Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/U3IyNaCt3TPM9XLc91GjrCq3wTU.roa
File: U3IyNaCt3TPM9XLc91GjrCq3wTU.roa (raw, json)
Hash identifier: zYKx6XB84eIgeyFK4T3KzM9+JelCsWmGxrrRr1muj6E=
Subject key identifier: 53:72:32:35:A0:AD:DD:33:CC:F5:72:DC:F7:51:A3:AC:2A:B7:C1:35
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 0187F2330F5BBA1FDE4992565CEDAA43C683
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/U3IyNaCt3TPM9XLc91GjrCq3wTU.roa
Signing time: Sat 06 May 2023 17:54:05 +0000
ROA not before: Sat 06 May 2023 17:54:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28968
IP address blocks: 212.59.96.0/20 maxlen: 20
62.181.34.0/23 maxlen: 23
62.181.36.0/22 maxlen: 22
62.181.38.0/24 maxlen: 24
77.232.32.0/23 maxlen: 23
62.181.48.0/23 maxlen: 23
77.232.35.0/24 maxlen: 24
62.181.46.0/23 maxlen: 23
62.181.56.0/21 maxlen: 21
62.181.56.0/22 maxlen: 22
77.232.48.0/23 maxlen: 23
2a00:f460::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Sep 2023 08:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f2:33:0f:5b:ba:1f:de:49:92:56:5c:ed:aa:43:c6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: May 6 17:54:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53723235a0addd33ccf572dcf751a3ac2ab7c135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:5e:10:82:da:68:7e:1c:54:a5:a6:94:ae:
c5:6c:16:ed:0a:7e:31:84:25:73:a2:2b:eb:d5:4c:
05:c4:c2:41:04:0c:14:19:9e:48:d9:d6:d0:d9:e6:
13:f2:2e:87:3c:72:9d:d0:db:ff:ab:76:a9:7b:35:
f2:9b:40:12:e9:d7:ce:63:7d:95:b0:00:22:52:e7:
3d:2a:a5:c2:b2:59:35:80:13:0e:82:f0:b8:8e:19:
45:c3:49:e5:91:ab:29:1f:7c:97:99:be:db:d5:62:
b6:06:19:c4:1f:c4:3c:d7:56:e2:44:dc:d3:60:c1:
a5:b1:de:37:da:3f:a8:22:5e:99:75:73:23:3f:f6:
37:5f:dc:b7:3e:07:06:95:ca:e5:b9:ec:15:29:b2:
8b:5a:d3:4c:94:90:1b:a0:bd:ce:a4:17:81:66:99:
83:57:8f:05:d4:36:b7:07:9b:e8:59:87:4d:47:a8:
0f:a7:94:a6:04:90:64:fd:9b:4f:c8:c4:db:9d:89:
e0:fd:c2:3f:16:9c:96:98:5e:5b:71:58:15:0b:7e:
4a:af:ae:4d:4b:1f:4a:6d:b6:22:4f:55:49:4d:a0:
9c:82:d8:50:bb:10:0e:06:f9:a0:77:63:e0:cf:1f:
02:5b:ee:4c:35:dd:78:7d:e0:d9:2e:eb:28:17:89:
03:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:72:32:35:A0:AD:DD:33:CC:F5:72:DC:F7:51:A3:AC:2A:B7:C1:35
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/U3IyNaCt3TPM9XLc91GjrCq3wTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.34.0-62.181.39.255
62.181.46.0-62.181.49.255
62.181.56.0/21
77.232.32.0/23
77.232.35.0/24
77.232.48.0/23
212.59.96.0/20
IPv6:
2a00:f460::/32
Signature Algorithm: sha256WithRSAEncryption
78:c8:fe:e7:e8:f6:0e:38:99:07:9d:5c:1e:03:e8:18:a9:b8:
2e:90:ad:04:28:9d:0e:39:8c:f6:c1:32:88:79:37:35:69:75:
d6:c3:bc:71:c7:ca:ae:87:26:28:24:98:c5:79:23:30:e3:c9:
de:2d:8b:c3:42:ed:ad:a4:9d:16:ec:fe:ad:d7:98:78:9d:18:
fd:5d:50:a0:0d:39:a8:26:af:71:2c:ee:0d:05:a1:a2:97:95:
21:1d:8c:ce:48:d7:70:14:ad:d8:f5:e0:f3:12:fc:de:d0:4d:
71:89:87:e0:88:0d:eb:e3:d6:6b:b7:97:43:cd:df:66:b5:13:
b7:85:15:04:ca:a2:f8:66:29:a9:5d:71:91:5b:8d:fa:8f:b4:
4e:cf:3c:3f:2c:a3:20:ea:32:57:9a:49:5b:4a:c4:1f:27:83:
3c:4c:af:8b:f1:4f:a2:a5:4b:2f:a8:77:96:0e:74:32:c3:b3:
e7:02:aa:b0:27:0d:b0:d2:69:68:79:0c:02:7e:af:b0:dd:69:
05:5b:7c:d0:8d:72:7f:b1:93:49:4a:b1:e1:0a:46:61:82:ff:
43:02:68:29:e3:2e:26:68:dc:25:fe:95:c1:0f:d5:0d:62:36:
33:26:fd:15:f8:dd:51:7f:a2:1d:0e:1f:74:b4:c1:41:a1:f5:
02:e2:c6:d4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYfyMw9buh/eSZJWXO2qQ8aDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjMwNTA2MTc1NDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzcyMzIzNWEwYWRkZDMzY2NmNTcyZGNmNzUxYTNhYzJhYjdjMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnspeEILaaH4cVKWmlK7FbBbtCn4x
hCVzoivr1UwFxMJBBAwUGZ5I2dbQ2eYT8i6HPHKd0Nv/q3apezXym0AS6dfOY32V
sAAiUuc9KqXCslk1gBMOgvC4jhlFw0nlkaspH3yXmb7b1WK2BhnEH8Q811biRNzT
YMGlsd432j+oIl6ZdXMjP/Y3X9y3PgcGlcrluewVKbKLWtNMlJAboL3OpBeBZpmD
V48F1Da3B5voWYdNR6gPp5SmBJBk/ZtPyMTbnYng/cI/FpyWmF5bcVgVC35Kr65N
Sx9KbbYiT1VJTaCcgthQuxAOBvmgd2Pgzx8CW+5MNd14feDZLusoF4kDUQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFFNyMjWgrd0zzPVy3PdRo6wqt8E1MB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvVTNJeU5hQ3QzVFBNOVhMYzkxR2pyQ3Ezd1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6MAwDBAE+tSID
BAM+tSAwDAMEAT61LgMEAT61MAMEAz61OAMEAU3oIAMEAE3oIwMEAU3oMAMEBNQ7
YDANBAIAAjAHAwUAKgD0YDANBgkqhkiG9w0BAQsFAAOCAQEAeMj+5+j2DjiZB51c
HgPoGKm4LpCtBCidDjmM9sEyiHk3NWl11sO8ccfKrocmKCSYxXkjMOPJ3i2Lw0Lt
raSdFuz+rdeYeJ0Y/V1QoA05qCavcSzuDQWhopeVIR2MzkjXcBSt2PXg8xL83tBN
cYmH4IgN6+PWa7eXQ83fZrUTt4UVBMqi+GYpqV1xkVuN+o+0Ts88PyyjIOoyV5pJ
W0rEHyeDPEyvi/FPoqVLL6h3lg50MsOz5wKqsCcNsNJpaHkMAn6vsN1pBVt80I1y
f7GTSUqx4QpGYYL/QwJoKeMuJmjcJf6VwQ/VDWI2Myb9FfjdUX+iHQ4fdLTBQaH1
AuLG1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:02 2024 by rpki-client on console-ams.rpki-client.org