Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/CFdv2K5ucVruN3bh3Du5w6dxLZ0.roa
File: CFdv2K5ucVruN3bh3Du5w6dxLZ0.roa (raw, json)
Hash identifier: /ZKrN32LveUQy9bvicE5NlrJUkTtEBdMOLl3G+yJ17k=
Subject key identifier: 08:57:6F:D8:AE:6E:71:5A:EE:37:76:E1:DC:3B:B9:C3:A7:71:2D:9D
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0187D6B1603AA89CCB888EAAFE9B37135D8C
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/CFdv2K5ucVruN3bh3Du5w6dxLZ0.roa
Signing time: Mon 01 May 2023 09:42:41 +0000
ROA not before: Mon 01 May 2023 09:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21341
IP address blocks: 87.107.42.0/23 maxlen: 23
87.107.41.0/24 maxlen: 24
87.107.40.0/24 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.50.0/24 maxlen: 24
87.107.50.0/23 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 22
87.107.88.0/22 maxlen: 22
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
87.107.96.0/22 maxlen: 22
87.107.112.0/22 maxlen: 24
87.107.108.0/22 maxlen: 23
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 21
87.107.122.0/24 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 21
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.24.0/22 maxlen: 22
81.12.48.0/22 maxlen: 22
81.12.58.0/24 maxlen: 24
81.12.52.0/23 maxlen: 23
81.12.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 12:54:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d6:b1:60:3a:a8:9c:cb:88:8e:aa:fe:9b:37:13:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: May 1 09:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08576fd8ae6e715aee3776e1dc3bb9c3a7712d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a7:8b:41:50:26:b4:2f:dc:b6:ba:5c:85:dc:
c7:34:10:62:ec:9e:df:be:68:9e:e7:aa:27:be:47:
6e:f2:98:bf:32:81:70:72:34:17:95:62:af:f8:db:
c8:19:19:c7:e6:07:34:d5:3b:30:d0:d0:74:92:92:
63:76:09:f0:b4:4c:00:f5:f0:9b:96:ff:7f:fc:32:
4c:72:85:18:92:de:56:c4:b9:4d:33:3f:bf:82:5b:
c7:9c:b2:e6:4d:70:20:f2:8e:3f:99:c9:1c:b3:e8:
f7:e5:b6:84:49:f6:1f:8d:45:3b:b3:1a:38:1d:93:
ef:b1:d7:37:79:e7:53:a5:02:d1:86:32:5a:4b:7c:
2d:94:fe:41:a3:1a:24:0e:a8:19:88:d7:29:a6:2e:
e3:09:9e:33:1e:f2:b9:9a:80:e9:4c:a5:64:2a:31:
f1:0c:7b:de:42:93:2b:f7:0a:6a:7d:20:96:58:eb:
8d:4c:14:73:8f:6e:f0:be:aa:e4:1b:0f:6c:13:5a:
0e:32:90:66:1f:54:06:e9:ea:12:ee:3b:f5:75:7a:
c9:d1:b2:a2:3b:f4:d0:03:32:d6:bf:a6:0b:34:70:
5f:f3:3c:d1:43:85:bb:e8:18:a7:14:ea:1c:c6:48:
32:32:4d:19:55:7d:9c:f6:ea:a8:71:b4:8f:61:0b:
49:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:57:6F:D8:AE:6E:71:5A:EE:37:76:E1:DC:3B:B9:C3:A7:71:2D:9D
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/CFdv2K5ucVruN3bh3Du5w6dxLZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.27.255
81.12.48.0-81.12.53.255
81.12.58.0/23
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.108.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:8e:26:58:44:fc:21:35:f7:a8:10:6d:2c:23:2c:36:5d:31:
1d:c9:46:53:f1:97:e5:2e:2b:10:08:6f:a0:55:b8:4e:7c:01:
3f:ee:8f:73:cd:44:5b:b4:42:b5:c5:b4:45:ee:05:c0:f1:ec:
db:d4:c8:06:8d:70:fe:66:36:08:8e:6a:41:63:1b:b3:1e:37:
8a:31:06:c0:88:78:93:3f:1f:21:05:4b:70:8f:da:6f:28:a6:
5c:07:e4:a6:38:42:b5:75:a1:da:a4:a2:1e:d8:92:1f:fb:1f:
38:6a:d1:25:14:55:f1:41:e5:9c:cd:c1:66:97:81:55:af:70:
84:03:f6:22:d6:34:5c:67:0f:b6:15:c7:83:00:50:5b:98:95:
7d:8d:cf:23:61:62:5d:55:57:fa:7a:41:33:95:fc:aa:22:69:
74:1d:5b:05:49:fb:54:76:5c:4f:be:79:28:30:46:95:de:a5:
a1:21:bf:29:f6:80:77:b7:86:c4:13:97:9c:0a:4c:32:5f:3a:
4e:e7:fd:61:cc:24:05:d3:b7:39:21:34:43:bf:22:9b:31:77:
c1:70:8d:be:c5:b3:1c:54:39:ef:90:f0:11:53:94:65:26:d5:
7d:a2:e9:c7:92:b0:3d:de:b1:77:a6:f9:63:ab:cb:50:0f:59:
2e:da:f7:4f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYfWsWA6qJzLiI6q/ps3E12MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNTAxMDk0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODU3NmZkOGFlNmU3MTVhZWUzNzc2ZTFkYzNiYjljM2E3NzEyZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6eLQVAmtC/ctrpchdzHNBBi7J7f
vmie56onvkdu8pi/MoFwcjQXlWKv+NvIGRnH5gc01Tsw0NB0kpJjdgnwtEwA9fCb
lv9//DJMcoUYkt5WxLlNMz+/glvHnLLmTXAg8o4/mckcs+j35baESfYfjUU7sxo4
HZPvsdc3eedTpQLRhjJaS3wtlP5BoxokDqgZiNcppi7jCZ4zHvK5moDpTKVkKjHx
DHveQpMr9wpqfSCWWOuNTBRzj27wvqrkGw9sE1oOMpBmH1QG6eoS7jv1dXrJ0bKi
O/TQAzLWv6YLNHBf8zzRQ4W76BinFOocxkgyMk0ZVX2c9uqocbSPYQtJCQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFAhXb9iubnFa7jd24dw7ucOncS2dMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvQ0ZkdjJLNXVjVnJ1TjNiaDNEdTV3NmR4TFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQCUQwYMAwDBARRDDADBAFRDDQDBAFR
DDoDBAJXaxgDBAFXayIDBAJXaygwDAMEAVdrMgMEAVdrNAMEAldrRAMEAldrWAME
AldrYDAMAwQCV2tsAwQBV2t0MAwDBANXa3gDBANXa4ADBAJXa6gDBABXa60DBAK5
PIgwDQYJKoZIhvcNAQELBQADggEBAMSOJlhE/CE196gQbSwjLDZdMR3JRlPxl+Uu
KxAIb6BVuE58AT/uj3PNRFu0QrXFtEXuBcDx7NvUyAaNcP5mNgiOakFjG7MeN4ox
BsCIeJM/HyEFS3CP2m8oplwH5KY4QrV1odqkoh7Ykh/7Hzhq0SUUVfFB5ZzNwWaX
gVWvcIQD9iLWNFxnD7YVx4MAUFuYlX2NzyNhYl1VV/p6QTOV/KoiaXQdWwVJ+1R2
XE++eSgwRpXepaEhvyn2gHe3hsQTl5wKTDJfOk7n/WHMJAXTtzkhNEO/Ipsxd8Fw
jb7FsxxUOe+Q8BFTlGUm1X2i6ceSsD3esXem+WOry1APWS7a908=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org