Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/hEfLSNACiKjcTruE69WKtiHuMMY.roa
File: hEfLSNACiKjcTruE69WKtiHuMMY.roa (raw, json)
Hash identifier: aKSHUFfbGFj71tNDXiEXdCrQILQ1qtLbEpzg5jreRYo=
Subject key identifier: 84:47:CB:48:D0:02:88:A8:DC:4E:BB:84:EB:D5:8A:B6:21:EE:30:C6
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4DCE1C7C5772F1D42DD2DAB0137C0
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/hEfLSNACiKjcTruE69WKtiHuMMY.roa
Signing time: Sun 01 Jan 2023 19:35:22 +0000
ROA not before: Sun 01 Jan 2023 19:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6854
IP address blocks: 212.69.96.0/19 maxlen: 19
213.243.64.0/18 maxlen: 18
195.230.64.0/19 maxlen: 19
80.253.0.0/20 maxlen: 20
83.222.192.0/19 maxlen: 19
83.229.128.0/17 maxlen: 17
62.64.16.0/20 maxlen: 20
62.64.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 27 Sep 2023 14:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:dc:e1:c7:c5:77:2f:1d:42:dd:2d:ab:01:37:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8447cb48d00288a8dc4ebb84ebd58ab621ee30c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:63:a9:04:f2:01:86:9b:52:48:93:23:d3:cc:
05:eb:ce:f4:ac:c5:8f:7c:47:e3:85:8d:99:97:93:
db:52:7f:06:ea:14:d9:3f:35:17:e0:a6:fb:59:5a:
49:b4:e8:3e:89:0d:ed:48:84:83:5a:1c:ef:33:fa:
14:fb:55:11:a2:5a:73:a8:cb:c1:11:6b:ae:a1:26:
33:a5:a2:0b:88:ff:f8:ef:d5:a4:ae:2f:a3:d0:75:
af:f2:a3:15:24:df:66:5c:0b:a7:87:4e:b9:ab:0d:
ef:d0:d4:6c:9c:5b:61:fc:a0:26:8d:fc:20:d5:e7:
9a:5d:5e:a1:7a:1a:0a:a3:07:67:b4:cb:8e:bf:a3:
7f:0f:93:e6:53:26:37:0c:aa:e6:3b:e4:f7:a4:1b:
26:0e:ad:f3:e3:83:64:bb:10:19:90:b5:07:fa:1b:
0b:e5:2e:c7:b6:9e:35:b3:1f:72:11:87:13:66:c6:
e0:9f:a5:89:5c:4e:00:06:43:57:53:59:9d:79:9d:
58:fa:ff:d9:ab:56:9f:09:ba:cd:af:0c:dd:08:5b:
5d:2d:95:b8:8d:52:d3:c7:8f:24:ad:b2:68:14:6c:
1a:9d:f6:50:45:8f:fb:ba:96:1d:24:a1:b3:f5:88:
c1:91:b0:0e:2c:c9:84:89:21:00:00:90:05:e5:1f:
36:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:47:CB:48:D0:02:88:A8:DC:4E:BB:84:EB:D5:8A:B6:21:EE:30:C6
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/hEfLSNACiKjcTruE69WKtiHuMMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.64.16.0/20
80.253.0.0/20
83.222.192.0/19
83.229.128.0/17
195.230.64.0/19
212.69.96.0/19
213.243.64.0/18
Signature Algorithm: sha256WithRSAEncryption
02:61:d1:2f:0c:e5:95:9a:c4:60:97:e8:e5:6b:0c:89:d7:99:
b1:95:c1:1d:15:94:97:4c:b3:95:0d:ee:a0:52:71:bf:9c:47:
de:cd:ae:14:56:dc:70:da:77:20:13:e0:a6:e8:b5:cf:ff:28:
36:04:c4:01:c0:aa:df:bf:59:2c:65:47:40:e1:57:6e:eb:cb:
81:96:27:89:ab:e3:4b:f1:dd:65:4a:b8:70:b7:0b:e0:ab:2e:
f3:84:94:40:21:10:fe:fa:02:3d:c2:21:09:5c:0a:25:c2:c7:
8f:c4:8c:85:75:9b:68:bf:34:23:a4:0a:bd:3d:da:32:19:6a:
47:af:c7:ff:6f:e5:6f:b9:7c:c0:e7:30:c6:dc:83:94:22:9a:
29:31:fb:b7:80:84:f1:df:75:65:c4:c3:f4:22:4c:75:61:72:
75:3e:46:f4:e4:27:20:08:1c:d9:49:6e:9e:c1:bc:4d:82:17:
c1:54:2a:2b:46:5f:01:2b:20:0b:e1:5b:cc:1a:b7:e8:82:2c:
f3:8d:58:da:ea:c1:aa:26:7b:41:5b:ff:08:26:93:a8:2f:b6:
8b:fe:89:9c:72:df:78:54:b5:52:4e:d6:81:2e:9c:93:96:08:
8b:f5:c9:17:f6:6a:d5:71:72:b3:63:ca:08:85:b7:17:fc:2b:
06:30:81:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVu1Nzhx8V3Lx1C3S2rATfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ3Y2I0OGQwMDI4OGE4ZGM0ZWJiODRlYmQ1OGFiNjIxZWUzMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GOpBPIBhptSSJMj08wF6870rMWP
fEfjhY2Zl5PbUn8G6hTZPzUX4Kb7WVpJtOg+iQ3tSISDWhzvM/oU+1URolpzqMvB
EWuuoSYzpaILiP/479Wkri+j0HWv8qMVJN9mXAunh065qw3v0NRsnFth/KAmjfwg
1eeaXV6hehoKowdntMuOv6N/D5PmUyY3DKrmO+T3pBsmDq3z44NkuxAZkLUH+hsL
5S7Htp41sx9yEYcTZsbgn6WJXE4ABkNXU1mdeZ1Y+v/Zq1afCbrNrwzdCFtdLZW4
jVLTx48krbJoFGwanfZQRY/7upYdJKGz9YjBkbAOLMmEiSEAAJAF5R82owIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIRHy0jQAoio3E67hOvVirYh7jDGMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvaEVmTFNOQUNpS2pjVHJ1RTY5V0t0aUh1TU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEPkAQAwQE
UP0AAwQFU97AAwQHU+WAAwQFw+ZAAwQF1EVgAwQG1fNAMA0GCSqGSIb3DQEBCwUA
A4IBAQACYdEvDOWVmsRgl+jlawyJ15mxlcEdFZSXTLOVDe6gUnG/nEfeza4UVtxw
2ncgE+Cm6LXP/yg2BMQBwKrfv1ksZUdA4Vdu68uBlieJq+NL8d1lSrhwtwvgqy7z
hJRAIRD++gI9wiEJXAolwsePxIyFdZtovzQjpAq9PdoyGWpHr8f/b+VvuXzA5zDG
3IOUIpopMfu3gITx33VlxMP0Ikx1YXJ1Pkb05CcgCBzZSW6ewbxNghfBVCorRl8B
KyAL4VvMGrfogizzjVja6sGqJntBW/8IJpOoL7aL/omcct94VLVSTtaBLpyTlgiL
9ckX9mrVcXKzY8oIhbcX/CsGMIGd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:35 2024 by rpki-client on console-ams.rpki-client.org