Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/gVdv76T4rb2IWOrvd1xWG3TCHbs.roa
File: gVdv76T4rb2IWOrvd1xWG3TCHbs.roa (raw, json)
Hash identifier: YYr3KMPn/IJchs9lUOFI3xARHToSAM5jxZgyVdinBdg=
Subject key identifier: 81:57:6F:EF:A4:F8:AD:BD:88:58:EA:EF:77:5C:56:1B:74:C2:1D:BB
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018D3F973A1ABC8401D87CD681E0315637CE
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/gVdv76T4rb2IWOrvd1xWG3TCHbs.roa
Signing time: Thu 25 Jan 2024 07:48:11 +0000
ROA not before: Thu 25 Jan 2024 07:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.188.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
81.21.10.0/23 maxlen: 23
81.21.12.0/22 maxlen: 24
81.21.14.0/23 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 20:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:97:3a:1a:bc:84:01:d8:7c:d6:81:e0:31:56:37:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 25 07:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81576fefa4f8adbd8858eaef775c561b74c21dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:b6:5e:2b:64:2b:b5:63:f7:a9:51:d8:d6:
ee:f6:29:74:a8:3a:d0:d2:13:2b:2c:37:fd:18:9a:
46:02:3c:c4:13:5f:cc:be:e8:21:b5:98:89:7c:4a:
a5:a6:f2:12:cf:86:cb:34:84:6b:d2:78:dc:8c:0f:
b6:f3:c0:45:ef:ed:01:f0:78:7a:91:c3:ce:c5:4a:
dc:ae:ca:61:71:dd:2f:40:71:28:a6:7d:a1:2d:e8:
29:83:db:f6:ab:3e:b7:57:ff:3f:fc:d3:4e:c0:df:
fe:9f:14:40:30:a2:f2:3f:3b:89:2c:f3:90:95:6b:
aa:0d:d8:2d:8e:86:a9:33:6e:bd:58:4d:cf:6b:3c:
4f:f7:0f:eb:c6:9a:30:ae:3e:74:a6:be:67:14:2b:
7b:b9:ca:79:66:98:87:f5:6c:07:50:a9:e1:30:51:
41:d6:fc:05:da:c6:42:34:fd:a5:50:c6:e8:89:5a:
42:e5:52:b2:96:eb:90:53:d4:41:28:96:57:01:7c:
a1:d9:d7:e9:7a:77:5c:eb:b2:8a:4a:34:f3:ac:2d:
29:fb:74:3a:1d:b3:01:21:21:42:fb:0b:98:cc:ab:
33:e6:5d:1b:b3:af:75:04:a5:82:de:d7:cd:fe:38:
99:f5:fb:86:97:6f:f1:ed:c8:d4:0b:1a:7e:8f:fc:
6c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:57:6F:EF:A4:F8:AD:BD:88:58:EA:EF:77:5C:56:1B:74:C2:1D:BB
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/gVdv76T4rb2IWOrvd1xWG3TCHbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.188.0/24
81.21.2.0-81.21.7.255
81.21.10.0-81.21.15.255
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:29:73:2d:e5:b4:9d:f7:33:a7:33:23:a0:e4:3c:e3:ce:7e:
33:7a:78:b1:d1:4c:0a:42:7e:e2:fe:c7:f0:4f:e2:c0:14:c1:
3b:fb:4e:ad:64:2f:19:54:f5:bf:c4:55:01:77:24:1d:f8:7b:
f7:0f:c4:f2:ac:cd:a3:3d:ee:47:c8:2e:92:c4:d7:ee:4a:a4:
31:2a:e2:0b:b7:43:47:12:fb:67:af:80:78:af:a2:4f:de:30:
26:17:fd:66:8d:4c:ae:78:df:11:01:8d:48:a3:70:70:f7:a0:
94:29:ab:45:b5:d9:1f:5c:01:cd:d3:ae:71:49:f5:3b:79:19:
da:1f:5a:55:40:ad:15:8b:3b:c5:6c:6d:c7:2d:4d:33:53:0a:
a6:51:28:6e:0c:b9:04:64:3f:7f:d9:49:9c:43:e7:32:ef:ca:
96:8d:de:e2:2c:56:9e:d1:a2:42:63:ae:c0:90:57:d3:99:55:
57:d9:34:32:b4:30:11:40:d9:1c:f1:47:a4:ab:2e:0c:d0:1f:
28:4d:89:ed:1f:5c:c4:70:76:50:8e:df:92:c2:7d:86:a2:a6:
fc:2d:11:a2:3d:d1:16:3c:c4:4a:c7:cf:d7:76:fc:36:2e:73:
cf:36:96:d2:c2:08:82:1d:3e:8f:5e:00:78:4a:8d:a4:a8:63:
c3:a9:8d:cb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY0/lzoavIQB2HzWgeAxVjfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTI1MDc0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTU3NmZlZmE0ZjhhZGJkODg1OGVhZWY3NzVjNTYxYjc0YzIxZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupK2XitkK7Vj96lR2Nbu9il0qDrQ
0hMrLDf9GJpGAjzEE1/MvughtZiJfEqlpvISz4bLNIRr0njcjA+288BF7+0B8Hh6
kcPOxUrcrsphcd0vQHEopn2hLegpg9v2qz63V/8//NNOwN/+nxRAMKLyPzuJLPOQ
lWuqDdgtjoapM269WE3PazxP9w/rxpowrj50pr5nFCt7ucp5ZpiH9WwHUKnhMFFB
1vwF2sZCNP2lUMboiVpC5VKyluuQU9RBKJZXAXyh2dfpendc67KKSjTzrC0p+3Q6
HbMBISFC+wuYzKsz5l0bs691BKWC3tfN/jiZ9fuGl2/x7cjUCxp+j/xspQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIFXb++k+K29iFjq73dcVht0wh27MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvZ1Zkdjc2VDRyYjJJV09ydmQxeFdHM1RDSGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBAE+SKID
BAM+SKADBAA+SLwwDAMEAVEVAgMEA1EVADAMAwQBURUKAwQEURUAAwQAsDk/MA0G
CSqGSIb3DQEBCwUAA4IBAQCMKXMt5bSd9zOnMyOg5Dzjzn4zenix0UwKQn7i/sfw
T+LAFME7+06tZC8ZVPW/xFUBdyQd+Hv3D8TyrM2jPe5HyC6SxNfuSqQxKuILt0NH
Evtnr4B4r6JP3jAmF/1mjUyueN8RAY1Io3Bw96CUKatFtdkfXAHN065xSfU7eRna
H1pVQK0VizvFbG3HLU0zUwqmUShuDLkEZD9/2UmcQ+cy78qWjd7iLFae0aJCY67A
kFfTmVVX2TQytDARQNkc8Uekqy4M0B8oTYntH1zEcHZQjt+Swn2Goqb8LRGiPdEW
PMRKx8/Xdvw2LnPPNpbSwgiCHT6PXgB4So2kqGPDqY3L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org