Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/a9uj62TR0H3TvKyC_0HE34leKgI.roa
File: a9uj62TR0H3TvKyC_0HE34leKgI.roa (raw, json)
Hash identifier: f9wypxDZrmJzJkw6qp2HgJsczikWHpSc1Q8DxnkVCZI=
Subject key identifier: 6B:DB:A3:EB:64:D1:D0:7D:D3:BC:AC:82:FF:41:C4:DF:89:5E:2A:02
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 018C81A112EDD9990365C16BD9F2A66CC031
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/a9uj62TR0H3TvKyC_0HE34leKgI.roa
Signing time: Tue 19 Dec 2023 10:31:06 +0000
ROA not before: Tue 19 Dec 2023 10:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15435
IP address blocks: 217.102.240.0/20 maxlen: 24
213.34.224.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
204.168.128.0/17 maxlen: 24
217.63.64.0/19 maxlen: 24
149.143.64.0/18 maxlen: 24
87.99.128.0/17 maxlen: 24
81.172.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
185.200.96.0/22 maxlen: 24
149.143.32.0/19 maxlen: 24
212.92.64.0/19 maxlen: 24
62.238.0.0/16 maxlen: 24
2a02:f68::/29 maxlen: 48
2a07:31c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:a1:12:ed:d9:99:03:65:c1:6b:d9:f2:a6:6c:c0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Dec 19 10:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bdba3eb64d1d07dd3bcac82ff41c4df895e2a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:44:d5:27:92:1f:d5:0f:61:76:be:09:5d:a0:
2d:ae:1c:cf:8d:a9:4c:fe:11:88:fb:61:4d:19:26:
63:29:66:7a:d7:5b:3b:7c:52:ae:81:4e:ea:d8:c3:
78:98:a7:be:cb:80:a0:19:4c:c3:35:5e:4b:4e:5a:
e2:99:b1:f7:42:c5:35:12:60:5a:d6:16:de:99:17:
47:f0:a7:d4:fe:ca:f6:8b:fe:d8:14:d1:61:50:4e:
72:d0:6f:cb:cc:7c:c9:84:43:32:f8:f2:95:ad:f2:
ac:0c:00:48:ee:5f:2e:0a:b1:db:c4:1b:cf:67:d6:
93:f7:a2:b6:06:10:e5:c0:7d:aa:ba:c6:91:3b:a7:
dd:02:9a:35:69:89:b2:8c:a9:f0:0d:6c:1e:d9:22:
62:38:aa:68:54:9f:04:85:24:8e:4b:15:71:bb:72:
b2:80:98:ab:de:8c:e9:49:13:45:48:21:16:b2:7c:
f6:6d:72:bc:0a:b6:e9:73:37:2b:19:d0:b8:bf:37:
f9:d8:17:65:1f:74:8c:6d:fa:ba:be:75:e4:f9:6e:
12:78:00:ca:38:71:17:7d:6f:b5:83:16:69:3f:db:
48:69:8b:f0:00:d2:fe:64:f8:3b:2b:e7:68:d9:af:
dc:18:d2:e2:ce:c2:e0:d3:52:4f:9e:4d:d2:89:8d:
d3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DB:A3:EB:64:D1:D0:7D:D3:BC:AC:82:FF:41:C4:DF:89:5E:2A:02
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/a9uj62TR0H3TvKyC_0HE34leKgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.0.0/16
81.172.128.0/17
87.99.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
185.200.96.0/22
204.168.128.0/17
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:28:93:41:8a:5d:39:54:50:bd:db:8f:0e:4b:dd:5d:d6:93:
7e:4e:39:1f:c6:32:5c:93:09:b1:12:0c:81:0d:62:bc:78:5b:
52:98:3f:a2:d4:55:57:83:ea:99:e4:d9:ce:71:1a:7f:d1:3e:
fd:de:f0:4c:7d:f6:28:90:6e:4a:52:ce:f9:a4:92:fc:56:70:
8f:71:00:c9:ff:6e:69:3f:09:2c:95:a3:12:3d:77:8a:11:cd:
96:a8:10:9b:fe:07:67:7b:c1:78:3d:ba:b9:f1:b1:87:e0:2e:
81:6c:16:0c:24:6e:2d:7a:6b:65:b2:48:e2:bc:a5:21:2f:7c:
2c:41:4a:7e:c6:ad:ba:ff:6e:37:d9:8e:e7:99:9e:95:42:8d:
dc:db:25:08:97:11:25:d0:46:c8:55:84:eb:ae:bb:48:d3:98:
4f:b5:79:d4:3e:aa:f7:a6:34:e5:f9:e9:09:25:0f:1d:ab:b9:
96:41:93:d5:cf:55:15:86:87:cb:f4:a5:20:de:be:fb:fd:91:
68:fb:9c:ae:6d:29:ce:64:f2:ec:a3:4c:83:2c:2c:8f:be:49:
a3:94:86:5c:c9:2f:58:71:be:5d:0c:7b:be:f8:8b:83:9d:95:
b9:4a:05:48:96:65:e5:e8:9c:cd:c4:f9:b6:c4:15:2c:d3:a8:
9a:92:d5:d1
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYyBoRLt2ZkDZcFr2fKmbMAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjMxMjE5MTAzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRiYTNlYjY0ZDFkMDdkZDNiY2FjODJmZjQxYzRkZjg5NWUyYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuETVJ5If1Q9hdr4JXaAtrhzPjalM
/hGI+2FNGSZjKWZ611s7fFKugU7q2MN4mKe+y4CgGUzDNV5LTlrimbH3QsU1EmBa
1hbemRdH8KfU/sr2i/7YFNFhUE5y0G/LzHzJhEMy+PKVrfKsDABI7l8uCrHbxBvP
Z9aT96K2BhDlwH2qusaRO6fdApo1aYmyjKnwDWwe2SJiOKpoVJ8EhSSOSxVxu3Ky
gJir3ozpSRNFSCEWsnz2bXK8CrbpczcrGdC4vzf52BdlH3SMbfq6vnXk+W4SeADK
OHEXfW+1gxZpP9tIaYvwANL+ZPg7K+do2a/cGNLizsLg01JPnk3SiY3TrwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFGvbo+tk0dB907ysgv9BxN+JXioCMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvYTl1ajYyVFIwSDNUdkt5Q18wSEUzNGxlS2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBVBAIAATBPAwMAPu4DBAdR
rIADBAdXY4ADBAaN4MAwDAMEBZWPIAMEB5WPAAMEArnIYAMEB8yogAMEBdRcQAME
BdRzwAMEBdUi4AMEBdk/QAMEBNlm8DAUBAIAAjAOAwUDKgIPaAMFAyoHMcAwDQYJ
KoZIhvcNAQELBQADggEBADgok0GKXTlUUL3bjw5L3V3Wk35OOR/GMlyTCbESDIEN
Yrx4W1KYP6LUVVeD6pnk2c5xGn/RPv3e8Ex99iiQbkpSzvmkkvxWcI9xAMn/bmk/
CSyVoxI9d4oRzZaoEJv+B2d7wXg9urnxsYfgLoFsFgwkbi16a2WySOK8pSEvfCxB
Sn7Grbr/bjfZjueZnpVCjdzbJQiXESXQRshVhOuuu0jTmE+1edQ+qvemNOX56Qkl
Dx2ruZZBk9XPVRWGh8v0pSDevvv9kWj7nK5tKc5k8uyjTIMsLI++SaOUhlzJL1hx
vl0Me774i4OdlblKBUiWZeXonM3E+bbEFSzTqJqS1dE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:54 2024 by rpki-client on console-ams.rpki-client.org