7:b2:0b:97:ac:fe:24:65:
33:b7:5f:1c:44:cd:07:b6:c7:e5:38:d4:e6:e8:1f:d2:ab:f8:
19:9d:f0:fe:0c:55:f7:6c:25:62:5a:92:fa:68:86:da:51:56:
3e:8c:03:68:25:9e:20:86:2e:36:85:68:e5:0d:db:be:ad:77:
fd:87:ee:02:55:2b:28:40:92:3a:c9:72:af:4a:a4:72:94:16:
76:6d:e6:5a:4c:4b:6a:cf:8e:09:fd:68:58:e3:1b:5b:00:8b:
eb:b7:d7:0a:11:52:da:dc:9d:0c:8c:e3:91:d4:8e:7e:cf:07:
56:7e:f2:d4:bc:49:fe:03:5d:5c:d1:25:ed:0f:90:a2:07:dc:
04:78:3a:62
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYdLH0omF40IXbNLVWZ935BpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNDA0MDcxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQ0ZTM4Mzg1YmMzOWMzZTUwZjQyMzQxM2I5ZjJkZGI0ZWUyYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiBHdszVEQ0PZltCr3SGUjilCuc4
A8F9Luyw6Vp4jfM2t0cT9AjVZgegqWqseqG/AJobSiPx+mLi5brMeq6U4FLfRJR4
jBOq235Qw89iOFzA4Z5fxSxbpZ5ACY6pXwL38eN/wf3J7Hf7VxWBfiFdbB6egIzn
ZpDOM7GdYwJnIp/H9z2VMOai7AJyAQS5JW6LppaaUYWQbiE11q/J6ANSiWExd1pn
trTZownYUtu7AvCrAw1nO0ajeW0ReDMVlPS0IQfsZELBofv7pKFHGpeC8oZ7ns5e
UX8o3nzb/rNxIBMM/M92z2FPqFq2av3UvYLPjWuKOx2E0Fkz+FQ3VLDnYwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFElE44OFvDnD5Q9CNBO58t207ioiMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvU1VUamc0VzhPY1BsRDBJMEU3bnkzYlR1S2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQBPkigMAwD
BAA+SKMDBAA+SKQDBAE+SKgDBAA+SLAwDAMEAD5ItwMEAD5IuAMEAD5IvgMEALA5
PjANBgkqhkiG9w0BAQsFAAOCAQEAvISOqqyRJZyVyhMpatDPdw6vEzcyWrLP41rD
Nh5BXzU14UbY5V8g+pVIn+/X5z8+B1736sCb9ToESZqviTHx4k2YLrJAZ00rU3hg
EPNhfthymNk/jwmjlWoZVwa9uHiDpgdAAfpkTa3oC0eGMzYv1ie3WjAvw7eyC5es
/iRlM7dfHETNB7bH5TjU5ugf0qv4GZ3w/gxV92wlYlqS+miG2lFWPowDaCWeIIYu
NoVo5Q3bvq13/YfuAlUrKECSOslyr0qkcpQWdm3mWkxLas+OCf1oWOMbWwCL67fX
ChFS2tydDIzjkdSOfs8HVn7y1LxJ/gNdXNEl7Q+QogfcBHg6Yg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org