Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/r7fEKjPYiBUtjCr43gZ1rk9lTiw.roa
File: r7fEKjPYiBUtjCr43gZ1rk9lTiw.roa (raw, json)
Hash identifier: YTk8ZlMJrrsRZ1PeyGaI/bQJqYDWMh0xM/a7s+ZR6lg=
Subject key identifier: AF:B7:C4:2A:33:D8:88:15:2D:8C:2A:F8:DE:06:75:AE:4F:65:4E:2C
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 018E136E531132041A8A9DDF19AC0E6BD4B8
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/r7fEKjPYiBUtjCr43gZ1rk9lTiw.roa
Signing time: Wed 06 Mar 2024 11:03:01 +0000
ROA not before: Wed 06 Mar 2024 11:03:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28968
IP address blocks: 62.181.34.0/23 maxlen: 23
62.181.36.0/22 maxlen: 22
62.181.38.0/24 maxlen: 24
62.181.46.0/23 maxlen: 23
62.181.48.0/23 maxlen: 23
62.181.56.0/21 maxlen: 21
62.181.56.0/22 maxlen: 22
77.232.32.0/23 maxlen: 23
77.232.35.0/24 maxlen: 24
77.232.48.0/23 maxlen: 23
212.59.96.0/21 maxlen: 21
212.59.109.0/24 maxlen: 24
2a00:f460::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 23 Mar 2024 19:19:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:6e:53:11:32:04:1a:8a:9d:df:19:ac:0e:6b:d4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Mar 6 11:03:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afb7c42a33d888152d8c2af8de0675ae4f654e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:80:e0:1b:0e:9f:b0:57:e1:eb:60:70:42:e2:
0f:75:12:df:6e:82:70:01:3a:8c:66:9b:88:1d:0f:
b5:31:b4:0a:17:40:73:9e:71:f6:3a:d1:ff:b3:ac:
f7:c3:17:4d:78:ac:5d:4c:d1:4a:bc:82:68:55:69:
e2:37:0b:93:d0:34:3e:cb:ce:3a:84:03:07:19:00:
08:d8:55:74:73:c1:68:72:0d:cc:65:91:ca:0e:13:
3e:56:c8:24:c5:5b:30:25:17:b1:7a:e5:db:45:4a:
23:83:c7:bd:37:01:6c:9c:cf:f6:87:aa:09:7e:00:
45:e1:f8:df:ea:5f:ed:cd:9b:e4:94:bf:79:25:dc:
79:b6:bc:a3:24:08:b1:52:21:3c:08:38:ed:f7:75:
d2:cc:ee:55:9c:9d:fc:4f:63:f0:8c:02:fa:cd:8b:
71:51:a1:2b:a5:ed:b5:86:6a:9a:a5:c1:16:87:c7:
d9:7c:58:39:36:77:73:4d:8d:17:97:41:a2:5f:26:
6e:b3:bd:89:59:b2:23:79:fc:91:33:8e:05:18:c7:
ba:7a:78:60:8b:0d:70:5e:df:9d:34:b2:43:ce:d6:
5d:76:cf:63:0e:26:71:b8:8c:b2:5c:7e:c6:05:f7:
fd:01:af:39:56:f5:f3:e8:5d:5e:05:51:f0:6d:1a:
9d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B7:C4:2A:33:D8:88:15:2D:8C:2A:F8:DE:06:75:AE:4F:65:4E:2C
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/r7fEKjPYiBUtjCr43gZ1rk9lTiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.34.0-62.181.39.255
62.181.46.0-62.181.49.255
62.181.56.0/21
77.232.32.0/23
77.232.35.0/24
77.232.48.0/23
212.59.96.0/21
212.59.109.0/24
IPv6:
2a00:f460::/32
Signature Algorithm: sha256WithRSAEncryption
11:74:b2:18:49:46:08:74:b6:88:72:75:9b:35:55:e2:64:eb:
3d:55:a0:6e:3d:e8:66:8d:b5:b4:b4:9d:fe:f9:66:ac:5e:35:
97:f3:f4:30:72:1d:e8:90:81:38:41:47:d3:ad:11:26:f8:9d:
92:0d:6f:80:d0:a3:84:04:d0:69:d1:1b:83:0f:d9:4c:2d:da:
a4:57:9c:46:2d:17:c2:7a:33:5e:6c:99:9c:41:0f:86:0c:e8:
7c:9c:2c:14:b8:f5:52:55:58:26:3f:51:14:6e:ea:c7:9e:48:
1b:29:dc:45:dd:8f:c3:35:5e:c2:94:51:44:9f:ce:3d:91:d5:
31:30:9e:b6:ee:26:2e:10:62:d7:21:1f:40:81:ef:ab:88:12:
37:d4:07:0b:f1:05:8e:a8:54:2c:17:04:37:e3:3c:7e:94:47:
be:33:36:0b:59:7e:1c:89:4a:1f:d1:60:24:a7:b0:84:ff:27:
42:84:b6:cf:6d:e7:fb:4c:74:1a:ee:69:62:9e:37:87:1a:4d:
c1:3c:5a:66:e6:62:22:4c:05:c9:74:e9:17:db:e5:3f:50:41:
68:59:44:0a:c6:16:c0:94:fd:6b:be:08:78:fd:76:a0:47:cb:
bc:86:8e:9e:42:c5:49:7e:33:e0:8f:33:01:ea:53:7e:b3:dc:
eb:54:33:c7
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY4TblMRMgQaip3fGawOa9S4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjQwMzA2MTEwMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmI3YzQyYTMzZDg4ODE1MmQ4YzJhZjhkZTA2NzVhZTRmNjU0ZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIDgGw6fsFfh62BwQuIPdRLfboJw
ATqMZpuIHQ+1MbQKF0BznnH2OtH/s6z3wxdNeKxdTNFKvIJoVWniNwuT0DQ+y846
hAMHGQAI2FV0c8Focg3MZZHKDhM+VsgkxVswJRexeuXbRUojg8e9NwFsnM/2h6oJ
fgBF4fjf6l/tzZvklL95Jdx5tryjJAixUiE8CDjt93XSzO5VnJ38T2PwjAL6zYtx
UaErpe21hmqapcEWh8fZfFg5NndzTY0Xl0GiXyZus72JWbIjefyRM44FGMe6enhg
iw1wXt+dNLJDztZdds9jDiZxuIyyXH7GBff9Aa85VvXz6F1eBVHwbRqdxQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFK+3xCoz2IgVLYwq+N4Gda5PZU4sMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvcjdmRUtqUFlpQlV0akNyNDNnWjFyazlsVGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAE+tSID
BAM+tSAwDAMEAT61LgMEAT61MAMEAz61OAMEAU3oIAMEAE3oIwMEAU3oMAMEA9Q7
YAMEANQ7bTANBAIAAjAHAwUAKgD0YDANBgkqhkiG9w0BAQsFAAOCAQEAEXSyGElG
CHS2iHJ1mzVV4mTrPVWgbj3oZo21tLSd/vlmrF41l/P0MHId6JCBOEFH060RJvid
kg1vgNCjhATQadEbgw/ZTC3apFecRi0XwnozXmyZnEEPhgzofJwsFLj1UlVYJj9R
FG7qx55IGyncRd2PwzVewpRRRJ/OPZHVMTCetu4mLhBi1yEfQIHvq4gSN9QHC/EF
jqhULBcEN+M8fpRHvjM2C1l+HIlKH9FgJKewhP8nQoS2z23n+0x0Gu5pYp43hxpN
wTxaZuZiIkwFyXTpF9vlP1BBaFlECsYWwJT9a74IeP12oEfLvIaOnkLFSX4z4I8z
AepTfrPc61Qzxw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:40 2025 by rpki-client