Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cF6kxuXuZfqPpXjwuB4kLLzekLM.roa
File: cF6kxuXuZfqPpXjwuB4kLLzekLM.roa (raw, json)
Hash identifier: 4z60UJsrsDwOoyso5RqZHHiJbJd8HJTirb7/KgZOl7I=
Subject key identifier: 70:5E:A4:C6:E5:EE:65:FA:8F:A5:78:F0:B8:1E:24:2C:BC:DE:90:B3
Certificate issuer: /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial: 018572FA5CE8703EFF362C1DF7A8672BD57B
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cF6kxuXuZfqPpXjwuB4kLLzekLM.roa
Signing time: Mon 02 Jan 2023 14:54:48 +0000
ROA not before: Mon 02 Jan 2023 14:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15623
IP address blocks: 193.247.205.0/24 maxlen: 24
193.246.253.0/24 maxlen: 24
212.45.192.0/19 maxlen: 19
195.226.0.0/19 maxlen: 19
213.189.128.0/19 maxlen: 19
217.75.16.0/21 maxlen: 21
217.75.24.0/21 maxlen: 21
212.55.192.0/19 maxlen: 19
213.158.128.0/19 maxlen: 19
195.144.160.0/19 maxlen: 19
62.12.128.0/17 maxlen: 17
217.14.64.0/20 maxlen: 20
193.5.123.0/24 maxlen: 24
2001:8a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5c:e8:70:3e:ff:36:2c:1d:f7:a8:67:2b:d5:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Validity
Not Before: Jan 2 14:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=705ea4c6e5ee65fa8fa578f0b81e242cbcde90b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:ce:e7:da:7a:56:f3:92:f7:4c:81:d5:3f:
6a:22:e9:5e:8b:41:0f:a5:62:f7:15:54:31:db:4a:
ca:a6:bd:27:89:d8:85:e6:d1:65:8b:91:c5:b0:17:
9a:89:a4:a0:b4:60:ea:66:2b:a0:88:ad:a2:fa:34:
43:23:2b:f7:a0:71:cf:bc:70:16:59:94:fc:13:62:
e0:8a:b9:92:c0:e8:3a:5c:6d:07:6a:2c:1b:a4:85:
01:17:e1:0f:82:fa:c6:ed:e9:9a:88:40:1f:6d:67:
d3:81:e3:ba:58:02:cb:02:3f:7f:9d:6a:e7:4f:52:
4d:f3:b2:ea:f0:e7:8c:17:c7:e1:0f:42:81:dd:10:
dc:56:92:e0:55:81:ad:ae:94:42:72:58:91:28:ab:
b1:f2:65:0a:4a:d3:d0:7b:cb:a5:28:dd:79:a2:7f:
66:74:19:0d:61:0f:4e:37:4e:2e:50:7b:61:73:80:
8d:f3:20:80:3f:45:3e:c6:b9:c3:9e:16:45:9f:7d:
b6:e2:e6:8f:ca:09:43:a4:41:ef:5f:d1:44:3e:1a:
28:aa:7a:85:42:c2:9b:18:50:2e:9d:46:5b:2d:74:
a3:f5:ca:c8:bb:5c:0c:1c:87:6d:23:d9:f0:ba:9d:
34:30:4a:ff:07:b0:47:72:79:76:ca:10:39:7c:c4:
37:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5E:A4:C6:E5:EE:65:FA:8F:A5:78:F0:B8:1E:24:2C:BC:DE:90:B3
X509v3 Authority Key Identifier:
keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cF6kxuXuZfqPpXjwuB4kLLzekLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.12.128.0/17
193.5.123.0/24
193.246.253.0/24
193.247.205.0/24
195.144.160.0/19
195.226.0.0/19
212.45.192.0/19
212.55.192.0/19
213.158.128.0/19
213.189.128.0/19
217.14.64.0/20
217.75.16.0/20
IPv6:
2001:8a8::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ef:9f:f8:f9:96:81:48:ea:cb:c3:1a:b7:28:3b:c7:a2:6d:
0c:42:5a:b1:b5:23:b1:0f:9b:69:f2:9a:ea:35:c2:85:5d:45:
85:6e:22:78:11:0e:1d:fb:1c:90:0d:d6:3a:35:ca:af:8e:82:
3c:f8:a5:c6:5e:17:3a:f3:db:68:77:bb:f1:a9:9f:ad:a1:72:
1a:64:4d:1f:b1:51:97:01:b2:41:aa:20:6b:53:a3:ef:e8:28:
15:85:d7:6d:e6:54:af:02:85:8c:5d:94:9d:ed:23:59:a9:df:
08:33:a8:05:29:70:bb:a0:06:b1:98:b2:0b:a8:ee:98:b4:2e:
80:0b:5d:a0:3b:48:82:21:81:16:24:b2:56:50:78:2b:40:a4:
6c:9f:df:32:4d:f7:77:06:24:9e:56:ec:93:16:dd:d1:e2:5d:
97:e1:90:7e:2d:af:27:d9:f8:e6:75:50:3e:e2:7e:42:5d:3b:
68:e0:2b:3e:1f:e4:78:db:49:9e:f2:25:af:01:e4:59:59:bb:
ff:ad:5f:21:0c:a1:96:6a:e0:96:86:59:43:1e:9a:87:2a:9b:
00:4a:8a:95:cf:66:90:58:8d:77:23:9b:75:1e:8b:3b:21:a3:
ec:ea:fc:5b:d9:cb:c2:fb:b1:13:59:d3:1a:b3:31:ba:19:4f:
31:38:4f:59
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVy+lzocD7/Niwd96hnK9V7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjUxODBmOWI5M2FlNzU3M2MwOGE4OTRiZDQ1MmJkNzdj
ZTU2Y2QwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVlYTRjNmU1ZWU2NWZhOGZhNTc4ZjBiODFlMjQyY2JjZGU5MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPvO59p6VvOS90yB1T9qIulei0EP
pWL3FVQx20rKpr0nidiF5tFli5HFsBeaiaSgtGDqZiugiK2i+jRDIyv3oHHPvHAW
WZT8E2LgirmSwOg6XG0HaiwbpIUBF+EPgvrG7emaiEAfbWfTgeO6WALLAj9/nWrn
T1JN87Lq8OeMF8fhD0KB3RDcVpLgVYGtrpRCcliRKKux8mUKStPQe8ulKN15on9m
dBkNYQ9ON04uUHthc4CN8yCAP0U+xrnDnhZFn3224uaPyglDpEHvX9FEPhooqnqF
QsKbGFAunUZbLXSj9crIu1wMHIdtI9nwup00MEr/B7BHcnl2yhA5fMQ3pwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHBepMbl7mX6j6V48LgeJCy83pCzMB8GA1UdIwQY
MBaAFCf1GA+bk651c8CKiUvUUr13zlbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMt
MzBmZWUyN2U4NGNiLzEvY0Y2a3h1WHVaZnFQcFhqd3VCNGtMTHpla0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMtMzBmZWUyN2U4NGNi
LzEvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHPgyAAwQA
wQV7AwQAwfb9AwQAwffNAwQFw5CgAwQFw+IAAwQF1C3AAwQF1DfAAwQF1Z6AAwQF
1b2AAwQE2Q5AAwQE2UsQMA0EAgACMAcDBQAgAQioMA0GCSqGSIb3DQEBCwUAA4IB
AQAM75/4+ZaBSOrLwxq3KDvHom0MQlqxtSOxD5tp8prqNcKFXUWFbiJ4EQ4d+xyQ
DdY6NcqvjoI8+KXGXhc689tod7vxqZ+toXIaZE0fsVGXAbJBqiBrU6Pv6CgVhddt
5lSvAoWMXZSd7SNZqd8IM6gFKXC7oAaxmLILqO6YtC6AC12gO0iCIYEWJLJWUHgr
QKRsn98yTfd3BiSeVuyTFt3R4l2X4ZB+La8n2fjmdVA+4n5CXTto4Cs+H+R420me
8iWvAeRZWbv/rV8hDKGWauCWhllDHpqHKpsASoqVz2aQWI13I5t1Hos7IaPs6vxb
2cvC+7ETWdMaszG6GU8xOE9Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:00 2024 by rpki-client on console-ams.rpki-client.org