Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa
File: 1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa (raw, json)
Hash identifier: Z/iaxiyAiXbHcbXFB4oPEgRU3yzCgIkiMr/C8oFEl3Y=
Subject key identifier: D5:4F:56:56:E6:75:35:99:CA:8F:D3:E5:25:4B:75:53:C8:48:91:4E
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018E5149F4C1FF642C9179D0E6F17930CC08
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa
Signing time: Mon 18 Mar 2024 11:19:45 +0000
ROA not before: Mon 18 Mar 2024 11:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21341
IP address blocks: 62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.59.0/24 maxlen: 24
87.107.0.0/21 maxlen: 24
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
87.107.40.0/24 maxlen: 24
87.107.41.0/24 maxlen: 24
87.107.42.0/23 maxlen: 23
87.107.50.0/23 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.96.0/22 maxlen: 24
87.107.106.0/23 maxlen: 24
87.107.108.0/22 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 15:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:49:f4:c1:ff:64:2c:91:79:d0:e6:f1:79:30:cc:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Mar 18 11:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d54f5656e6753599ca8fd3e5254b7553c848914e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0b:03:65:c8:f4:c1:7e:75:c9:63:86:be:a8:
27:80:ae:d1:e2:84:ba:dd:1c:f4:29:c0:c3:3e:b4:
16:5a:ec:5f:a9:fa:ff:0c:a4:26:5b:90:42:77:c5:
ca:50:3b:ba:9f:7a:95:31:44:72:16:ce:52:00:fe:
23:7d:9d:01:51:17:97:97:ff:6b:7f:3e:85:ae:d9:
cd:d3:3a:7d:c0:de:7d:ad:74:58:f2:11:9e:e4:92:
80:64:3e:1e:9d:9f:cf:38:76:ff:db:3c:d3:06:77:
dd:d3:19:22:ba:73:04:c2:1c:32:45:33:ed:e7:0c:
da:c6:df:dd:05:cc:b7:42:f5:4b:76:6b:48:0c:bb:
76:44:99:af:bf:1e:5f:f0:14:bc:27:85:ea:30:9b:
ef:59:71:50:5a:02:32:67:0b:15:5b:c2:c3:19:cb:
93:e3:ed:7b:fa:fe:b2:37:92:31:aa:c7:08:be:c4:
1b:6d:a7:dd:5e:98:64:56:8b:fc:b6:bf:ad:c1:f6:
9f:f6:47:2c:18:fe:04:58:52:b5:84:dc:82:3d:ba:
57:f9:78:42:22:95:12:92:38:9f:38:1c:42:7a:40:
d5:ed:eb:fd:58:f7:e9:05:c6:19:8d:2d:fc:5c:1f:
38:7b:42:41:b5:b2:9c:81:8b:04:99:49:ea:20:b8:
8b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4F:56:56:E6:75:35:99:CA:8F:D3:E5:25:4B:75:53:C8:48:91:4E
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.23.255
81.12.48.0/22
81.12.58.0/23
87.107.0.0/21
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.106.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:10:7e:f8:b1:95:fe:34:0a:20:52:25:52:71:eb:fd:98:41:
d5:3f:01:38:ab:8f:e8:7d:db:c0:9b:c2:75:97:95:8b:cc:c7:
18:90:20:fa:c3:0d:8d:14:3f:43:e7:fe:2e:9d:69:15:27:73:
28:04:00:5b:0f:97:ab:82:fb:c1:a9:8d:9f:80:7a:a2:5b:20:
8e:f8:e4:de:fa:9a:e3:68:b7:98:e5:01:7c:65:99:34:c9:34:
41:c6:83:30:c0:07:ae:e2:2c:0f:3d:69:78:a6:d6:81:f6:14:
af:1d:10:99:c0:38:af:c0:33:df:45:8c:d2:55:e0:f0:21:78:
82:e3:8b:08:f5:4a:ff:d8:d1:a1:ab:a0:54:05:eb:07:5a:8a:
a7:33:65:71:02:cb:ae:6e:de:90:ce:39:64:51:54:0c:d8:26:
1a:10:94:1b:00:d5:d6:f8:49:75:bc:73:8e:7b:26:e4:ec:ea:
09:28:43:1f:e4:90:52:4e:42:76:e5:f5:a3:cd:04:a3:e8:02:
2c:77:84:88:32:86:76:3a:51:bb:65:2c:68:46:4b:cf:70:04:
c4:4f:26:9f:5a:8d:5c:91:c9:d5:4a:a5:a3:83:ec:57:bd:75:
22:a6:26:5e:f4:88:e3:7b:02:a1:7e:b3:92:dc:be:45:7f:11:
53:f6:e6:a8
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAY5RSfTB/2QskXnQ5vF5MMwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMzE4MTExOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTRmNTY1NmU2NzUzNTk5Y2E4ZmQzZTUyNTRiNzU1M2M4NDg5MTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwsDZcj0wX51yWOGvqgngK7R4oS6
3Rz0KcDDPrQWWuxfqfr/DKQmW5BCd8XKUDu6n3qVMURyFs5SAP4jfZ0BUReXl/9r
fz6FrtnN0zp9wN59rXRY8hGe5JKAZD4enZ/POHb/2zzTBnfd0xkiunMEwhwyRTPt
5wzaxt/dBcy3QvVLdmtIDLt2RJmvvx5f8BS8J4XqMJvvWXFQWgIyZwsVW8LDGcuT
4+17+v6yN5IxqscIvsQbbafdXphkVov8tr+twfaf9kcsGP4EWFK1hNyCPbpX+XhC
IpUSkjifOBxCekDV7ev9WPfpBcYZjS38XB84e0JBtbKcgYsEmUnqILiLewIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFNVPVlbmdTWZyo/T5SVLdVPISJFOMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMVU5V1Z1WjFOWm5LajlQbEpVdDFVOGhJa1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQDV2sA
AwQCV2sYAwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJX
a2AwDAMEAVdragMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2uoAwQAV2utAwQCuTyI
MA0GCSqGSIb3DQEBCwUAA4IBAQA8EH74sZX+NAogUiVScev9mEHVPwE4q4/ofdvA
m8J1l5WLzMcYkCD6ww2NFD9D5/4unWkVJ3MoBABbD5ergvvBqY2fgHqiWyCO+OTe
+prjaLeY5QF8ZZk0yTRBxoMwwAeu4iwPPWl4ptaB9hSvHRCZwDivwDPfRYzSVeDw
IXiC44sI9Ur/2NGhq6BUBesHWoqnM2VxAsuubt6QzjlkUVQM2CYaEJQbANXW+El1
vHOOeybk7OoJKEMf5JBSTkJ25fWjzQSj6AIsd4SIMoZ2OlG7ZSxoRkvPcATETyaf
Wo1ckcnVSqWjg+xXvXUipiZe9IjjewKhfrOS3L5FfxFT9uao
-----END CERTIFICATE-----
Generated at Mon Mar 18 19:36:58 2024 by rpki-client on console-ams.rpki-client.org