Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/f1Y7cu2DPR0cpf-eE8kBFI1eHtg.roa
File: f1Y7cu2DPR0cpf-eE8kBFI1eHtg.roa (raw, json)
Hash identifier: bOKlMidyU9jhVWd1djtWCCxwCqn2FflSovP/TDMYakA=
Subject key identifier: 7F:56:3B:72:ED:83:3D:1D:1C:A5:FF:9E:13:C9:01:14:8D:5E:1E:D8
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018DCBE96B0D52CDED7FCBCEB7BE41738A83
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/f1Y7cu2DPR0cpf-eE8kBFI1eHtg.roa
Signing time: Wed 21 Feb 2024 13:44:48 +0000
ROA not before: Wed 21 Feb 2024 13:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.189.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
81.21.10.0/23 maxlen: 23
81.21.12.0/22 maxlen: 24
81.21.14.0/23 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 07:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:e9:6b:0d:52:cd:ed:7f:cb:ce:b7:be:41:73:8a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Feb 21 13:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f563b72ed833d1d1ca5ff9e13c901148d5e1ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6b:6e:07:4e:43:df:64:eb:8a:a2:a0:c3:d8:
d0:3b:ad:ac:96:f9:f5:36:ff:2a:05:09:27:71:e1:
24:7a:62:dd:9f:c1:df:b4:eb:b0:e2:50:52:d9:fa:
ea:cc:4e:be:81:de:57:df:fe:d6:fb:4d:83:0c:52:
20:cc:53:07:fd:50:4f:fc:a1:c8:0a:a5:3c:d5:b2:
96:10:3a:09:95:87:1c:66:ec:41:36:49:fa:30:71:
d2:b1:79:fe:5e:b8:f5:31:49:9f:ef:65:f3:1c:c5:
d5:30:a7:8e:25:c9:c7:57:8e:c3:47:50:5a:b8:60:
69:3b:9b:33:e9:9e:8d:b5:5d:86:4e:44:96:b3:d6:
b3:f6:8a:1d:1f:0a:8f:e8:c4:ef:ce:24:df:99:8f:
c7:00:80:cf:1c:1c:3a:16:11:97:9a:60:4f:76:df:
a2:73:c1:e4:72:84:d1:03:81:5e:ee:f5:90:a2:d1:
50:21:7a:98:4d:55:19:d5:45:29:11:14:65:cd:84:
54:13:1f:5c:26:82:a8:63:f3:d7:cc:86:55:3a:d2:
17:67:96:50:45:59:68:0c:af:71:93:33:b2:2d:1e:
04:8e:f6:3b:f5:68:1b:c8:8f:97:ed:6c:ad:c3:23:
b2:94:59:d7:e0:41:96:b6:17:b8:50:8e:fd:f3:aa:
b9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:56:3B:72:ED:83:3D:1D:1C:A5:FF:9E:13:C9:01:14:8D:5E:1E:D8
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/f1Y7cu2DPR0cpf-eE8kBFI1eHtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.189.0/24
81.21.2.0-81.21.7.255
81.21.10.0-81.21.15.255
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:77:2d:d9:a9:b3:33:04:9a:a6:62:d4:a2:82:0d:f7:0b:3f:
ad:53:5e:cc:79:16:e7:60:fc:b8:27:a0:b6:d8:3b:5f:ab:66:
60:87:da:36:7b:86:29:b3:4d:02:a9:bd:21:63:2c:ff:6f:ff:
e5:07:83:ed:75:c6:a4:ba:ed:55:1a:fe:db:37:07:11:14:ea:
73:33:8f:29:28:ab:c6:0b:c9:73:92:8b:81:95:4e:bc:13:d6:
12:8c:c5:8b:eb:39:d8:50:7e:c9:0d:68:35:c6:41:58:6a:e2:
b3:4c:c9:6b:07:6c:3b:02:85:26:a4:97:16:dc:3f:0f:11:e7:
23:6e:fc:d3:0a:a6:68:ea:54:e2:a1:8a:92:94:9c:0b:7e:d4:
c8:ef:9c:13:c4:11:ba:49:2c:83:6e:64:a4:84:db:40:69:0f:
8d:59:56:69:33:fb:05:04:d1:48:6a:69:ff:a3:fb:42:04:a8:
9b:ff:ed:6a:78:3d:b3:ea:ef:56:85:cb:6c:21:f0:cf:71:91:
a1:56:a5:93:55:e2:08:ca:22:80:5e:f1:1b:5e:54:79:fb:40:
99:a3:3d:7a:4f:34:b7:a2:14:5b:9f:56:5a:2e:6a:e7:57:fb:
b9:22:ac:36:5d:f9:e5:5c:a0:58:23:b1:50:db:81:01:23:98:
94:23:d2:c7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY3L6WsNUs3tf8vOt75Bc4qDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMjIxMTM0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjU2M2I3MmVkODMzZDFkMWNhNWZmOWUxM2M5MDExNDhkNWUxZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmtuB05D32TriqKgw9jQO62slvn1
Nv8qBQknceEkemLdn8HftOuw4lBS2frqzE6+gd5X3/7W+02DDFIgzFMH/VBP/KHI
CqU81bKWEDoJlYccZuxBNkn6MHHSsXn+Xrj1MUmf72XzHMXVMKeOJcnHV47DR1Ba
uGBpO5sz6Z6NtV2GTkSWs9az9oodHwqP6MTvziTfmY/HAIDPHBw6FhGXmmBPdt+i
c8HkcoTRA4Fe7vWQotFQIXqYTVUZ1UUpERRlzYRUEx9cJoKoY/PXzIZVOtIXZ5ZQ
RVloDK9xkzOyLR4EjvY79WgbyI+X7WytwyOylFnX4EGWthe4UI7986q5OQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFH9WO3Ltgz0dHKX/nhPJARSNXh7YMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvZjFZN2N1MkRQUjBjcGYtZUU4a0JGSTFlSHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBAE+SKID
BAM+SKADBAA+SL0wDAMEAVEVAgMEA1EVADAMAwQBURUKAwQEURUAAwQAsDk/MA0G
CSqGSIb3DQEBCwUAA4IBAQC3dy3ZqbMzBJqmYtSigg33Cz+tU17MeRbnYPy4J6C2
2Dtfq2Zgh9o2e4Yps00Cqb0hYyz/b//lB4Ptdcakuu1VGv7bNwcRFOpzM48pKKvG
C8lzkouBlU68E9YSjMWL6znYUH7JDWg1xkFYauKzTMlrB2w7AoUmpJcW3D8PEecj
bvzTCqZo6lTioYqSlJwLftTI75wTxBG6SSyDbmSkhNtAaQ+NWVZpM/sFBNFIamn/
o/tCBKib/+1qeD2z6u9WhctsIfDPcZGhVqWTVeIIyiKAXvEbXlR5+0CZoz16TzS3
ohRbn1ZaLmrnV/u5Iqw2XfnlXKBYI7FQ24EBI5iUI9LH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org