Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nbYDTEQVSnYfQl-hq8Osl6ckMCg.roa
File: nbYDTEQVSnYfQl-hq8Osl6ckMCg.roa (raw, json)
Hash identifier: ATwuXpKPh3MFekTkltrUzqR7J4tSXbAOA24SEhpnBc0=
Subject key identifier: 9D:B6:03:4C:44:15:4A:76:1F:42:5F:A1:AB:C3:AC:97:A7:24:30:28
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0187DB09772C5C9C3E6EFAF1FEE93626516F
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nbYDTEQVSnYfQl-hq8Osl6ckMCg.roa
Signing time: Tue 02 May 2023 05:57:23 +0000
ROA not before: Tue 02 May 2023 05:57:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 62.72.165.0/24 maxlen: 24
62.72.166.0/24 maxlen: 24
62.72.167.0/24 maxlen: 24
62.72.179.0/24 maxlen: 24
62.72.182.0/24 maxlen: 24
62.72.181.0/24 maxlen: 24
62.72.189.0/24 maxlen: 24
62.72.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Jun 2023 11:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:09:77:2c:5c:9c:3e:6e:fa:f1:fe:e9:36:26:51:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: May 2 05:57:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9db6034c44154a761f425fa1abc3ac97a7243028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:04:66:67:7c:fb:bb:66:4c:97:78:42:26:c8:
80:c3:7e:1d:34:24:00:0a:b8:a1:a8:7b:e4:e3:c6:
b0:9e:ce:30:c7:b3:3f:c0:d5:0d:50:1f:6d:e6:3b:
96:9c:9c:c1:97:e3:91:cf:bf:44:24:37:ac:8e:f5:
68:d5:9f:4c:19:e9:09:55:86:a3:d1:f6:90:f0:c1:
f9:19:b3:13:36:bc:f3:bb:1d:60:d4:b7:71:36:e7:
33:a0:b5:c9:40:8f:e1:da:5b:c4:61:ce:c0:4d:25:
e7:55:f0:21:a3:42:76:a5:52:2e:1a:4a:4c:79:8c:
07:23:df:27:eb:a7:87:f8:86:89:46:56:20:9a:ef:
fe:d1:ba:91:33:90:c7:82:a7:e5:1e:09:f3:15:46:
ac:57:34:ec:d1:1b:72:74:a0:eb:a1:05:ba:c2:a0:
2c:46:82:45:82:71:6b:bb:ba:de:3c:51:17:58:57:
d5:e4:48:ad:d4:b5:e9:99:d7:53:6b:88:bb:c1:73:
37:6b:93:98:29:98:af:d1:7c:bf:66:1a:ff:11:98:
b7:81:fc:c0:a6:27:10:dd:41:4d:11:e1:e8:a3:20:
e6:a8:dc:7b:84:d7:ff:e3:3b:b9:be:1f:ee:25:6e:
23:5e:30:bb:72:61:0a:10:e7:31:74:4a:7e:7b:36:
d2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B6:03:4C:44:15:4A:76:1F:42:5F:A1:AB:C3:AC:97:A7:24:30:28
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nbYDTEQVSnYfQl-hq8Osl6ckMCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.165.0-62.72.167.255
62.72.179.0/24
62.72.181.0-62.72.182.255
62.72.188.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:a9:c5:0b:d3:a2:f8:31:5f:5b:bb:98:da:7a:96:ab:1a:98:
08:6e:26:8e:1c:a9:03:24:43:de:0a:e0:3d:b3:83:73:4e:f9:
76:d6:f0:9b:fb:91:c8:26:cc:a9:1a:4a:d3:4c:40:b3:7e:3d:
26:1d:cb:d4:bf:29:d3:d3:82:18:0b:fa:ed:c3:65:d3:6a:a2:
67:cf:28:8b:60:c8:b9:a1:e3:d7:ba:93:29:0f:90:8d:d1:c7:
a2:1c:4f:49:4c:c5:45:da:37:d8:29:88:e1:8c:4a:74:c6:c7:
1a:6d:21:ec:cc:8d:d4:0c:e4:9b:2c:ed:c2:00:5c:fc:b7:9c:
92:56:d3:e4:8f:8a:19:a8:fb:11:c5:6c:75:c4:99:2a:1d:82:
64:5d:1b:d1:4c:5b:27:2b:37:87:db:57:aa:a0:99:c3:f0:4f:
82:e9:87:e8:24:93:e7:7a:41:4e:7d:bd:6d:8a:a3:2b:70:2d:
24:66:78:93:88:24:b7:34:12:13:d7:4b:4c:f3:8a:3a:9f:e4:
4c:6a:96:1f:1a:ee:2b:de:70:fc:85:a0:82:15:f4:2a:fd:a3:
b7:05:8d:87:6d:2c:cf:92:52:5d:09:cd:85:83:5a:96:b5:f6:
97:aa:79:0b:b9:88:64:39:ca:f3:7c:6b:e5:87:e6:a2:2b:6f:
00:48:76:89
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYfbCXcsXJw+bvrx/uk2JlFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNTAyMDU1NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI2MDM0YzQ0MTU0YTc2MWY0MjVmYTFhYmMzYWM5N2E3MjQzMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QRmZ3z7u2ZMl3hCJsiAw34dNCQA
CrihqHvk48awns4wx7M/wNUNUB9t5juWnJzBl+ORz79EJDesjvVo1Z9MGekJVYaj
0faQ8MH5GbMTNrzzux1g1LdxNuczoLXJQI/h2lvEYc7ATSXnVfAho0J2pVIuGkpM
eYwHI98n66eH+IaJRlYgmu/+0bqRM5DHgqflHgnzFUasVzTs0RtydKDroQW6wqAs
RoJFgnFru7rePFEXWFfV5Eit1LXpmddTa4i7wXM3a5OYKZiv0Xy/Zhr/EZi3gfzA
picQ3UFNEeHooyDmqNx7hNf/4zu5vh/uJW4jXjC7cmEKEOcxdEp+ezbS1QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJ22A0xEFUp2H0JfoavDrJenJDAoMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvbmJZRFRFUVZTbllmUWwtaHE4T3NsNmNrTUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAA+SKUD
BAM+SKADBAA+SLMwDAMEAD5ItQMEAD5ItgMEAT5IvDANBgkqhkiG9w0BAQsFAAOC
AQEAxqnFC9Oi+DFfW7uY2nqWqxqYCG4mjhypAyRD3grgPbODc075dtbwm/uRyCbM
qRpK00xAs349Jh3L1L8p09OCGAv67cNl02qiZ88oi2DIuaHj17qTKQ+QjdHHohxP
SUzFRdo32CmI4YxKdMbHGm0h7MyN1AzkmyztwgBc/LecklbT5I+KGaj7EcVsdcSZ
Kh2CZF0b0UxbJys3h9tXqqCZw/BPgumH6CST53pBTn29bYqjK3AtJGZ4k4gktzQS
E9dLTPOKOp/kTGqWHxruK95w/IWgghX0Kv2jtwWNh20sz5JSXQnNhYNalrX2l6p5
C7mIZDnK83xr5YfmoitvAEh2iQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org