Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6QQEV9D2-PeKqwGMCiuP2798jzI.roa
File: 6QQEV9D2-PeKqwGMCiuP2798jzI.roa (raw, json)
Hash identifier: 9Et2I+l3zqHfkpOMfEKnEKbIeHV9tUKSbIe6LUQTs0c=
Subject key identifier: E9:04:04:57:D0:F6:F8:F7:8A:AB:01:8C:0A:2B:8F:DB:BF:7C:8F:32
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019155E6E09D832AF1E53AD25E2718ACAC9F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6QQEV9D2-PeKqwGMCiuP2798jzI.roa
Signing time: Thu 15 Aug 2024 11:57:59 +0000
ROA not before: Thu 15 Aug 2024 11:57:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 13:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:e6:e0:9d:83:2a:f1:e5:3a:d2:5e:27:18:ac:ac:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 15 11:57:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9040457d0f6f8f78aab018c0a2b8fdbbf7c8f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:13:46:28:7b:af:07:64:9f:f5:c0:8d:f4:
8d:e5:91:78:f5:91:98:96:84:2b:a9:d4:46:07:da:
54:47:3e:34:51:5e:97:07:32:46:65:e2:d5:1c:af:
7e:4c:c5:82:ed:56:2e:a9:59:6f:c0:3e:76:d0:a0:
ae:f9:6e:54:1c:96:c9:71:58:0b:c9:af:77:ad:93:
c9:84:80:18:d2:bd:bd:b8:2c:cd:77:bc:e2:c9:0b:
19:3e:25:52:e7:77:f6:71:6b:91:d3:ef:2f:6a:4d:
7a:08:46:9e:12:f0:d9:46:ef:a2:4b:a6:1e:31:fb:
09:ea:07:f3:4d:c3:65:0a:26:04:db:01:e1:09:ef:
11:35:7f:b5:7d:65:26:40:00:af:c6:4b:cc:27:f1:
fa:1f:3e:c3:17:95:8a:8d:42:00:ed:d7:1e:7f:f3:
84:bd:14:b0:a7:8a:e7:f2:a6:be:e4:59:c4:00:e0:
c1:1a:9c:aa:d3:7c:d8:52:dd:48:6e:61:ca:ca:89:
b5:42:18:3f:18:75:d6:fb:ed:eb:44:2f:bc:2b:05:
98:28:08:3a:0b:82:fb:73:d8:c4:db:7a:1a:67:d9:
1d:2b:4e:2b:e2:db:f8:ba:d6:91:03:f7:c9:a4:b0:
d9:60:42:e0:f9:05:8c:14:db:58:d3:4d:3d:3f:73:
39:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:04:04:57:D0:F6:F8:F7:8A:AB:01:8C:0A:2B:8F:DB:BF:7C:8F:32
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6QQEV9D2-PeKqwGMCiuP2798jzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.144.0/24
62.197.147.0-62.197.148.255
62.197.150.0/24
62.197.152.0/24
89.33.84.0/24
89.37.62.0/24
92.62.121.0/24
185.239.241.0/24
185.244.137.0/24
185.245.5.0/24
188.240.68.0/24
193.19.108.0/24
193.218.32.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
57:73:0c:07:8f:1a:1c:6a:fa:fd:a9:66:26:e6:f7:fd:13:32:
05:e3:28:ab:dc:06:2b:72:b3:8e:39:94:95:e2:ae:c9:de:4c:
bb:b0:ab:ee:51:81:33:b2:2b:f6:b5:3d:1a:7a:9f:ae:05:df:
54:7b:88:49:6b:6a:0d:45:c0:23:63:d8:89:4e:9f:4f:82:69:
94:22:b0:47:53:a9:6c:09:8c:92:d5:92:07:18:43:76:cd:a6:
7c:18:88:19:cb:ea:36:11:65:82:19:1c:ff:03:3d:21:09:48:
cc:08:5b:72:f1:e3:1f:f0:1b:e2:b8:de:d4:fa:64:3b:a8:d3:
73:d9:99:eb:0e:b8:70:b9:75:08:0d:9c:1d:ba:64:45:73:c3:
c4:3b:a2:34:de:27:d4:c4:68:a6:eb:d0:e6:de:c5:af:da:4f:
47:4f:68:51:f4:6a:08:7a:7c:95:64:1f:3e:77:67:dc:84:b7:
68:0b:e5:42:e4:49:3c:44:e7:2a:a4:b6:3a:11:35:62:49:f2:
b6:c6:c6:81:37:aa:8a:c0:f0:ee:8e:d7:50:b6:7f:13:b6:c3:
24:00:b8:36:ca:89:5d:9a:7e:a2:03:75:fd:44:50:dd:bd:f5:
ca:81:07:fe:90:18:51:01:4d:77:5e:a3:cf:ee:a5:ad:55:0b:
b5:28:d7:5f
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZFV5uCdgyrx5TrSXicYrKyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODE1MTE1NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTA0MDQ1N2QwZjZmOGY3OGFhYjAxOGMwYTJiOGZkYmJmN2M4ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+QTRih7rwdkn/XAjfSN5ZF49ZGY
loQrqdRGB9pURz40UV6XBzJGZeLVHK9+TMWC7VYuqVlvwD520KCu+W5UHJbJcVgL
ya93rZPJhIAY0r29uCzNd7ziyQsZPiVS53f2cWuR0+8vak16CEaeEvDZRu+iS6Ye
MfsJ6gfzTcNlCiYE2wHhCe8RNX+1fWUmQACvxkvMJ/H6Hz7DF5WKjUIA7dcef/OE
vRSwp4rn8qa+5FnEAODBGpyq03zYUt1IbmHKyom1Qhg/GHXW++3rRC+8KwWYKAg6
C4L7c9jE23oaZ9kdK04r4tv4utaRA/fJpLDZYELg+QWMFNtY0009P3M5JQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOkEBFfQ9vj3iqsBjAorj9u/fI8yMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNlFRRVY5RDItUGVLcXdHTUNpdVAyNzk4anpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAPsWQMAwD
BAA+xZMDBAA+xZQDBAA+xZYDBAA+xZgDBABZIVQDBABZJT4DBABcPnkDBAC57/ED
BAC59IkDBAC59QUDBAC88EQDBADBE2wDBADB2iADBADcnscwDQYJKoZIhvcNAQEL
BQADggEBAFdzDAePGhxq+v2pZibm9/0TMgXjKKvcBitys445lJXirsneTLuwq+5R
gTOyK/a1PRp6n64F31R7iElrag1FwCNj2IlOn0+CaZQisEdTqWwJjJLVkgcYQ3bN
pnwYiBnL6jYRZYIZHP8DPSEJSMwIW3Lx4x/wG+K43tT6ZDuo03PZmesOuHC5dQgN
nB26ZEVzw8Q7ojTeJ9TEaKbr0Obexa/aT0dPaFH0agh6fJVkHz53Z9yEt2gL5ULk
STxE5yqktjoRNWJJ8rbGxoE3qorA8O6O11C2fxO2wyQAuDbKiV2afqIDdf1EUN29
9cqBB/6QGFEBTXdeo8/upa1VC7Uo118=
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:59:58 2024 by rpki-client on console-fra.rpki-client.org