Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/7yqBAAx7H77ZT7PfJ32a8AZIgbo.roa
File: 7yqBAAx7H77ZT7PfJ32a8AZIgbo.roa (raw, json)
Hash identifier: FKnmiRBjmAkU4pzkvjJexLiE779vgwneAZyWaKmzK8E=
Subject key identifier: EF:2A:81:00:0C:7B:1F:BE:D9:4F:B3:DF:27:7D:9A:F0:06:48:81:BA
Certificate issuer: /CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Certificate serial: 0191B93EBECBEFEB4C9F6E81DD0275F62AF6
Authority key identifier: FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/7yqBAAx7H77ZT7PfJ32a8AZIgbo.roa
Signing time: Tue 03 Sep 2024 18:56:22 +0000
ROA not before: Tue 03 Sep 2024 18:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12876
IP address blocks: 62.4.0.0/19 maxlen: 19
62.210.0.0/16 maxlen: 16
195.154.0.0/16 maxlen: 16
212.47.224.0/19 maxlen: 19
212.83.128.0/19 maxlen: 19
212.83.160.0/19 maxlen: 19
212.129.0.0/18 maxlen: 18
2001:bc8::/32 maxlen: 38
2001:bc8:1200::/39 maxlen: 48
2001:bc8:1201::/48 maxlen: 48
2001:bc8:1400::/38 maxlen: 38
2001:bc8:1800::/38 maxlen: 38
2001:bc8:1c00::/38 maxlen: 38
2001:bc8:2000::/35 maxlen: 48
2001:bc8:5400::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Sep 2024 14:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b9:3e:be:cb:ef:eb:4c:9f:6e:81:dd:02:75:f6:2a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Validity
Not Before: Sep 3 18:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef2a81000c7b1fbed94fb3df277d9af0064881ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0d:2e:d5:c6:df:d3:72:13:79:8a:a7:ae:b9:
66:bb:c3:76:ca:fd:84:9c:0a:78:71:93:d0:6b:6a:
80:99:70:ec:27:25:a7:5f:18:a5:b3:1e:11:6f:02:
f8:fa:c5:48:00:05:8c:e3:16:78:fa:58:cb:1b:8d:
d5:02:6d:43:18:59:d8:13:11:92:04:c6:c1:e3:ce:
bc:72:1e:55:dc:07:15:3c:56:11:f2:f4:5b:79:40:
29:d6:c3:3a:dc:ba:0b:bf:2e:4e:8e:f3:d6:c9:8d:
fd:20:58:5c:b5:d9:88:d6:58:b3:82:2e:b0:79:38:
9a:7d:08:46:7e:81:b5:d9:5f:ef:95:33:c5:49:24:
ce:02:cd:21:27:0c:c3:7c:ae:6b:df:25:27:60:60:
c8:ee:5c:53:8a:b4:38:31:d4:bd:1a:e8:15:2d:ff:
b5:3f:cc:5f:92:56:80:a3:77:04:15:d4:d1:9c:f6:
56:8d:56:24:6c:70:87:53:86:6a:55:c4:80:d4:bf:
6f:2c:77:71:67:fb:3a:7e:9f:50:07:82:9c:d3:4c:
c5:0d:3f:e2:8b:a3:94:ff:18:3e:d1:59:4a:56:01:
21:44:92:d9:fa:d8:9a:a3:5a:43:e4:4f:0e:48:a0:
ee:37:a6:bc:34:a2:ae:c8:fd:31:b4:22:91:81:13:
76:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2A:81:00:0C:7B:1F:BE:D9:4F:B3:DF:27:7D:9A:F0:06:48:81:BA
X509v3 Authority Key Identifier:
keyid:FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/7yqBAAx7H77ZT7PfJ32a8AZIgbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.0.0/19
62.210.0.0/16
195.154.0.0/16
212.47.224.0/19
212.83.128.0/18
212.129.0.0/18
IPv6:
2001:bc8::/32
Signature Algorithm: sha256WithRSAEncryption
5b:73:d9:6d:ae:7d:c7:82:2b:94:9f:63:f9:2b:7e:90:0b:83:
03:ae:91:1e:f4:24:b1:ea:8b:9d:f0:5b:54:7c:27:c2:f7:2a:
bf:ce:65:bc:91:31:ad:47:f0:18:3e:a1:d4:4f:a3:61:de:d0:
5b:c8:f8:c4:35:b7:8d:9b:fc:c6:ba:63:5b:e6:31:22:ad:e5:
43:f6:5d:ef:de:fb:b1:57:52:36:55:07:63:c6:89:03:ee:6f:
0e:ef:c2:79:17:85:a7:a9:34:de:6d:41:65:8e:a4:23:f4:2e:
a4:c5:7b:1d:25:7b:79:85:d6:c7:d0:f6:36:73:4d:62:e7:2f:
0a:76:74:a1:e5:7f:07:46:b4:b6:fc:ce:01:21:ac:88:4d:52:
a8:a5:f8:10:5c:ee:5d:1c:5e:b5:f6:3d:fd:21:1a:7e:1f:e9:
9e:3e:0e:b4:d4:e6:31:99:ad:6a:84:15:7c:cc:d4:f8:bd:b1:
f3:97:f5:b3:ea:d1:c4:42:78:82:66:60:ac:45:9b:ca:10:34:
a7:5f:d1:e9:bd:37:0d:d3:66:d5:b3:44:8b:17:72:35:d3:71:
4f:28:4c:64:6d:fc:ad:b9:90:8c:19:a7:09:14:43:16:e6:c2:
3d:40:a0:e5:4d:2a:a4:96:b7:3b:58:8e:c9:34:ce:5e:f7:4a:
e5:b9:f4:f5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZG5Pr7L7+tMn26B3QJ19ir2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTE2YjQ5M2QyYTEyODk3Y2FmNDc1N2JiMThhMDJlZWMy
Y2RlMTcwHhcNMjQwOTAzMTg1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJhODEwMDBjN2IxZmJlZDk0ZmIzZGYyNzdkOWFmMDA2NDg4MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg0u1cbf03ITeYqnrrlmu8N2yv2E
nAp4cZPQa2qAmXDsJyWnXxilsx4RbwL4+sVIAAWM4xZ4+ljLG43VAm1DGFnYExGS
BMbB4868ch5V3AcVPFYR8vRbeUAp1sM63LoLvy5OjvPWyY39IFhctdmI1lizgi6w
eTiafQhGfoG12V/vlTPFSSTOAs0hJwzDfK5r3yUnYGDI7lxTirQ4MdS9GugVLf+1
P8xfklaAo3cEFdTRnPZWjVYkbHCHU4ZqVcSA1L9vLHdxZ/s6fp9QB4Kc00zFDT/i
i6OU/xg+0VlKVgEhRJLZ+tiao1pD5E8OSKDuN6a8NKKuyP0xtCKRgRN2WwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFO8qgQAMex++2U+z3yd9mvAGSIG6MB8GA1UdIwQY
MBaAFPrha0k9KhKJfK9HV7sYoC7sLN4XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11RnJTVDBxRW9sOHIwZFh1eGlnTHV3czNoYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUz
LTRhZmQ4MjU0YWU0My8xLzd5cUJBQXg3SDc3WlQ3UGZKMzJhOEFaSWdiby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUzLTRhZmQ4MjU0YWU0
My8xLzEtdUZyU1QwcUVvbDhyMGRYdXhpZ0x1d3MzaGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcBAf8EOzA5MCgEAgABMCIDBAU+BAAD
AwA+0gMDAMOaAwQF1C/gAwQG1FOAAwQG1IEAMA0EAgACMAcDBQAgAQvIMA0GCSqG
SIb3DQEBCwUAA4IBAQBbc9ltrn3HgiuUn2P5K36QC4MDrpEe9CSx6oud8FtUfCfC
9yq/zmW8kTGtR/AYPqHUT6Nh3tBbyPjENbeNm/zGumNb5jEireVD9l3v3vuxV1I2
VQdjxokD7m8O78J5F4WnqTTebUFljqQj9C6kxXsdJXt5hdbH0PY2c01i5y8KdnSh
5X8HRrS2/M4BIayITVKopfgQXO5dHF619j39IRp+H+mePg601OYxma1qhBV8zNT4
vbHzl/Wz6tHEQniCZmCsRZvKEDSnX9HpvTcN02bVs0SLF3I103FPKExkbfytuZCM
GacJFEMW5sI9QKDlTSqklrc7WI7JNM5e90rlufT1
-----END CERTIFICATE-----
Generated at Wed Sep 4 18:42:08 2024 by rpki-client on console-ams.rpki-client.org