Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/3beRuVpG5MMu3shbQBd2yWmZncE.roa
File: 3beRuVpG5MMu3shbQBd2yWmZncE.roa (raw, json)
Hash identifier: GAkcz15dVCWJ4W2ui/5oWpSOQmCyK2JCbkEGQMcbR/A=
Subject key identifier: DD:B7:91:B9:5A:46:E4:C3:2E:DE:C8:5B:40:17:76:C9:69:99:9D:C1
Certificate issuer: /CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Certificate serial: 0185708C97E608EA736C0C80A462378156A3
Authority key identifier: AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/3beRuVpG5MMu3shbQBd2yWmZncE.roa
Signing time: Mon 02 Jan 2023 03:35:40 +0000
ROA not before: Mon 02 Jan 2023 03:35:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12552
IP address blocks: 213.80.64.0/19 maxlen: 19
94.246.64.0/18 maxlen: 18
213.80.0.0/18 maxlen: 18
83.145.0.0/18 maxlen: 18
213.132.96.0/19 maxlen: 19
213.212.0.0/18 maxlen: 18
212.16.160.0/19 maxlen: 19
212.112.160.0/19 maxlen: 19
62.209.160.0/19 maxlen: 19
212.37.0.0/19 maxlen: 19
82.99.0.0/18 maxlen: 18
62.109.32.0/19 maxlen: 19
2a01:2b0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:97:e6:08:ea:73:6c:0c:80:a4:62:37:81:56:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Validity
Not Before: Jan 2 03:35:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddb791b95a46e4c32edec85b401776c969999dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:08:1f:97:83:a8:72:20:7c:a7:21:90:00:02:
f4:3a:1f:50:62:ec:7c:fa:ba:2e:97:71:6f:0b:5d:
84:35:d3:68:d4:0d:c4:a0:dc:46:f8:eb:5e:35:ab:
33:df:ec:01:54:e6:22:2d:79:07:14:bc:e6:5e:db:
b4:27:1a:8b:36:c3:08:63:94:cd:22:9e:ea:73:85:
3d:86:62:a8:1d:a4:57:49:e9:e7:6e:f9:d6:ab:d0:
e2:01:b0:2c:fe:61:cc:bd:de:bb:01:a8:5c:71:b9:
72:43:7f:14:0f:c9:77:8f:44:3c:96:b7:d8:2e:9e:
45:a9:25:ab:f5:49:00:10:65:3e:92:5f:27:9f:35:
6d:34:b6:ae:e7:b2:65:d7:b0:7e:89:56:b6:78:18:
c3:f8:32:2d:4d:13:e6:0d:5d:b7:0c:24:7d:b3:37:
1a:c1:26:69:40:8f:c9:b0:15:d8:73:2d:0b:a6:78:
f1:86:9a:6e:3a:9f:56:c9:56:58:46:3a:c5:c6:d8:
f4:ea:1d:5b:2d:a8:07:ec:f2:f9:af:8a:62:88:c5:
c6:94:37:14:bd:06:3b:d4:07:27:1a:98:a4:96:ff:
69:77:e3:f9:19:3c:71:01:c9:fc:49:3a:6c:ee:0e:
31:bf:65:0a:55:8a:b6:9e:53:8e:4d:14:83:a1:3c:
14:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B7:91:B9:5A:46:E4:C3:2E:DE:C8:5B:40:17:76:C9:69:99:9D:C1
X509v3 Authority Key Identifier:
keyid:AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/3beRuVpG5MMu3shbQBd2yWmZncE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.109.32.0/19
62.209.160.0/19
82.99.0.0/18
83.145.0.0/18
94.246.64.0/18
212.16.160.0/19
212.37.0.0/19
212.112.160.0/19
213.80.0.0-213.80.95.255
213.132.96.0/19
213.212.0.0/18
IPv6:
2a01:2b0::/29
Signature Algorithm: sha256WithRSAEncryption
49:b8:98:ca:42:48:92:a4:21:74:ab:d6:ed:5d:f0:85:86:cb:
94:80:f1:5d:73:e5:c0:21:2e:28:98:bc:0c:6b:5c:37:4b:02:
29:84:fb:92:0f:bb:ad:81:65:16:c8:e4:80:99:e7:45:fe:4a:
06:ad:19:7c:b3:f2:50:38:6d:46:8a:d6:9b:80:22:25:6e:82:
a6:00:bc:a6:87:d5:75:e7:03:b7:eb:66:85:89:57:88:66:0d:
90:33:1b:d3:50:98:c9:04:1a:cd:f6:04:67:dd:2d:94:88:ea:
e1:41:b7:75:65:af:7d:af:b5:5c:50:f4:e8:e2:c4:66:67:cd:
4b:e2:ba:99:42:3f:94:5d:46:e5:eb:7e:94:bd:22:34:c9:89:
06:15:f4:dc:b9:53:f6:3a:8c:a5:55:2e:11:7c:e8:f7:09:27:
7b:8c:8d:34:c8:ed:42:04:1a:23:df:6e:92:90:c3:69:71:fb:
d5:87:47:2d:64:b4:11:b3:71:f0:fc:d5:ef:75:3d:37:c5:b1:
15:12:38:78:46:44:f1:46:21:cb:39:48:2e:77:54:16:76:ee:
42:8f:7a:a5:7c:ea:49:b6:e1:c9:62:4e:69:67:f2:0f:47:b6:
c2:a5:0b:1e:11:af:6a:78:a6:ba:61:bc:98:88:30:e6:c9:6a:
5e:d9:e9:e5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVwjJfmCOpzbAyApGI3gVajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM4NTAzZDcyOTMxNjI2ZGNiOGQxZTk0NmIyYWUwNmE3
M2QwMmUwHhcNMjMwMTAyMDMzNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGI3OTFiOTVhNDZlNGMzMmVkZWM4NWI0MDE3NzZjOTY5OTk5ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQgfl4OociB8pyGQAAL0Oh9QYux8
+roul3FvC12ENdNo1A3EoNxG+OteNasz3+wBVOYiLXkHFLzmXtu0JxqLNsMIY5TN
Ip7qc4U9hmKoHaRXSennbvnWq9DiAbAs/mHMvd67AahccblyQ38UD8l3j0Q8lrfY
Lp5FqSWr9UkAEGU+kl8nnzVtNLau57Jl17B+iVa2eBjD+DItTRPmDV23DCR9szca
wSZpQI/JsBXYcy0LpnjxhppuOp9WyVZYRjrFxtj06h1bLagH7PL5r4piiMXGlDcU
vQY71AcnGpiklv9pd+P5GTxxAcn8STps7g4xv2UKVYq2nlOOTRSDoTwU/wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFN23kblaRuTDLt7IW0AXdslpmZ3BMB8GA1UdIwQY
MBaAFK+ThQPXKTFibcuNHpRrKuBqc9AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYt
M2I4YjBkMWE1OWE5LzEvM2JlUnVWcEc1TU11M3NoYlFCZDJ5V21abmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYtM2I4YjBkMWE1OWE5
LzEvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQFPm0gAwQF
PtGgAwQGUmMAAwQGU5EAAwQGXvZAAwQF1BCgAwQF1CUAAwQF1HCgMAsDAwTVUAME
BdVQQAMEBdWEYAMEBtXUADANBAIAAjAHAwUDKgECsDANBgkqhkiG9w0BAQsFAAOC
AQEASbiYykJIkqQhdKvW7V3whYbLlIDxXXPlwCEuKJi8DGtcN0sCKYT7kg+7rYFl
FsjkgJnnRf5KBq0ZfLPyUDhtRorWm4AiJW6CpgC8pofVdecDt+tmhYlXiGYNkDMb
01CYyQQazfYEZ90tlIjq4UG3dWWvfa+1XFD06OLEZmfNS+K6mUI/lF1G5et+lL0i
NMmJBhX03LlT9jqMpVUuEXzo9wkne4yNNMjtQgQaI99ukpDDaXH71YdHLWS0EbNx
8PzV73U9N8WxFRI4eEZE8UYhyzlILndUFnbuQo96pXzqSbbhyWJOaWfyD0e2wqUL
HhGvanimumG8mIgw5slqXtnp5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:37 2024 by rpki-client on console-fra.rpki-client.org