Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/zJ-D7ik_QnIBEkrMRLT1moATWrI.roa
File: zJ-D7ik_QnIBEkrMRLT1moATWrI.roa (raw, json)
Hash identifier: tJUdYla4l2zsgtQSdIyDrsBvuFIrjCQ6tmls5DdXrdc=
Subject key identifier: CC:9F:83:EE:29:3F:42:72:01:12:4A:CC:44:B4:F5:9A:80:13:5A:B2
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018823B2F039DEB96A62F3D85F57D9D07C8B
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/zJ-D7ik_QnIBEkrMRLT1moATWrI.roa
Signing time: Tue 16 May 2023 08:35:09 +0000
ROA not before: Tue 16 May 2023 08:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/24 maxlen: 24
62.72.164.0/24 maxlen: 24
62.72.168.0/24 maxlen: 24
62.72.177.0/24 maxlen: 24
62.72.173.0/24 maxlen: 24
62.72.174.0/24 maxlen: 24
62.72.184.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 11:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:b2:f0:39:de:b9:6a:62:f3:d8:5f:57:d9:d0:7c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: May 16 08:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc9f83ee293f427201124acc44b4f59a80135ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:02:0a:2d:2f:dd:35:be:90:f8:5d:08:4a:e4:
d1:22:9e:46:66:02:30:27:a6:f2:84:e4:2d:3a:95:
b2:02:35:47:b8:55:a4:c8:e7:b6:32:00:19:28:81:
60:7b:dc:0a:b6:86:b9:c7:2d:8c:d4:cf:9c:ed:d4:
2e:85:39:84:b9:48:2a:ee:48:c5:f5:11:d7:8b:15:
4f:94:27:ad:14:45:77:f2:ba:5b:4b:e1:69:73:8f:
48:f3:fd:86:89:51:bc:23:31:7f:4a:b5:01:43:06:
6e:1d:56:53:c3:7c:89:43:3d:b9:5c:78:93:c5:10:
45:fc:89:38:bb:82:5e:b7:18:24:5e:48:46:31:36:
78:2d:a9:23:16:df:57:25:31:53:74:a7:0a:95:c6:
83:31:96:18:93:e4:4d:2b:4a:ae:cf:61:6a:c3:af:
95:ba:70:c4:54:ed:3e:e6:43:25:a0:1a:36:a6:15:
e5:57:14:b9:95:05:87:f5:fd:03:6c:a6:1f:b2:a0:
bb:6b:83:1b:40:d2:f9:7f:8b:90:38:48:a2:23:bb:
d3:a6:d3:14:ac:cf:f6:e2:f1:70:a2:bc:3c:64:9a:
29:f5:29:0e:6a:c5:d1:a5:e4:f6:e5:0a:07:50:97:
c4:8b:aa:e7:fb:b1:c2:20:94:d9:7d:5f:ea:63:29:
cc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9F:83:EE:29:3F:42:72:01:12:4A:CC:44:B4:F5:9A:80:13:5A:B2
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/zJ-D7ik_QnIBEkrMRLT1moATWrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0/24
62.72.164.0/24
62.72.168.0/24
62.72.173.0-62.72.174.255
62.72.177.0/24
62.72.184.0/24
62.72.191.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
97:be:03:1c:34:4d:92:d3:37:55:f1:59:bc:1e:ff:03:79:d8:
4b:f0:f3:25:f7:c2:38:a4:bc:64:e3:13:ce:c9:68:29:36:82:
8e:5d:9a:96:9b:89:00:25:3e:59:86:c0:48:ef:67:a9:32:dc:
59:85:df:09:48:86:b1:f8:81:f3:99:61:82:dc:fd:b1:e3:f0:
ef:2e:51:3c:5d:1b:b9:a3:19:ce:34:2a:10:b0:d7:ad:1e:5a:
ed:69:46:b5:e3:e8:33:e3:a3:ff:87:36:5b:36:17:1e:b7:56:
8a:99:f8:87:c0:e9:a8:52:d8:88:60:85:ef:3b:da:b1:de:ca:
74:8c:89:e2:8f:11:f6:f3:cc:d4:df:77:2c:13:ee:6e:ab:d5:
ec:65:ec:ec:04:b9:9c:aa:2a:fc:0d:db:93:9a:96:1c:23:05:
ca:e2:20:6a:ec:45:62:ed:fa:2d:7d:0d:cb:72:3a:d5:e4:d2:
8a:94:93:58:d6:d8:c5:21:a5:f0:9c:dc:00:01:86:0b:df:f6:
de:0f:d5:26:ee:b7:48:a1:a3:12:5c:79:52:c2:c2:cd:1e:ce:
5e:00:0a:7a:c9:1d:3a:00:0b:0b:c1:fb:4e:b3:44:ea:95:a4:
8a:4b:71:53:d8:82:0f:c5:cf:41:d7:4c:17:3e:c6:14:7c:be:
c2:de:ce:e8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYgjsvA53rlqYvPYX1fZ0HyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNTE2MDgzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzlmODNlZTI5M2Y0MjcyMDExMjRhY2M0NGI0ZjU5YTgwMTM1YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswIKLS/dNb6Q+F0ISuTRIp5GZgIw
J6byhOQtOpWyAjVHuFWkyOe2MgAZKIFge9wKtoa5xy2M1M+c7dQuhTmEuUgq7kjF
9RHXixVPlCetFEV38rpbS+Fpc49I8/2GiVG8IzF/SrUBQwZuHVZTw3yJQz25XHiT
xRBF/Ik4u4JetxgkXkhGMTZ4LakjFt9XJTFTdKcKlcaDMZYYk+RNK0quz2Fqw6+V
unDEVO0+5kMloBo2phXlVxS5lQWH9f0DbKYfsqC7a4MbQNL5f4uQOEiiI7vTptMU
rM/24vFworw8ZJop9SkOasXRpeT25QoHUJfEi6rn+7HCIJTZfV/qYynMmQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMyfg+4pP0JyARJKzES09ZqAE1qyMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvekotRDdpa19RbklCRWtyTVJMVDFtb0FUV3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAPkiiAwQA
PkikAwQAPkioMAwDBAA+SK0DBAA+SK4DBAA+SLEDBAA+SLgDBAA+SL8DBACwOT8w
DQYJKoZIhvcNAQELBQADggEBAJe+Axw0TZLTN1XxWbwe/wN52Evw8yX3wjikvGTj
E87JaCk2go5dmpabiQAlPlmGwEjvZ6ky3FmF3wlIhrH4gfOZYYLc/bHj8O8uUTxd
G7mjGc40KhCw160eWu1pRrXj6DPjo/+HNls2Fx63VoqZ+IfA6ahS2Ihghe872rHe
ynSMieKPEfbzzNTfdywT7m6r1exl7OwEuZyqKvwN25OalhwjBcriIGrsRWLt+i19
DctyOtXk0oqUk1jW2MUhpfCc3AABhgvf9t4P1Sbut0ihoxJceVLCws0ezl4ACnrJ
HToACwvB+06zROqVpIpLcVPYgg/Fz0HXTBc+xhR8vsLezug=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org