Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/cEEBmlw5YP_hp8CAjzXZsBaPx_g.roa
File: cEEBmlw5YP_hp8CAjzXZsBaPx_g.roa (raw, json)
Hash identifier: LM3aqHL312QdKfS3ug6qOubdz3qjfDLAlQ47/YgGpK0=
Subject key identifier: 70:41:01:9A:5C:39:60:FF:E1:A7:C0:80:8F:35:D9:B0:16:8F:C7:F8
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018CCF5D9E34A1190667A7C55B577B5021F2
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/cEEBmlw5YP_hp8CAjzXZsBaPx_g.roa
Signing time: Wed 03 Jan 2024 12:47:48 +0000
ROA not before: Wed 03 Jan 2024 12:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.191.0/24 maxlen: 24
176.57.58.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.59.0/24 maxlen: 24
81.21.10.0/23 maxlen: 23
176.57.63.0/24 maxlen: 24
81.21.12.0/22 maxlen: 24
81.21.14.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 09:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:5d:9e:34:a1:19:06:67:a7:c5:5b:57:7b:50:21:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 3 12:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7041019a5c3960ffe1a7c0808f35d9b0168fc7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:43:ca:9d:67:0e:d4:4e:a9:64:83:9f:52:52:
1f:a6:f8:f5:6b:97:cc:95:8a:a2:31:ea:9d:86:08:
80:f6:c5:cf:6c:b1:83:96:3e:62:73:f5:f8:54:f3:
d3:73:b6:80:76:40:41:e0:4a:c5:4d:f7:b1:9c:fd:
04:a1:ad:0f:ab:71:0e:21:a6:7b:3c:ac:70:a4:b1:
b3:52:6d:27:c1:64:35:3c:bd:9e:fa:4f:76:9c:f5:
c2:f0:1f:04:9e:52:82:4c:1f:de:c8:54:69:9f:8c:
e0:03:51:64:b8:69:35:94:1e:55:05:9f:0e:70:c8:
94:47:b6:5b:c7:01:3c:ce:e0:63:fa:d3:51:58:ea:
6e:6a:03:bb:da:f6:81:e5:fb:cb:33:8d:7b:0d:ab:
1f:a5:ee:74:44:b0:f6:b0:45:76:12:18:8d:28:ff:
9a:c2:be:aa:17:46:69:6e:49:54:3b:e0:f1:20:99:
6f:18:5e:b0:e2:1c:8b:3b:90:fd:ab:c2:40:7d:d7:
c3:9c:34:85:ea:6a:56:56:bf:40:ea:d9:92:ec:fa:
fa:0a:2f:cb:10:1a:d7:05:d8:dd:e9:f3:2c:e7:2a:
34:fb:26:ad:f7:b8:26:d6:0e:9f:43:3f:64:02:4e:
34:c4:e2:f2:fa:b4:7e:9c:60:36:4a:26:43:84:d1:
71:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:41:01:9A:5C:39:60:FF:E1:A7:C0:80:8F:35:D9:B0:16:8F:C7:F8
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/cEEBmlw5YP_hp8CAjzXZsBaPx_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.191.0/24
81.21.2.0-81.21.7.255
81.21.10.0-81.21.15.255
176.57.58.0/23
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:80:0d:98:10:46:fe:a1:b3:4d:db:d8:fe:da:06:58:ec:d9:
a2:92:0f:e5:86:f7:c2:d8:60:d4:c2:80:de:6b:a2:15:ec:00:
35:4e:3a:17:5d:1f:92:f7:0b:1b:20:4c:43:52:49:39:d1:4a:
cc:b8:28:e3:f3:f1:90:19:a5:3b:08:19:a1:62:e2:d8:48:aa:
61:05:b6:1b:5f:08:95:2d:f2:4a:cc:fb:9c:47:3f:c9:31:63:
83:cf:36:47:a0:20:e6:5d:d5:4f:5d:1e:71:7f:fe:79:6d:50:
01:0e:7c:d4:82:a6:53:15:10:ab:b2:db:cc:27:c2:d8:55:82:
f2:a5:01:f5:38:f5:f3:a7:65:9e:98:0b:0e:5e:e1:1e:f4:08:
9c:b0:89:76:cb:ca:d9:8b:e8:4d:09:fa:2a:e0:ee:37:33:05:
dd:2c:f7:ef:eb:6e:8d:01:c4:b4:00:f9:14:d8:02:52:d0:5c:
f7:3f:a5:4b:4c:90:59:c4:a3:6c:c8:3e:0e:07:64:b6:1b:71:
7a:ec:e8:c0:ae:4b:80:59:e0:7d:5f:31:60:bf:88:d6:6c:4b:
f0:0f:6c:55:5e:20:12:78:e4:9a:5d:07:e8:f0:55:ee:a2:9b:
1c:3b:c6:72:3a:2a:85:ef:6f:cb:2d:ca:41:36:8f:1c:46:73:
53:d0:a3:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzPXZ40oRkGZ6fFW1d7UCHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTAzMTI0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQxMDE5YTVjMzk2MGZmZTFhN2MwODA4ZjM1ZDliMDE2OGZjN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkPKnWcO1E6pZIOfUlIfpvj1a5fM
lYqiMeqdhgiA9sXPbLGDlj5ic/X4VPPTc7aAdkBB4ErFTfexnP0Eoa0Pq3EOIaZ7
PKxwpLGzUm0nwWQ1PL2e+k92nPXC8B8EnlKCTB/eyFRpn4zgA1FkuGk1lB5VBZ8O
cMiUR7ZbxwE8zuBj+tNRWOpuagO72vaB5fvLM417Dasfpe50RLD2sEV2EhiNKP+a
wr6qF0ZpbklUO+DxIJlvGF6w4hyLO5D9q8JAfdfDnDSF6mpWVr9A6tmS7Pr6Ci/L
EBrXBdjd6fMs5yo0+yat97gm1g6fQz9kAk40xOLy+rR+nGA2SiZDhNFxewIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHBBAZpcOWD/4afAgI812bAWj8f4MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvY0VFQm1sdzVZUF9ocDhDQWp6WFpzQmFQeF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAE+SKID
BAM+SKADBAA+SL8wDAMEAVEVAgMEA1EVADAMAwQBURUKAwQEURUAAwQBsDk6AwQA
sDk/MA0GCSqGSIb3DQEBCwUAA4IBAQC6gA2YEEb+obNN29j+2gZY7Nmikg/lhvfC
2GDUwoDea6IV7AA1TjoXXR+S9wsbIExDUkk50UrMuCjj8/GQGaU7CBmhYuLYSKph
BbYbXwiVLfJKzPucRz/JMWODzzZHoCDmXdVPXR5xf/55bVABDnzUgqZTFRCrstvM
J8LYVYLypQH1OPXzp2WemAsOXuEe9AicsIl2y8rZi+hNCfoq4O43MwXdLPfv626N
AcS0APkU2AJS0Fz3P6VLTJBZxKNsyD4OB2S2G3F67OjArkuAWeB9XzFgv4jWbEvw
D2xVXiASeOSaXQfo8FXuopscO8ZyOiqF72/LLcpBNo8cRnNT0KMx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org