Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/2AmbSb2idkACxSunwBO1ClQQR3Q.roa
File: 2AmbSb2idkACxSunwBO1ClQQR3Q.roa (raw, json)
Hash identifier: bP5Zjs6KJNq7rBzVYgGHcW39xkm8yQG2wKonWMzoDfA=
Subject key identifier: D8:09:9B:49:BD:A2:76:40:02:C5:2B:A7:C0:13:B5:0A:54:10:47:74
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019198ED205CE49CBEE20561B8B3F8F3AEF7
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/2AmbSb2idkACxSunwBO1ClQQR3Q.roa
Signing time: Wed 28 Aug 2024 12:19:22 +0000
ROA not before: Wed 28 Aug 2024 12:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51026
IP address blocks: 62.220.126.0/24 maxlen: 24
62.220.127.0/24 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.24.0/24 maxlen: 24
81.12.25.0/24 maxlen: 24
81.12.26.0/24 maxlen: 24
81.12.27.0/24 maxlen: 24
81.12.30.0/24 maxlen: 24
81.12.31.0/24 maxlen: 24
87.107.110.0/23 maxlen: 24
87.107.110.0/24 maxlen: 24
87.107.111.0/24 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/24 maxlen: 24
87.107.153.0/24 maxlen: 24
87.107.166.0/24 maxlen: 24
87.107.167.0/24 maxlen: 24
87.107.174.0/24 maxlen: 24
87.107.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 12:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:ed:20:5c:e4:9c:be:e2:05:61:b8:b3:f8:f3:ae:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Aug 28 12:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8099b49bda2764002c52ba7c013b50a54104774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3e:69:7d:78:74:1e:cb:f7:33:e4:e4:e6:8c:
cb:16:2a:88:23:26:de:58:ef:e2:1e:82:e1:ea:16:
76:91:e1:95:0c:d3:5c:35:39:b1:40:07:96:44:a6:
a6:05:4c:eb:d7:b1:74:25:21:2a:5a:9e:f7:8d:1d:
09:08:7b:a2:e5:b7:11:38:58:ad:62:35:90:87:42:
a9:cf:4b:77:e0:e9:9c:29:96:6b:31:07:59:a7:b4:
86:57:9d:db:5b:c5:13:e5:53:00:9b:01:b6:67:c3:
bf:d8:1f:04:e8:54:9c:4a:7c:ba:56:40:5e:c7:ba:
82:58:96:8f:80:83:4a:0e:5d:9e:ac:2e:30:9d:df:
f1:41:c7:d5:30:88:80:d2:c2:e4:2a:fe:81:f1:92:
64:c0:47:5d:17:f7:90:52:95:5a:36:2a:cf:93:66:
b3:0a:4a:25:f0:a5:fa:b5:5c:75:b9:b6:72:14:9e:
2a:76:99:a6:a2:ea:9b:14:90:e3:59:19:3b:91:f5:
51:5f:82:7a:3d:c0:cc:de:f8:96:6b:70:cb:d5:6d:
8e:b3:f5:74:e4:23:a3:12:10:72:c6:42:a4:da:b7:
a0:35:34:55:25:4a:7b:5e:97:e4:6a:04:50:28:b1:
09:a5:7e:4c:9f:4e:6b:d1:a1:ed:f6:1a:4f:e7:24:
df:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:09:9B:49:BD:A2:76:40:02:C5:2B:A7:C0:13:B5:0A:54:10:47:74
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/2AmbSb2idkACxSunwBO1ClQQR3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.110.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:de:aa:c6:56:ae:e6:c0:66:06:d6:bd:5d:79:d0:3a:3e:12:
c1:58:66:f1:43:5e:af:27:f7:7b:40:67:43:7e:19:b3:a7:a3:
be:3f:2d:ad:63:30:4c:a5:8c:13:0c:87:3d:6e:53:65:e7:3d:
f3:02:25:cf:9b:e3:08:0e:0c:d3:bc:b3:e9:d5:fb:55:a5:78:
5a:2d:e7:61:46:de:2a:25:a8:46:4c:c0:21:9f:c0:00:1a:ac:
3a:ed:fc:7e:84:d7:02:44:29:c4:20:d7:96:25:32:17:cf:cb:
ae:7a:b2:96:7d:59:b5:6c:99:e6:8b:d4:43:27:59:30:ad:ff:
1d:99:71:67:24:06:03:6c:cc:c7:a1:b3:c7:3c:d9:b5:6a:e6:
81:2d:b8:a4:26:38:89:71:0b:ce:c4:fe:27:0e:f9:96:c8:6a:
40:d2:2e:04:bd:27:0a:1f:6e:c3:99:1b:b7:2c:d8:f4:41:c1:
51:d8:72:7b:d5:76:c2:0f:21:5f:ab:7e:1b:44:4f:75:0e:43:
41:f5:e0:96:c5:41:d4:ea:99:1f:e4:b1:b7:c7:17:7f:a7:63:
c9:4b:80:5d:14:86:fd:22:84:85:4e:ca:8b:05:6a:f5:63:c1:
78:8d:f1:e3:bd:b2:fc:fe:6c:5e:4a:08:b9:bc:87:ed:f1:d9:
03:58:0a:b3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZGY7SBc5Jy+4gVhuLP48673MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwODI4MTIxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA5OWI0OWJkYTI3NjQwMDJjNTJiYTdjMDEzYjUwYTU0MTA0Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD5pfXh0Hsv3M+Tk5ozLFiqIIybe
WO/iHoLh6hZ2keGVDNNcNTmxQAeWRKamBUzr17F0JSEqWp73jR0JCHui5bcROFit
YjWQh0Kpz0t34OmcKZZrMQdZp7SGV53bW8UT5VMAmwG2Z8O/2B8E6FScSny6VkBe
x7qCWJaPgINKDl2erC4wnd/xQcfVMIiA0sLkKv6B8ZJkwEddF/eQUpVaNirPk2az
Ckol8KX6tVx1ubZyFJ4qdpmmouqbFJDjWRk7kfVRX4J6PcDM3viWa3DL1W2Os/V0
5COjEhByxkKk2regNTRVJUp7XpfkagRQKLEJpX5Mn05r0aHt9hpP5yTfiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNgJm0m9onZAAsUrp8ATtQpUEEd0MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMkFtYlNiMmlka0FDeFN1bndCTzFDbFFRUjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPtx+AwQC
UQwYAwQBUQweAwQBV2tuAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3
DQEBCwUAA4IBAQBM3qrGVq7mwGYG1r1dedA6PhLBWGbxQ16vJ/d7QGdDfhmzp6O+
Py2tYzBMpYwTDIc9blNl5z3zAiXPm+MIDgzTvLPp1ftVpXhaLedhRt4qJahGTMAh
n8AAGqw67fx+hNcCRCnEINeWJTIXz8uuerKWfVm1bJnmi9RDJ1kwrf8dmXFnJAYD
bMzHobPHPNm1auaBLbikJjiJcQvOxP4nDvmWyGpA0i4EvScKH27DmRu3LNj0QcFR
2HJ71XbCDyFfq34bRE91DkNB9eCWxUHU6pkf5LG3xxd/p2PJS4BdFIb9IoSFTsqL
BWr1Y8F4jfHjvbL8/mxeSgi5vIft8dkDWAqz
-----END CERTIFICATE-----
Generated at Sat Aug 31 13:41:08 2024 by rpki-client on console-fra.rpki-client.org