Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/7CYOi8qerxJzy_rirXUmRHedqgc.roa
File: 7CYOi8qerxJzy_rirXUmRHedqgc.roa (raw, json)
Hash identifier: dvTrKNqQj/JaqqHlLrQT032j1+xPYv14lIsEZ5ocODI=
Subject key identifier: EC:26:0E:8B:CA:9E:AF:12:73:CB:FA:E2:AD:75:26:44:77:9D:AA:07
Certificate issuer: /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial: 018C2C9F3967B709F45A2E6EE52A27B0159C
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/7CYOi8qerxJzy_rirXUmRHedqgc.roa
Signing time: Sat 02 Dec 2023 22:21:21 +0000
ROA not before: Sat 02 Dec 2023 22:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51020
IP address blocks: 5.62.136.0/24 maxlen: 24
5.62.142.0/24 maxlen: 24
185.69.4.0/23 maxlen: 23
185.69.4.0/24 maxlen: 24
185.69.5.0/24 maxlen: 24
185.69.6.0/24 maxlen: 24
37.77.51.0/24 maxlen: 24
37.77.50.0/24 maxlen: 24
37.77.48.0/24 maxlen: 24
5.62.128.0/24 maxlen: 24
5.62.129.0/24 maxlen: 24
31.7.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 09:12:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:9f:39:67:b7:09:f4:5a:2e:6e:e5:2a:27:b0:15:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Validity
Not Before: Dec 2 22:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec260e8bca9eaf1273cbfae2ad752644779daa07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2f:16:bc:41:79:d1:13:19:ba:24:7b:a2:38:
1f:02:a2:40:84:c2:2a:c6:fa:04:70:f1:7e:05:bf:
20:bd:02:48:1a:8a:5b:fe:1b:1c:a2:45:2b:6f:1d:
db:8c:34:ff:de:db:0f:ea:c0:d1:c1:79:59:5a:88:
f4:34:92:00:f6:0b:e6:e3:13:7a:05:21:5e:13:14:
cd:37:8c:0e:22:59:de:fb:8d:77:77:c6:2b:78:75:
5b:b7:df:95:c7:5d:c8:34:7e:f8:3c:40:73:7c:f6:
51:0d:17:33:b0:f9:97:6b:a9:d6:5e:ee:6f:a4:f6:
54:0c:c5:08:71:64:21:5d:74:3e:3d:8d:ca:8c:69:
bd:ec:f1:68:d5:52:77:55:a1:e7:9d:69:51:54:4c:
38:a7:db:83:ed:e2:1c:32:d3:b6:53:11:45:b9:8a:
f3:6e:87:c5:e4:45:90:52:b7:23:78:c5:11:47:c8:
67:2b:29:10:28:0a:b8:f5:a8:50:71:96:2b:bc:54:
3d:9c:2e:12:1e:fd:5b:5a:b0:15:ca:4a:b4:db:83:
91:79:d8:35:da:66:61:a4:a7:17:e4:4a:a9:0b:66:
62:9d:3c:a5:eb:a0:fe:53:ca:d5:23:18:e8:21:f9:
0d:85:46:41:7e:f8:f3:39:19:88:80:e9:6f:4b:b2:
db:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:26:0E:8B:CA:9E:AF:12:73:CB:FA:E2:AD:75:26:44:77:9D:AA:07
X509v3 Authority Key Identifier:
keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/7CYOi8qerxJzy_rirXUmRHedqgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.128.0/23
5.62.136.0/24
5.62.142.0/24
31.7.86.0/24
37.77.48.0/24
37.77.50.0/23
185.69.4.0-185.69.6.255
Signature Algorithm: sha256WithRSAEncryption
58:42:0f:82:04:08:5e:3f:0e:23:bf:a3:d9:d5:b9:bd:c9:72:
8d:96:d7:12:43:73:36:e0:63:bb:99:66:5d:ec:2c:ca:57:f7:
00:7a:20:cc:a2:a2:76:4d:9d:f8:1f:d5:12:52:7e:33:80:1a:
e2:92:a4:37:bc:72:cc:26:2e:83:a5:ad:87:80:ea:90:fc:c0:
03:0c:8f:c1:b6:63:c6:d4:44:46:a1:8c:37:cc:4b:7e:75:45:
2e:8f:02:b1:c7:6f:3d:5c:fb:1e:90:96:aa:2e:14:2d:68:2b:
7f:e0:b8:9a:15:7c:aa:ce:b7:97:fc:e8:85:1a:2b:db:a3:b5:
57:e6:f7:86:d3:40:1e:7f:26:58:c0:dc:ac:3a:36:25:1e:40:
98:12:bc:2f:37:b8:8c:73:11:df:b9:b7:f7:09:b9:72:d3:ca:
dd:86:62:55:e2:53:41:86:73:20:68:c9:e2:4e:3a:d8:1a:1c:
87:4d:4e:93:d9:ab:d3:1b:b1:2d:7e:fd:da:eb:0a:15:f1:4c:
3b:d5:66:81:b1:10:b6:af:6a:55:25:ed:44:30:5a:a6:3b:d4:
cc:68:c6:cd:d1:f6:dc:19:2a:40:34:b1:c9:67:0d:75:3a:97:
3e:2c:56:d8:e1:51:4a:40:9c:9f:69:bf:73:d3:f0:78:22:3c:
e6:2d:28:f2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYwsnzlntwn0Wi5u5SonsBWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjMxMjAyMjIyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzI2MGU4YmNhOWVhZjEyNzNjYmZhZTJhZDc1MjY0NDc3OWRhYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS8WvEF50RMZuiR7ojgfAqJAhMIq
xvoEcPF+Bb8gvQJIGopb/hscokUrbx3bjDT/3tsP6sDRwXlZWoj0NJIA9gvm4xN6
BSFeExTNN4wOIlne+413d8YreHVbt9+Vx13INH74PEBzfPZRDRczsPmXa6nWXu5v
pPZUDMUIcWQhXXQ+PY3KjGm97PFo1VJ3VaHnnWlRVEw4p9uD7eIcMtO2UxFFuYrz
bofF5EWQUrcjeMURR8hnKykQKAq49ahQcZYrvFQ9nC4SHv1bWrAVykq024ORedg1
2mZhpKcX5EqpC2ZinTyl66D+U8rVIxjoIfkNhUZBfvjzORmIgOlvS7LbswIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOwmDovKnq8Sc8v64q11JkR3naoHMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvN0NZT2k4cWVyeEp6eV9yaXJYVW1SSGVkcWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBBT6AAwQA
BT6IAwQABT6OAwQAHwdWAwQAJU0wAwQBJU0yMAwDBAK5RQQDBAC5RQYwDQYJKoZI
hvcNAQELBQADggEBAFhCD4IECF4/DiO/o9nVub3Jco2W1xJDczbgY7uZZl3sLMpX
9wB6IMyionZNnfgf1RJSfjOAGuKSpDe8cswmLoOlrYeA6pD8wAMMj8G2Y8bUREah
jDfMS351RS6PArHHbz1c+x6QlqouFC1oK3/guJoVfKrOt5f86IUaK9ujtVfm94bT
QB5/JljA3Kw6NiUeQJgSvC83uIxzEd+5t/cJuXLTyt2GYlXiU0GGcyBoyeJOOtga
HIdNTpPZq9MbsS1+/drrChXxTDvVZoGxELavalUl7UQwWqY71Mxoxs3R9twZKkA0
sclnDXU6lz4sVtjhUUpAnJ9pv3PT8HgiPOYtKPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org