Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/qkIjjKrpGG3icsVCD-Ui9ajhP8Y.roa
File: qkIjjKrpGG3icsVCD-Ui9ajhP8Y.roa (raw, json)
Hash identifier: xtlThSK1ytsWZqjvp0GYf3w1XWKgTFqh0F3HmrBsw7c=
Subject key identifier: AA:42:23:8C:AA:E9:18:6D:E2:72:C5:42:0F:E5:22:F5:A8:E1:3F:C6
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018DCFC7196D1B0B206298F0C19560AD5B43
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/qkIjjKrpGG3icsVCD-Ui9ajhP8Y.roa
Signing time: Thu 22 Feb 2024 07:45:48 +0000
ROA not before: Thu 22 Feb 2024 07:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.189.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
81.21.10.0/23 maxlen: 23
81.21.12.0/22 maxlen: 24
81.21.14.0/23 maxlen: 24
176.57.58.0/24 maxlen: 24
176.57.59.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 13:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:c7:19:6d:1b:0b:20:62:98:f0:c1:95:60:ad:5b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Feb 22 07:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa42238caae9186de272c5420fe522f5a8e13fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ce:27:1c:ac:7a:8b:01:df:4a:1b:5b:8d:b0:
1b:cd:75:85:98:df:d6:a2:51:ea:c2:03:ec:41:0a:
3e:42:1a:34:0b:2c:cf:6b:ef:ef:c5:9b:7c:61:81:
74:6d:bf:ed:7e:c9:8d:d5:09:49:18:da:da:60:51:
1e:c4:af:d5:bb:34:48:db:47:cf:d3:d6:4d:b9:9b:
4c:88:ed:d9:01:15:0f:42:c6:88:04:5d:a8:2c:90:
b7:cc:a1:8e:40:b0:0e:a3:5c:dc:c1:9f:c2:64:d9:
df:7b:ba:f3:22:36:ed:1c:5d:f3:49:ea:9e:68:3d:
69:6f:67:50:46:3c:5a:e8:b6:79:d6:19:23:2b:6e:
a3:0f:2d:6c:1b:15:13:d1:ee:5b:0c:8f:be:2f:69:
72:3d:ff:6d:92:ef:cf:29:01:43:a0:2b:ff:97:b3:
fd:af:c5:83:01:08:ec:1f:90:2e:de:77:0c:4b:e4:
e4:67:bd:5e:73:64:32:81:f4:f1:48:5f:dc:40:8f:
21:5d:c8:5f:e5:40:2a:95:17:59:20:c4:70:36:fb:
e5:1a:4b:26:32:de:9b:4e:25:f7:ba:b9:cc:fa:90:
bb:59:4f:ba:74:ef:bc:fd:c6:24:05:b6:3e:fd:62:
18:c8:44:ec:5a:20:c0:46:22:61:2d:49:b4:00:71:
d4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:42:23:8C:AA:E9:18:6D:E2:72:C5:42:0F:E5:22:F5:A8:E1:3F:C6
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/qkIjjKrpGG3icsVCD-Ui9ajhP8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.189.0/24
81.21.2.0-81.21.7.255
81.21.10.0-81.21.15.255
176.57.58.0/23
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:96:fd:8c:74:e7:20:da:df:43:9d:50:99:80:dc:a6:fe:33:
ad:63:88:b3:e2:f1:df:39:d8:f9:3c:e2:49:91:4e:2a:fa:32:
10:ce:bf:d6:d7:c0:1d:46:98:2c:83:b8:6e:16:bd:59:0a:4e:
8d:8e:11:aa:44:3e:9d:76:13:18:61:10:3b:84:62:39:aa:5b:
8a:f5:b5:c2:4b:68:e4:98:ef:f9:67:b1:41:af:06:c9:ed:61:
e3:28:d5:31:76:2d:e6:0b:74:08:35:01:aa:2d:55:d6:ac:ca:
53:68:31:3a:f5:1b:13:4d:d0:23:e6:00:1c:b1:10:88:73:02:
c9:30:0a:53:16:45:53:e0:9f:b3:a9:a4:14:e0:cb:10:d1:3f:
76:b8:46:f4:54:57:61:be:e2:72:1d:f5:fb:a1:e1:7c:06:53:
1a:bf:10:31:60:fd:46:8d:cc:9d:fe:e0:af:54:72:83:0e:ca:
02:82:40:08:a4:06:45:c8:64:ba:a0:98:b5:6c:e4:8c:c6:2a:
ca:85:db:2e:f8:f8:b6:a2:ea:2b:77:2a:d5:60:02:46:6f:7a:
32:74:74:a2:46:fd:d9:14:71:f0:9e:5d:b8:ef:0d:d7:2d:43:
93:4e:af:02:c4:96:8f:94:8a:2f:57:1f:cc:75:c5:2d:09:94:
2d:c1:a3:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3PxxltGwsgYpjwwZVgrVtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMjIyMDc0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQyMjM4Y2FhZTkxODZkZTI3MmM1NDIwZmU1MjJmNWE4ZTEzZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc4nHKx6iwHfShtbjbAbzXWFmN/W
olHqwgPsQQo+Qho0CyzPa+/vxZt8YYF0bb/tfsmN1QlJGNraYFEexK/VuzRI20fP
09ZNuZtMiO3ZARUPQsaIBF2oLJC3zKGOQLAOo1zcwZ/CZNnfe7rzIjbtHF3zSeqe
aD1pb2dQRjxa6LZ51hkjK26jDy1sGxUT0e5bDI++L2lyPf9tku/PKQFDoCv/l7P9
r8WDAQjsH5Au3ncMS+TkZ71ec2QygfTxSF/cQI8hXchf5UAqlRdZIMRwNvvlGksm
Mt6bTiX3urnM+pC7WU+6dO+8/cYkBbY+/WIYyETsWiDARiJhLUm0AHHUrQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKpCI4yq6Rht4nLFQg/lIvWo4T/GMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvcWtJampLcnBHRzNpY3NWQ0QtVWk5YWpoUDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAE+SKID
BAM+SKADBAA+SL0wDAMEAVEVAgMEA1EVADAMAwQBURUKAwQEURUAAwQBsDk6AwQA
sDk/MA0GCSqGSIb3DQEBCwUAA4IBAQBLlv2MdOcg2t9DnVCZgNym/jOtY4iz4vHf
Odj5POJJkU4q+jIQzr/W18AdRpgsg7huFr1ZCk6NjhGqRD6ddhMYYRA7hGI5qluK
9bXCS2jkmO/5Z7FBrwbJ7WHjKNUxdi3mC3QINQGqLVXWrMpTaDE69RsTTdAj5gAc
sRCIcwLJMApTFkVT4J+zqaQU4MsQ0T92uEb0VFdhvuJyHfX7oeF8BlMavxAxYP1G
jcyd/uCvVHKDDsoCgkAIpAZFyGS6oJi1bOSMxirKhdsu+Pi2ouordyrVYAJGb3oy
dHSiRv3ZFHHwnl247w3XLUOTTq8CxJaPlIovVx/MdcUtCZQtwaO1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org