Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/enJDHqo6L9GzNKgoKJuGjHgyTl4.roa
File: enJDHqo6L9GzNKgoKJuGjHgyTl4.roa (raw, json)
Hash identifier: XrC+q6dqTbQdPgOcpZTbC2qHNloNV985xM76aCUaZRs=
Subject key identifier: 7A:72:43:1E:AA:3A:2F:D1:B3:34:A8:28:28:9B:86:8C:78:32:4E:5E
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018D9EFC27D6B9642F5C347B09B7BC2DA1E0
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/enJDHqo6L9GzNKgoKJuGjHgyTl4.roa
Signing time: Mon 12 Feb 2024 20:22:21 +0000
ROA not before: Mon 12 Feb 2024 20:22:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
66.9.96.0/20 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
93.119.184.0/21 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
198.145.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 16:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:fc:27:d6:b9:64:2f:5c:34:7b:09:b7:bc:2d:a1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Feb 12 20:22:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a72431eaa3a2fd1b334a828289b868c78324e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8e:e7:04:49:a4:15:0b:15:9b:5e:b1:71:1f:
30:0b:e2:97:ff:67:6a:c1:a0:6c:1a:27:88:ad:48:
c1:81:e0:14:9f:82:c3:a3:fd:0f:49:90:a7:f1:a0:
17:39:d1:ec:ed:a3:ec:db:2b:f4:87:fc:73:aa:f9:
3a:07:ba:dd:fe:f9:b7:ac:0c:d9:a0:aa:d1:94:fe:
1c:68:e9:45:9c:53:d2:4c:37:8c:48:b0:59:f6:c7:
2f:b9:2f:60:e9:13:31:8f:81:6a:5b:d6:41:f1:d0:
0d:8a:5f:fa:46:64:de:cf:0e:29:93:53:0f:7d:2d:
0b:27:9d:2a:75:e6:95:09:2f:93:61:57:60:5b:23:
91:a4:25:1a:4f:88:63:9a:e7:62:c6:b1:9c:19:50:
81:4f:89:76:e9:f1:5a:c6:b9:40:53:ad:3e:f3:b9:
0d:4b:2e:5b:eb:19:cc:03:11:89:2b:36:8e:e4:7a:
4d:58:9c:ec:1c:45:0b:69:08:20:a4:41:26:a3:df:
ef:cb:31:dd:d3:42:60:25:f8:e9:68:da:f0:4e:00:
96:ee:df:3a:39:5b:4d:7d:f7:b2:e2:2a:2a:51:5a:
06:63:cf:84:b1:01:5b:69:e3:e2:8c:e4:88:1b:41:
31:d2:be:3c:c5:c7:55:69:64:8b:2e:30:0e:39:4c:
39:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:72:43:1E:AA:3A:2F:D1:B3:34:A8:28:28:9B:86:8C:78:32:4E:5E
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/enJDHqo6L9GzNKgoKJuGjHgyTl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/20
66.9.96.0/20
77.223.192.0-77.223.201.255
79.139.64.0/23
93.119.184.0/21
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
198.145.112.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:23:39:69:f5:39:5c:cc:12:40:68:2d:de:d9:09:c9:c5:39:
65:2b:46:95:a4:b9:45:0a:02:37:f4:37:be:8e:c9:ed:3e:ff:
9f:fd:e4:a5:fb:57:37:6e:ea:58:2d:a5:62:3c:19:2a:2a:5f:
dc:8c:41:50:13:82:d1:bf:db:63:fd:e4:8a:16:ec:59:d5:8c:
05:ec:eb:f6:ea:b2:7e:86:4f:cf:86:37:64:44:04:fe:52:26:
cf:f4:69:d1:3f:9c:33:93:b9:9e:34:cb:21:5a:b5:f6:c9:8b:
4c:b2:5f:ea:3c:6b:fe:ba:a0:64:a8:4f:50:f7:57:90:70:fa:
42:0a:f0:89:e8:fe:7e:a8:f4:67:31:cb:f0:fe:55:e6:9f:06:
a6:ab:d1:ad:d7:53:9d:d1:ff:42:41:bf:8c:7c:4e:c2:22:77:
f5:62:1f:e1:7c:b3:d0:56:66:86:0b:92:08:0e:18:7e:33:fe:
92:dc:05:f0:5d:1f:9e:21:62:8c:7c:db:9b:0b:04:4c:45:e0:
92:e0:44:5c:f0:3c:ea:39:49:89:9d:2e:5d:e3:e5:ad:91:23:
bc:03:72:14:9e:36:ad:38:66:6b:40:55:a2:57:f8:45:c2:58:
d6:af:02:18:07:41:81:ed:62:b4:40:52:d8:d8:f5:c7:ff:85:
18:61:a0:ad
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY2e/CfWuWQvXDR7Cbe8LaHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMjEyMjAyMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTcyNDMxZWFhM2EyZmQxYjMzNGE4MjgyODliODY4Yzc4MzI0ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY7nBEmkFQsVm16xcR8wC+KX/2dq
waBsGieIrUjBgeAUn4LDo/0PSZCn8aAXOdHs7aPs2yv0h/xzqvk6B7rd/vm3rAzZ
oKrRlP4caOlFnFPSTDeMSLBZ9scvuS9g6RMxj4FqW9ZB8dANil/6RmTezw4pk1MP
fS0LJ50qdeaVCS+TYVdgWyORpCUaT4hjmudixrGcGVCBT4l26fFaxrlAU60+87kN
Sy5b6xnMAxGJKzaO5HpNWJzsHEULaQggpEEmo9/vyzHd00JgJfjpaNrwTgCW7t86
OVtNffey4ioqUVoGY8+EsQFbaePijOSIG0Ex0r48xcdVaWSLLjAOOUw55QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFHpyQx6qOi/RszSoKCibhox4Mk5eMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvZW5KREhxbzZMOUd6Tktnb0tKdUdqSGd5VGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQEPqTgAwQE
QglgMAwDBAZN38ADBAFN38gDBAFPi0ADBANdd7gDBANfsggDBAN0MhADBAN5fzgD
BAKw3jADBALGkXAwDQYJKoZIhvcNAQELBQADggEBAI8jOWn1OVzMEkBoLd7ZCcnF
OWUrRpWkuUUKAjf0N76Oye0+/5/95KX7Vzdu6lgtpWI8GSoqX9yMQVATgtG/22P9
5IoW7FnVjAXs6/bqsn6GT8+GN2REBP5SJs/0adE/nDOTuZ40yyFatfbJi0yyX+o8
a/66oGSoT1D3V5Bw+kIK8Ino/n6o9Gcxy/D+VeafBqar0a3XU53R/0JBv4x8TsIi
d/ViH+F8s9BWZoYLkggOGH4z/pLcBfBdH54hYox825sLBExF4JLgRFzwPOo5SYmd
Ll3j5a2RI7wDchSeNq04ZmtAVaJX+EXCWNavAhgHQYHtYrRAUtjY9cf/hRhhoK0=
-----END CERTIFICATE-----
Generated at Wed Mar 20 19:58:06 2024 by rpki-client on console-ams.rpki-client.org