Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/hYI06ipzcNLOb2fhNgJRx6apJKQ.roa
File: hYI06ipzcNLOb2fhNgJRx6apJKQ.roa (raw, json)
Hash identifier: imJUcxtFgTDaAZuzVX6DKWNucTokXErOAZEWWHSLcEU=
Subject key identifier: 85:82:34:EA:2A:73:70:D2:CE:6F:67:E1:36:02:51:C7:A6:A9:24:A4
Certificate issuer: /CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Certificate serial: 018CC50117D2434204891D82057197AD704C
Authority key identifier: AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/hYI06ipzcNLOb2fhNgJRx6apJKQ.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 213.80.64.0/19 maxlen: 19
94.246.64.0/18 maxlen: 18
213.80.0.0/18 maxlen: 18
83.145.0.0/18 maxlen: 18
213.132.96.0/19 maxlen: 19
213.212.0.0/18 maxlen: 18
212.16.160.0/19 maxlen: 19
212.112.160.0/19 maxlen: 19
62.209.160.0/19 maxlen: 19
212.37.0.0/19 maxlen: 19
82.99.0.0/18 maxlen: 18
62.109.32.0/19 maxlen: 19
2a01:2b0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 03 Oct 2024 08:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:17:d2:43:42:04:89:1d:82:05:71:97:ad:70:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=858234ea2a7370d2ce6f67e1360251c7a6a924a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a1:c8:ee:a7:82:d4:ff:03:82:22:ef:d1:76:
ca:91:c8:f2:35:e8:ba:77:af:b1:98:a3:a0:00:eb:
d1:db:ae:68:43:4f:bf:c2:79:bb:51:da:5c:85:9c:
e0:ce:fa:73:5e:c5:33:b5:25:49:04:e9:7a:db:82:
8b:1e:38:5f:6e:4f:5a:e8:2a:03:8d:86:83:b7:45:
58:ce:fc:7f:72:a3:ca:fc:b4:31:78:c0:46:d4:79:
d5:20:b3:cb:a3:67:b3:cc:49:8a:47:96:d1:f1:06:
5f:3c:f5:c7:1c:b0:67:2a:16:5a:4a:c8:aa:d7:a8:
98:c1:73:bd:57:63:36:9d:54:d2:06:5e:f3:73:5b:
7c:6b:fc:21:f1:fa:6f:46:68:01:c3:b6:3a:15:47:
f2:bb:14:e7:c3:0d:05:6d:32:a2:9b:b2:e6:57:53:
f6:c0:ef:e5:c2:2c:a4:59:ec:6a:3a:d7:d1:d4:e9:
24:24:33:4f:c2:21:0b:a3:e2:a4:f4:c3:08:ee:be:
4a:7f:d2:ee:c9:08:54:1f:b9:10:e6:df:2a:a7:24:
d2:d3:c3:75:8b:c1:32:8f:9c:9d:7e:f4:41:62:2b:
28:a0:76:98:64:9f:44:02:73:8b:c4:4c:9b:08:72:
63:b6:83:3b:25:21:dd:f7:7d:31:0a:bb:94:07:6d:
bf:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:82:34:EA:2A:73:70:D2:CE:6F:67:E1:36:02:51:C7:A6:A9:24:A4
X509v3 Authority Key Identifier:
keyid:AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/hYI06ipzcNLOb2fhNgJRx6apJKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.109.32.0/19
62.209.160.0/19
82.99.0.0/18
83.145.0.0/18
94.246.64.0/18
212.16.160.0/19
212.37.0.0/19
212.112.160.0/19
213.80.0.0-213.80.95.255
213.132.96.0/19
213.212.0.0/18
IPv6:
2a01:2b0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:9e:61:a9:16:32:0c:f3:4c:ee:14:e8:df:c3:50:0b:1b:87:
80:53:0c:b9:15:c0:ac:94:4a:5e:b4:36:6a:11:b4:b0:4f:18:
9a:71:2d:1a:84:52:9d:2c:87:60:0a:0e:41:41:b4:24:97:01:
f4:21:93:51:f9:2d:a8:20:2a:49:a0:7b:10:5e:07:c7:ea:e8:
6a:01:c1:70:e1:bb:1b:87:b6:04:f6:1d:0d:c2:9e:9e:52:20:
c2:8d:4d:df:4c:57:fe:5d:8c:da:ca:da:28:90:9a:a9:df:aa:
05:5d:11:f4:c0:4d:bd:07:76:6a:d4:da:a6:c1:37:e0:58:f9:
de:b0:c7:44:b3:04:48:68:9f:60:37:94:c2:6e:7b:2d:9b:7c:
dd:3c:23:dc:4f:77:49:52:cf:6a:fd:d9:14:32:61:44:b9:fa:
5d:19:2d:77:c9:4e:9a:bd:00:ff:39:6c:aa:40:5f:a2:54:3f:
46:b3:fc:49:b4:2c:65:3c:39:19:7d:25:49:e9:5d:82:23:36:
64:93:a1:90:fd:28:77:77:f8:0e:c1:4d:ad:b1:64:25:57:9e:
ce:98:ad:05:d4:8e:6b:a3:2f:c8:3e:45:30:b3:43:9b:53:bc:
a9:f4:66:89:40:17:8f:d9:f1:cb:2c:e3:4f:01:b1:0e:5a:32:
5e:92:7e:50
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzFARfSQ0IEiR2CBXGXrXBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM4NTAzZDcyOTMxNjI2ZGNiOGQxZTk0NmIyYWUwNmE3
M2QwMmUwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTgyMzRlYTJhNzM3MGQyY2U2ZjY3ZTEzNjAyNTFjN2E2YTkyNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKHI7qeC1P8DgiLv0XbKkcjyNei6
d6+xmKOgAOvR265oQ0+/wnm7UdpchZzgzvpzXsUztSVJBOl624KLHjhfbk9a6CoD
jYaDt0VYzvx/cqPK/LQxeMBG1HnVILPLo2ezzEmKR5bR8QZfPPXHHLBnKhZaSsiq
16iYwXO9V2M2nVTSBl7zc1t8a/wh8fpvRmgBw7Y6FUfyuxTnww0FbTKim7LmV1P2
wO/lwiykWexqOtfR1OkkJDNPwiELo+Kk9MMI7r5Kf9LuyQhUH7kQ5t8qpyTS08N1
i8Eyj5ydfvRBYisooHaYZJ9EAnOLxEybCHJjtoM7JSHd930xCruUB22/5wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFIWCNOoqc3DSzm9n4TYCUcemqSSkMB8GA1UdIwQY
MBaAFK+ThQPXKTFibcuNHpRrKuBqc9AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYt
M2I4YjBkMWE1OWE5LzEvaFlJMDZpcHpjTkxPYjJmaE5nSlJ4NmFwSktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYtM2I4YjBkMWE1OWE5
LzEvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQFPm0gAwQF
PtGgAwQGUmMAAwQGU5EAAwQGXvZAAwQF1BCgAwQF1CUAAwQF1HCgMAsDAwTVUAME
BdVQQAMEBdWEYAMEBtXUADANBAIAAjAHAwUDKgECsDANBgkqhkiG9w0BAQsFAAOC
AQEAjZ5hqRYyDPNM7hTo38NQCxuHgFMMuRXArJRKXrQ2ahG0sE8YmnEtGoRSnSyH
YAoOQUG0JJcB9CGTUfktqCAqSaB7EF4Hx+roagHBcOG7G4e2BPYdDcKenlIgwo1N
30xX/l2M2sraKJCaqd+qBV0R9MBNvQd2atTapsE34Fj53rDHRLMESGifYDeUwm57
LZt83Twj3E93SVLPav3ZFDJhRLn6XRktd8lOmr0A/zlsqkBfolQ/RrP8SbQsZTw5
GX0lSeldgiM2ZJOhkP0od3f4DsFNrbFkJVeezpitBdSOa6MvyD5FMLNDm1O8qfRm
iUAXj9nxyyzjTwGxDloyXpJ+UA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:44:23 2025 by rpki-client