Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/2QcvRViOOMdHcq01oCd3HCiWGgk.roa
File: 2QcvRViOOMdHcq01oCd3HCiWGgk.roa (raw, json)
Hash identifier: /1wW8irP5qEWa8HShIWhh08woN6kvzjBVFRTfPTXIK0=
Subject key identifier: D9:07:2F:45:58:8E:38:C7:47:72:AD:35:A0:27:77:1C:28:96:1A:09
Certificate issuer: /CN=c0520cecba251cd37cdf3c4d5ab03625522bbaac
Certificate serial: 01856D2F3E5FF1D353B5BB3FA160F1AE77C5
Authority key identifier: C0:52:0C:EC:BA:25:1C:D3:7C:DF:3C:4D:5A:B0:36:25:52:2B:BA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/2QcvRViOOMdHcq01oCd3HCiWGgk.roa
Signing time: Sun 01 Jan 2023 11:54:50 +0000
ROA not before: Sun 01 Jan 2023 11:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48744
IP address blocks: 62.122.9.0/24 maxlen: 24
62.122.11.0/24 maxlen: 24
62.122.10.0/24 maxlen: 24
62.122.8.0/24 maxlen: 24
62.122.8.0/22 maxlen: 22
62.122.13.0/24 maxlen: 24
62.122.12.0/22 maxlen: 22
62.122.12.0/24 maxlen: 24
62.122.15.0/24 maxlen: 24
62.122.14.0/24 maxlen: 24
185.240.124.0/23 maxlen: 23
185.240.124.0/24 maxlen: 24
185.240.126.0/23 maxlen: 23
185.240.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:3e:5f:f1:d3:53:b5:bb:3f:a1:60:f1:ae:77:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0520cecba251cd37cdf3c4d5ab03625522bbaac
Validity
Not Before: Jan 1 11:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9072f45588e38c74772ad35a027771c28961a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b5:c2:f0:de:b8:04:2e:d5:bb:9b:b9:46:d2:
03:07:e4:fe:b7:64:5d:18:ea:de:59:97:b7:c0:03:
c3:eb:cb:a7:18:6b:1d:b4:17:8e:67:a3:46:5b:41:
1a:f8:66:6a:ce:b5:71:fe:e5:6e:e2:b0:79:a6:54:
f8:67:af:4d:d7:2c:66:f6:1d:92:c3:94:32:94:b7:
30:57:68:7c:97:94:8c:9a:77:e6:45:5e:a2:b6:0c:
e4:d6:5a:d3:e5:3d:d3:ae:3e:5e:90:e2:f5:cd:1f:
6e:f6:58:ee:5b:d3:f6:4c:e3:2c:05:a0:5a:23:3b:
f3:16:47:4e:71:71:c9:27:49:9f:26:23:03:01:c4:
2e:9f:df:c5:8a:fd:10:66:03:e8:e1:e8:24:be:3c:
3c:72:18:5b:97:0f:eb:05:4f:dd:c0:9e:ad:b2:30:
53:46:3e:b9:7c:ce:aa:f0:cf:f0:71:57:65:60:23:
89:d6:2a:77:d6:9f:af:45:c3:a4:36:33:0d:8d:74:
ad:67:f3:1d:90:e1:e8:0c:88:77:ef:77:b5:94:9e:
bd:62:7d:55:af:51:fe:3b:ba:43:d5:e0:cc:78:3b:
67:5d:5b:de:d8:e6:a6:7f:dc:d4:33:4e:41:e1:0f:
cf:40:71:b0:09:65:23:8f:89:8b:ff:70:db:60:1a:
98:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:07:2F:45:58:8E:38:C7:47:72:AD:35:A0:27:77:1C:28:96:1A:09
X509v3 Authority Key Identifier:
keyid:C0:52:0C:EC:BA:25:1C:D3:7C:DF:3C:4D:5A:B0:36:25:52:2B:BA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/2QcvRViOOMdHcq01oCd3HCiWGgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.8.0/21
185.240.124.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:c3:a2:d2:d3:41:99:16:8a:48:49:eb:53:b9:4e:b9:88:88:
ed:78:6c:05:dc:61:bd:35:15:eb:0d:87:67:2c:e0:b3:3f:ca:
f9:bc:7b:3a:d8:e4:df:14:35:65:64:96:a8:14:55:5e:25:d5:
ae:79:ce:8d:57:1f:ef:a6:25:08:59:a0:e6:11:d4:d7:c3:f4:
74:6f:20:be:41:0d:5d:47:73:f4:77:2f:bc:cf:41:a4:2d:64:
ad:76:df:aa:c9:26:c6:d4:7b:b9:8a:2c:61:e7:02:51:26:2c:
c9:3b:47:8e:12:35:ba:f6:9a:87:f0:2a:e6:ca:5b:67:2c:d9:
af:01:b9:78:23:e6:d8:f6:fb:16:5e:86:d9:09:b2:1e:22:c6:
f1:b9:ef:59:20:03:71:5f:b4:88:06:bd:3b:3a:dd:a5:d0:e0:
f5:91:ad:52:aa:f0:c0:64:22:ae:25:81:aa:11:12:15:b1:45:
5a:4e:19:53:ff:63:e8:76:6f:3a:2a:c9:df:49:20:aa:28:27:
00:3a:3a:4b:f2:16:e1:1f:5f:e0:a6:bb:48:2d:77:6b:13:66:
30:17:86:77:b2:d5:5e:20:50:6f:aa:58:4b:da:3e:7d:dd:e5:
17:08:03:9f:81:4b:62:b4:1a:1d:25:8e:3f:1f:ac:a6:b6:c7:
0f:58:fd:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtLz5f8dNTtbs/oWDxrnfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNTIwY2VjYmEyNTFjZDM3Y2RmM2M0ZDVhYjAzNjI1NTIy
YmJhYWMwHhcNMjMwMTAxMTE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTA3MmY0NTU4OGUzOGM3NDc3MmFkMzVhMDI3NzcxYzI4OTYxYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbXC8N64BC7Vu5u5RtIDB+T+t2Rd
GOreWZe3wAPD68unGGsdtBeOZ6NGW0Ea+GZqzrVx/uVu4rB5plT4Z69N1yxm9h2S
w5QylLcwV2h8l5SMmnfmRV6itgzk1lrT5T3Trj5ekOL1zR9u9ljuW9P2TOMsBaBa
IzvzFkdOcXHJJ0mfJiMDAcQun9/Fiv0QZgPo4egkvjw8chhblw/rBU/dwJ6tsjBT
Rj65fM6q8M/wcVdlYCOJ1ip31p+vRcOkNjMNjXStZ/MdkOHoDIh373e1lJ69Yn1V
r1H+O7pD1eDMeDtnXVve2Oamf9zUM05B4Q/PQHGwCWUjj4mL/3DbYBqY2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNkHL0VYjjjHR3KtNaAndxwolhoJMB8GA1UdIwQY
MBaAFMBSDOy6JRzTfN88TVqwNiVSK7qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0ZJTTdMb2xITk44M3p4TldyQTJKVklydXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zNjFiYWUtYWIxNC00YWFiLWJiOGYt
NzQxOGI5MmFhMjA5LzEvMlFjdlJWaU9PTWRIY3EwMW9DZDNIQ2lXR2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zNjFiYWUtYWIxNC00YWFiLWJiOGYtNzQxOGI5MmFhMjA5
LzEvd0ZJTTdMb2xITk44M3p4TldyQTJKVklydXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDPnoIAwQC
ufB8MA0GCSqGSIb3DQEBCwUAA4IBAQDYw6LS00GZFopISetTuU65iIjteGwF3GG9
NRXrDYdnLOCzP8r5vHs62OTfFDVlZJaoFFVeJdWuec6NVx/vpiUIWaDmEdTXw/R0
byC+QQ1dR3P0dy+8z0GkLWStdt+qySbG1Hu5iixh5wJRJizJO0eOEjW69pqH8Crm
yltnLNmvAbl4I+bY9vsWXobZCbIeIsbxue9ZIANxX7SIBr07Ot2l0OD1ka1SqvDA
ZCKuJYGqERIVsUVaThlT/2Podm86KsnfSSCqKCcAOjpL8hbhH1/gprtILXdrE2Yw
F4Z3stVeIFBvqlhL2j593eUXCAOfgUtitBodJY4/H6ymtscPWP0i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:05 2024 by rpki-client on console-ams.rpki-client.org