Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/71AshhCStOHAlpqnOvilFJJL9WA.roa
File: 71AshhCStOHAlpqnOvilFJJL9WA.roa (raw, json)
Hash identifier: QdRpEmCo58EYMBIe6sx69aTKAmWs0z59XrniMrekXBc=
Subject key identifier: EF:50:2C:86:10:92:B4:E1:C0:96:9A:A7:3A:F8:A5:14:92:4B:F5:60
Certificate issuer: /CN=0c6f182804b56e508aa372c03cceb73ef8c2c68b
Certificate serial: 019265C9AD47EE5CDF9A89CE185B28D02690
Authority key identifier: 0C:6F:18:28:04:B5:6E:50:8A:A3:72:C0:3C:CE:B7:3E:F8:C2:C6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DG8YKAS1blCKo3LAPM63PvjCxos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/71AshhCStOHAlpqnOvilFJJL9WA.roa
Signing time: Mon 07 Oct 2024 07:02:48 +0000
ROA not before: Mon 07 Oct 2024 07:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29061
IP address blocks: 92.62.64.0/20 maxlen: 24
92.62.64.0/21 maxlen: 24
92.62.65.0/24 maxlen: 24
92.62.66.0/23 maxlen: 23
95.87.72.0/21 maxlen: 24
95.87.72.0/22 maxlen: 24
95.87.76.0/22 maxlen: 24
95.87.80.0/21 maxlen: 24
95.87.88.0/23 maxlen: 24
95.87.92.0/22 maxlen: 24
95.87.92.0/24 maxlen: 24
95.87.93.0/24 maxlen: 24
95.87.94.0/24 maxlen: 24
95.87.95.0/24 maxlen: 24
185.53.228.0/22 maxlen: 24
185.53.229.0/24 maxlen: 24
185.53.230.0/24 maxlen: 24
185.53.231.0/24 maxlen: 24
217.29.16.0/20 maxlen: 24
217.29.16.0/21 maxlen: 24
217.29.16.0/24 maxlen: 24
217.29.17.0/24 maxlen: 24
217.29.18.0/24 maxlen: 24
217.29.19.0/24 maxlen: 24
217.29.20.0/24 maxlen: 24
217.29.21.0/24 maxlen: 24
217.29.22.0/24 maxlen: 24
217.29.23.0/24 maxlen: 24
217.29.24.0/21 maxlen: 24
217.29.24.0/24 maxlen: 24
217.29.25.0/24 maxlen: 24
217.29.26.0/24 maxlen: 24
217.29.27.0/24 maxlen: 24
217.29.28.0/24 maxlen: 24
217.29.31.0/24 maxlen: 24
2a02:820::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Oct 2024 07:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:65:c9:ad:47:ee:5c:df:9a:89:ce:18:5b:28:d0:26:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6f182804b56e508aa372c03cceb73ef8c2c68b
Validity
Not Before: Oct 7 07:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef502c861092b4e1c0969aa73af8a514924bf560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e5:3f:36:19:be:98:85:cc:63:39:e7:59:3e:
13:aa:84:39:39:a2:14:4b:9c:dc:d8:72:51:b1:a8:
4b:fa:d7:b1:2d:e8:b8:e3:df:30:96:01:9c:66:36:
7e:ad:a7:ee:00:ff:99:d6:d7:07:2a:e8:24:17:71:
d3:64:75:bb:6f:01:49:9d:fa:b2:fa:82:af:b2:2a:
39:f3:d5:e6:fb:dc:80:47:45:cd:11:f9:76:86:35:
3e:68:14:01:4d:3c:ec:a7:70:b4:58:07:1e:ad:60:
aa:56:6f:6c:40:e4:07:10:ee:57:72:22:50:8a:b7:
47:4f:7c:d5:48:5b:35:6e:ec:3d:26:6b:9a:99:96:
60:0e:e4:71:b1:db:3f:10:6d:d8:f8:e2:8e:e1:ad:
84:8a:f2:cd:5a:25:ef:98:ff:87:dd:45:19:22:e1:
08:45:61:c4:89:31:e1:ff:11:5a:f2:b5:c0:1e:dd:
60:c8:4f:6f:ec:fd:97:77:37:24:86:50:f7:e4:ca:
00:bc:5a:f7:b5:94:c5:6a:24:57:39:3f:b0:d1:79:
c4:cd:18:4b:1b:09:fa:e1:55:de:7d:c2:88:6f:d6:
cf:72:dc:6f:d2:b4:26:8d:f5:c4:5e:bf:97:1b:0a:
4d:f6:a4:43:f4:c9:49:0f:a3:f8:63:ce:b2:04:f7:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:50:2C:86:10:92:B4:E1:C0:96:9A:A7:3A:F8:A5:14:92:4B:F5:60
X509v3 Authority Key Identifier:
keyid:0C:6F:18:28:04:B5:6E:50:8A:A3:72:C0:3C:CE:B7:3E:F8:C2:C6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DG8YKAS1blCKo3LAPM63PvjCxos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/71AshhCStOHAlpqnOvilFJJL9WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/DG8YKAS1blCKo3LAPM63PvjCxos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.64.0/20
95.87.72.0-95.87.89.255
95.87.92.0/22
185.53.228.0/22
217.29.16.0/20
IPv6:
2a02:820::/32
Signature Algorithm: sha256WithRSAEncryption
63:ab:1e:4c:33:fa:76:49:a8:1c:7f:70:0c:c3:04:de:b2:e8:
4e:30:fb:00:00:64:5b:04:47:1a:01:60:93:a3:71:2e:5a:60:
f1:55:c8:f7:ca:7d:5b:d5:82:49:9c:c2:8e:c9:f3:61:b4:04:
c4:2d:0b:3c:3a:45:9c:8c:9f:bf:58:fb:ff:d8:c4:e9:83:65:
cb:10:df:3f:c0:85:b3:a5:99:06:f8:17:a2:11:67:ff:a7:fc:
b0:b9:58:d6:9d:77:14:5b:32:66:b3:aa:62:b3:b6:2c:28:5d:
5d:74:25:69:53:35:cb:1a:8c:b3:77:34:b2:17:07:76:d8:d0:
dd:0d:00:7f:9a:1f:1e:a2:10:25:7d:17:3c:31:13:23:b4:ca:
a3:1c:53:e4:e9:76:5d:8a:6d:14:1f:4c:e5:58:40:dd:0f:e0:
f4:89:52:55:8b:56:0b:67:b8:01:09:4c:1d:31:7b:cb:b6:01:
1e:2c:41:d8:7b:31:dd:b4:e4:a0:52:fe:20:ce:54:c9:25:8c:
c9:e1:c7:15:d5:a6:67:1f:07:fe:f7:4e:1d:ab:ab:3a:2e:ce:
b8:03:fc:f9:01:8f:05:0f:d9:d5:6c:c3:c5:08:7f:2d:10:a1:
d1:93:c2:b7:b9:5e:32:c3:5b:ba:df:71:ce:84:6d:38:26:13:
51:a7:f9:c6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZJlya1H7lzfmonOGFso0CaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNmYxODI4MDRiNTZlNTA4YWEzNzJjMDNjY2ViNzNlZjhj
MmM2OGIwHhcNMjQxMDA3MDcwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUwMmM4NjEwOTJiNGUxYzA5NjlhYTczYWY4YTUxNDkyNGJmNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+U/Nhm+mIXMYznnWT4TqoQ5OaIU
S5zc2HJRsahL+texLei4498wlgGcZjZ+rafuAP+Z1tcHKugkF3HTZHW7bwFJnfqy
+oKvsio589Xm+9yAR0XNEfl2hjU+aBQBTTzsp3C0WAcerWCqVm9sQOQHEO5XciJQ
irdHT3zVSFs1buw9JmuamZZgDuRxsds/EG3Y+OKO4a2EivLNWiXvmP+H3UUZIuEI
RWHEiTHh/xFa8rXAHt1gyE9v7P2XdzckhlD35MoAvFr3tZTFaiRXOT+w0XnEzRhL
Gwn64VXefcKIb9bPctxv0rQmjfXEXr+XGwpN9qRD9MlJD6P4Y86yBPcpswIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFO9QLIYQkrThwJaapzr4pRSSS/VgMB8GA1UdIwQY
MBaAFAxvGCgEtW5QiqNywDzOtz74wsaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREc4WUtBUzFibENLbzNMQVBNNjNQdmpDeG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82YzBlMjItZmI2MS00OWRiLWIwNjUt
OTkzY2Q4Mzg4ZmQ1LzEvNzFBc2hoQ1N0T0hBbHBxbk92aWxGSkpMOVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82YzBlMjItZmI2MS00OWRiLWIwNjUtOTkzY2Q4Mzg4ZmQ1
LzEvREc4WUtBUzFibENLbzNMQVBNNjNQdmpDeG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQEXD5AMAwD
BANfV0gDBAFfV1gDBAJfV1wDBAK5NeQDBATZHRAwDQQCAAIwBwMFACoCCCAwDQYJ
KoZIhvcNAQELBQADggEBAGOrHkwz+nZJqBx/cAzDBN6y6E4w+wAAZFsERxoBYJOj
cS5aYPFVyPfKfVvVgkmcwo7J82G0BMQtCzw6RZyMn79Y+//YxOmDZcsQ3z/AhbOl
mQb4F6IRZ/+n/LC5WNaddxRbMmazqmKztiwoXV10JWlTNcsajLN3NLIXB3bY0N0N
AH+aHx6iECV9FzwxEyO0yqMcU+Tpdl2KbRQfTOVYQN0P4PSJUlWLVgtnuAEJTB0x
e8u2AR4sQdh7Md205KBS/iDOVMkljMnhxxXVpmcfB/73Th2rqzouzrgD/PkBjwUP
2dVsw8UIfy0QodGTwre5XjLDW7rfcc6EbTgmE1Gn+cY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:54 2025 by rpki-client