Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Cbl098ahOG3QkLFf-sC51X1nzWY.roa
File: Cbl098ahOG3QkLFf-sC51X1nzWY.roa (raw, json)
Hash identifier: sP2YpOjgnvu/7JxPotLKT9O+tf/jKc0+qj/szXK0/Ds=
Subject key identifier: 09:B9:74:F7:C6:A1:38:6D:D0:90:B1:5F:FA:C0:B9:D5:7D:67:CD:66
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018C0FE3E1A58F3B07765E08EB90CE08F8DF
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Cbl098ahOG3QkLFf-sC51X1nzWY.roa
Signing time: Mon 27 Nov 2023 08:27:21 +0000
ROA not before: Mon 27 Nov 2023 08:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 62.220.118.0/23 maxlen: 24
81.12.43.0/24 maxlen: 24
87.107.100.0/22 maxlen: 24
81.12.77.0/24 maxlen: 24
81.12.102.0/23 maxlen: 23
81.12.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:e3:e1:a5:8f:3b:07:76:5e:08:eb:90:ce:08:f8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Nov 27 08:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09b974f7c6a1386dd090b15ffac0b9d57d67cd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cd:45:95:96:f1:60:f0:a8:69:f0:0d:eb:31:
44:1d:e7:21:8c:4e:f1:e2:4c:3a:b3:f3:86:d2:8b:
8d:43:2e:d8:c8:92:ba:47:cf:36:ba:66:e2:18:4d:
27:07:41:06:b5:96:8d:a0:e7:a9:79:fe:31:dc:31:
36:df:a5:26:77:bf:8a:4d:55:fa:ea:fb:49:ba:75:
f6:56:cc:12:7e:cd:38:d3:af:21:f0:3d:e4:14:ee:
dd:c4:ba:74:51:5d:2e:8c:0f:01:32:a7:6d:6e:4c:
e7:9d:6b:9f:34:bd:78:24:e7:51:30:25:bd:91:82:
11:89:a2:b9:dd:9a:b0:f6:cc:1d:76:84:7f:19:ed:
f1:f2:df:ce:39:b0:ce:8b:0d:5d:8c:05:a9:d6:7d:
e7:85:d4:89:6a:b1:62:de:04:c5:ae:bb:17:d8:4b:
86:cd:27:e6:e2:ff:b8:87:38:87:c3:26:f9:e9:43:
e5:ac:35:3a:d8:e8:30:90:da:5e:04:2b:ed:aa:84:
2e:ee:16:ff:6f:4a:58:84:9a:b0:d6:c1:ab:22:47:
27:dc:c2:53:65:9f:05:09:dc:60:c2:05:7d:d9:9e:
67:d1:eb:a0:2f:53:72:06:2a:54:c6:7d:86:7e:dc:
5f:7b:73:d1:bd:1f:83:33:8b:8c:1a:5c:20:4e:54:
83:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B9:74:F7:C6:A1:38:6D:D0:90:B1:5F:FA:C0:B9:D5:7D:67:CD:66
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Cbl098ahOG3QkLFf-sC51X1nzWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.118.0/23
81.12.43.0/24
81.12.77.0/24
81.12.100.0/24
81.12.102.0/23
87.107.100.0/22
Signature Algorithm: sha256WithRSAEncryption
14:2d:f7:e9:a0:e0:4a:0e:fb:8d:7d:8e:55:0e:37:8d:e8:42:
b9:4f:2a:9f:85:86:ee:cd:6a:a6:93:d7:15:d8:c6:99:2f:10:
aa:0e:2e:95:3a:c1:68:58:5c:a0:c7:b0:cb:17:6f:b6:ac:5f:
5f:eb:ad:ea:bc:53:33:ba:18:4d:98:ad:ec:51:a2:53:52:99:
cd:1f:e5:ea:05:09:d1:3b:a4:7e:b5:10:12:11:df:84:39:75:
41:8b:60:8c:d7:ec:74:f5:7d:86:cc:19:05:99:d7:c4:62:4f:
15:08:91:55:05:25:ea:86:7d:19:6e:c3:f3:a4:ad:cb:fc:b6:
78:0b:12:f1:87:d8:c2:78:9c:d3:0e:5b:2e:41:4c:42:b2:06:
bd:78:ff:f0:a1:61:50:65:a7:0f:0c:7e:1c:01:13:62:23:ed:
22:f5:1e:a4:48:7f:b7:cc:b3:6f:c2:4f:50:04:0c:ad:c6:be:
47:ab:46:b1:91:25:2e:0c:d6:05:57:bf:4a:e6:e3:ac:c8:74:
32:74:bd:fe:1f:73:2c:5f:f9:2d:67:bf:c3:34:b6:cd:16:dc:
fe:7c:7e:16:c6:5a:af:e5:c8:08:05:fa:e1:65:fd:b2:5c:af:
3e:ce:1e:09:fc:b1:4b:21:2b:da:bf:62:a2:f3:03:dc:a8:ed:
ba:a9:bd:65
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwP4+GljzsHdl4I65DOCPjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMxMTI3MDgyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI5NzRmN2M2YTEzODZkZDA5MGIxNWZmYWMwYjlkNTdkNjdjZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc1FlZbxYPCoafAN6zFEHechjE7x
4kw6s/OG0ouNQy7YyJK6R882umbiGE0nB0EGtZaNoOepef4x3DE236Umd7+KTVX6
6vtJunX2VswSfs04068h8D3kFO7dxLp0UV0ujA8BMqdtbkznnWufNL14JOdRMCW9
kYIRiaK53Zqw9swddoR/Ge3x8t/OObDOiw1djAWp1n3nhdSJarFi3gTFrrsX2EuG
zSfm4v+4hziHwyb56UPlrDU62OgwkNpeBCvtqoQu7hb/b0pYhJqw1sGrIkcn3MJT
ZZ8FCdxgwgV92Z5n0eugL1NyBipUxn2Gftxfe3PRvR+DM4uMGlwgTlSDhwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAm5dPfGoTht0JCxX/rAudV9Z81mMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvQ2JsMDk4YWhPRzNRa0xGZi1zQzUxWDFueldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBPtx2AwQA
UQwrAwQAUQxNAwQAUQxkAwQBUQxmAwQCV2tkMA0GCSqGSIb3DQEBCwUAA4IBAQAU
LffpoOBKDvuNfY5VDjeN6EK5TyqfhYbuzWqmk9cV2MaZLxCqDi6VOsFoWFygx7DL
F2+2rF9f663qvFMzuhhNmK3sUaJTUpnNH+XqBQnRO6R+tRASEd+EOXVBi2CM1+x0
9X2GzBkFmdfEYk8VCJFVBSXqhn0ZbsPzpK3L/LZ4CxLxh9jCeJzTDlsuQUxCsga9
eP/woWFQZacPDH4cARNiI+0i9R6kSH+3zLNvwk9QBAytxr5Hq0axkSUuDNYFV79K
5uOsyHQydL3+H3MsX/ktZ7/DNLbNFtz+fH4Wxlqv5cgIBfrhZf2yXK8+zh4J/LFL
ISvav2Ki8wPcqO26qb1l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org