Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/nK9Ag0eLH_LJfvEn7iAvgshSyOE.roa
File: nK9Ag0eLH_LJfvEn7iAvgshSyOE.roa (raw, json)
Hash identifier: ZN4nX767t/RWSib0+V0ImWlBxUTmCO/ve5UZ8tf8d3s=
Subject key identifier: 9C:AF:40:83:47:8B:1F:F2:C9:7E:F1:27:EE:20:2F:82:C8:52:C8:E1
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01860D267FFB27B528F4912F25B6DFCBB868
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/nK9Ag0eLH_LJfvEn7iAvgshSyOE.roa
Signing time: Wed 01 Feb 2023 13:24:32 +0000
ROA not before: Wed 01 Feb 2023 13:24:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
62.144.0.0/16 maxlen: 24
79.140.176.0/20 maxlen: 24
194.112.16.0/20 maxlen: 24
62.246.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
195.63.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:26:7f:fb:27:b5:28:f4:91:2f:25:b6:df:cb:b8:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Feb 1 13:24:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9caf4083478b1ff2c97ef127ee202f82c852c8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ca:d5:74:93:3e:98:19:68:3f:11:f2:47:a7:
c7:d1:b4:24:74:bc:33:83:09:d9:a8:8c:fc:4c:ac:
b9:3a:95:77:81:34:5f:d6:85:f7:a1:90:d2:36:4a:
22:a2:53:8d:63:1f:1d:1c:75:ea:d8:b5:50:df:de:
5d:d1:e1:78:55:40:6c:15:50:ef:d2:e4:38:3a:8d:
da:15:47:8f:ba:05:f7:1c:49:19:ba:b7:30:f0:d6:
aa:45:81:75:d4:bc:2d:ad:e4:d7:4d:ec:6e:ef:f0:
92:8d:b2:d0:b0:e6:9c:e6:36:a9:1c:f2:c7:3e:3c:
1f:a5:5f:45:39:4c:ac:a0:4b:54:3f:48:c4:a5:d1:
7f:ef:74:fc:97:9a:e0:2f:a6:0a:3b:a8:57:b1:ab:
82:dc:4a:23:f3:02:b5:9a:57:ac:a4:26:43:11:05:
7f:27:b3:dd:bc:be:44:71:5d:56:81:0c:5e:29:3f:
db:95:08:ca:4c:94:50:aa:f3:64:b0:00:f7:72:ae:
e8:70:67:c0:c9:d5:05:31:38:5d:b2:7c:67:79:cc:
32:bc:3c:26:d2:1e:36:c8:56:c1:3e:22:2d:43:2a:
a8:ea:85:36:5d:93:8c:83:d7:ff:be:10:d4:13:29:
97:57:59:78:24:21:4d:0a:3a:b4:c8:0c:60:be:02:
c1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AF:40:83:47:8B:1F:F2:C9:7E:F1:27:EE:20:2F:82:C8:52:C8:E1
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/nK9Ag0eLH_LJfvEn7iAvgshSyOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
32:30:ba:c7:d5:8c:0a:67:8f:44:88:5d:22:cc:ee:58:e7:d3:
14:a3:ad:b0:a3:1d:b9:0a:e5:5a:47:4c:64:f9:95:42:15:6e:
47:c1:c7:6c:85:18:32:8e:9c:f8:17:27:87:be:24:01:cb:f1:
bb:80:1e:ff:11:7a:bd:ac:2e:8f:2f:e8:45:91:eb:a6:6d:a4:
82:e9:73:ae:3d:ea:a1:f0:81:ca:fa:0d:74:a4:ae:a7:92:c9:
38:6b:26:84:9d:d1:f9:de:ba:98:2c:23:26:66:df:f6:ef:b3:
d8:d9:8d:46:f5:ad:3d:70:5d:95:77:60:f5:0b:92:eb:9c:ba:
3f:f4:78:f5:78:0f:6c:c1:94:2a:87:6f:44:30:d9:12:fb:e7:
52:5d:0d:43:1a:e7:23:dc:c4:2f:a8:a2:ef:9e:58:82:6c:5e:
27:9d:75:c6:11:96:2d:9d:7d:7c:60:17:a6:3c:f1:d6:57:a5:
f7:77:b2:0f:22:a0:7c:56:fb:27:49:13:b6:19:c0:32:a9:2f:
5c:00:8a:9b:00:d4:21:de:73:41:6e:41:87:05:d8:51:66:6b:
d8:6b:d3:09:7d:3d:e4:15:c6:90:1c:00:4b:f6:99:37:2b:11:
55:05:a9:6a:71:b6:b8:52:34:af:0c:c0:b1:fa:d8:79:56:af:
e1:65:dc:13
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYYNJn/7J7Uo9JEvJbbfy7hoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMjAxMTMyNDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2FmNDA4MzQ3OGIxZmYyYzk3ZWYxMjdlZTIwMmY4MmM4NTJjOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycrVdJM+mBloPxHyR6fH0bQkdLwz
gwnZqIz8TKy5OpV3gTRf1oX3oZDSNkoiolONYx8dHHXq2LVQ395d0eF4VUBsFVDv
0uQ4Oo3aFUePugX3HEkZurcw8NaqRYF11LwtreTXTexu7/CSjbLQsOac5japHPLH
PjwfpV9FOUysoEtUP0jEpdF/73T8l5rgL6YKO6hXsauC3Eoj8wK1mlespCZDEQV/
J7PdvL5EcV1WgQxeKT/blQjKTJRQqvNksAD3cq7ocGfAydUFMThdsnxnecwyvDwm
0h42yFbBPiItQyqo6oU2XZOMg9f/vhDUEymXV1l4JCFNCjq0yAxgvgLBVQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFJyvQINHix/yyX7xJ+4gL4LIUsjhMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvbks5QWcwZUxIX0xKZnZFbjdpQXZnc2hTeU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBMBAIAATBGAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwQCudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQF
w06gAwMAw7kDAwDUrDAUBAIAAjAOAwUBIAFAkAMFACoBBcgwDQYJKoZIhvcNAQEL
BQADggEBADIwusfVjApnj0SIXSLM7ljn0xSjrbCjHbkK5VpHTGT5lUIVbkfBx2yF
GDKOnPgXJ4e+JAHL8buAHv8Rer2sLo8v6EWR66ZtpILpc6496qHwgcr6DXSkrqeS
yThrJoSd0fneupgsIyZm3/bvs9jZjUb1rT1wXZV3YPULkuucuj/0ePV4D2zBlCqH
b0Qw2RL751JdDUMa5yPcxC+oou+eWIJsXieddcYRli2dfXxgF6Y88dZXpfd3sg8i
oHxW+ydJE7YZwDKpL1wAipsA1CHec0FuQYcF2FFma9hr0wl9PeQVxpAcAEv2mTcr
EVUFqWpxtrhSNK8MwLH62HlWr+Fl3BM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org