Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/O8g7b9lVksLocvNsA4ZquzETGTE.roa
File: O8g7b9lVksLocvNsA4ZquzETGTE.roa (raw, json)
Hash identifier: zHdqqZkj+RCuUrNOodnZ+zU9l+Ah2zUQri87dXkFoYk=
Subject key identifier: 3B:C8:3B:6F:D9:55:92:C2:E8:72:F3:6C:03:86:6A:BB:31:13:19:31
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01928A53F91E2AB257B29B1BD947A4565294
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/O8g7b9lVksLocvNsA4ZquzETGTE.roa
Signing time: Mon 14 Oct 2024 09:20:11 +0000
ROA not before: Mon 14 Oct 2024 09:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
89.58.120.0/21 maxlen: 21
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
195.4.0.0/17 maxlen: 17
195.4.6.0/24 maxlen: 24
195.4.12.0/23 maxlen: 23
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/21 maxlen: 24
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 08:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:53:f9:1e:2a:b2:57:b2:9b:1b:d9:47:a4:56:52:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Oct 14 09:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bc83b6fd95592c2e872f36c03866abb31131931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:22:70:15:2c:86:62:bf:3d:3a:aa:d5:7e:48:
ef:7c:25:6b:a3:f0:b2:36:58:ab:eb:e9:9a:12:3d:
7e:a2:93:ae:f3:6d:93:3b:18:9b:87:4f:9c:65:c5:
ed:33:c7:ac:91:f0:fe:92:93:ac:1c:9b:cc:6d:9f:
31:b0:a1:3b:a1:6a:cb:47:b2:04:a1:64:f2:7a:bd:
22:61:a7:35:40:0b:88:eb:86:ea:26:0e:4d:94:d7:
6c:b6:36:bf:cd:02:1f:9b:29:50:dc:44:48:18:1b:
24:d9:1b:75:a2:46:e6:0d:8c:07:12:1d:80:d5:de:
b2:e7:d6:f6:d0:c4:7d:9e:ab:d9:c5:8a:6d:df:3f:
0d:32:f0:85:69:d9:a5:5a:67:a7:47:c2:07:67:e5:
54:64:73:80:c3:5a:2b:21:eb:ed:32:17:7c:48:e0:
a3:e5:36:2f:d1:ec:b0:d8:7b:3a:fe:ae:5e:17:97:
c0:36:82:c5:84:21:88:ae:9f:64:46:b0:8a:ae:8b:
78:5c:f7:68:8a:d7:f6:9d:a6:1a:80:bf:90:3a:b4:
3b:4f:1e:7e:f0:e8:8a:63:92:d2:a0:0f:6e:14:bd:
dc:84:cd:04:bb:b0:81:31:c7:38:d7:bb:bf:8f:71:
db:6a:80:b5:a5:8c:2b:69:85:71:ac:6c:bf:17:24:
bd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C8:3B:6F:D9:55:92:C2:E8:72:F3:6C:03:86:6A:BB:31:13:19:31
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/O8g7b9lVksLocvNsA4ZquzETGTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.58.120.0/21
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
ad:dd:01:7e:d2:2c:a5:35:52:b0:33:2d:37:7a:7b:2f:e7:76:
1a:68:f6:46:c9:4b:22:c8:86:13:b3:0e:22:f0:cf:60:e5:fe:
10:8e:bc:cd:e8:b4:d8:f6:7c:12:3d:09:34:be:69:0c:51:a9:
a8:c8:83:9e:22:82:8f:9c:fb:f1:99:25:5a:1b:b1:93:48:14:
d4:65:fe:7c:e7:a8:ac:4c:00:70:d1:00:57:05:e4:cf:7f:9f:
c0:c1:49:64:b5:53:d4:18:cf:b8:a1:fe:36:1d:24:03:e2:c7:
3f:19:d5:bc:ff:a8:35:74:e6:8a:73:f1:53:e0:0f:59:99:36:
ab:91:e2:d5:d1:28:ac:6f:8a:e1:59:75:0e:79:10:a0:1f:ab:
30:07:bd:a3:b6:ef:f5:d8:d6:0d:b5:31:76:95:57:8d:b4:c7:
2a:34:a4:76:b7:1c:12:21:5e:12:3d:e5:c4:ac:22:f0:bd:ab:
02:58:4a:c7:e5:4f:4b:4f:02:aa:a5:fb:de:69:1a:04:ce:64:
42:49:ff:b5:9c:17:67:e3:90:5a:a3:4f:57:c7:2f:81:27:98:
ad:1b:cd:d2:54:4a:70:e9:a7:14:30:9f:8c:1e:92:c8:df:fe:
d6:02:a0:b6:3a:52:dc:2d:0e:80:25:5e:ed:8c:6d:f1:c9:71:
2d:b6:5c:d6
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZKKU/keKrJXspsb2UekVlKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQxMDE0MDkyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM4M2I2ZmQ5NTU5MmMyZTg3MmYzNmMwMzg2NmFiYjMxMTMxOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9yJwFSyGYr89OqrVfkjvfCVro/Cy
Nlir6+maEj1+opOu822TOxibh0+cZcXtM8eskfD+kpOsHJvMbZ8xsKE7oWrLR7IE
oWTyer0iYac1QAuI64bqJg5NlNdstja/zQIfmylQ3ERIGBsk2Rt1okbmDYwHEh2A
1d6y59b20MR9nqvZxYpt3z8NMvCFadmlWmenR8IHZ+VUZHOAw1orIevtMhd8SOCj
5TYv0eyw2Hs6/q5eF5fANoLFhCGIrp9kRrCKrot4XPdoitf2naYagL+QOrQ7Tx5+
8OiKY5LSoA9uFL3chM0Eu7CBMcc417u/j3HbaoC1pYwraYVxrGy/FyS98wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDvIO2/ZVZLC6HLzbAOGarsxExkxMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvTzhnN2I5bFZrc0xvY3ZOc0E0WnF1ekVUR1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAPmgDBANZ
OngDBAbCYQADBAXCYWADBAXCYaADBAfDBAADBAPDBLAwCwMEA8ME2AMDAMMEMA0E
AgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQCt3QF+0iylNVKwMy03ensv
53YaaPZGyUsiyIYTsw4i8M9g5f4QjrzN6LTY9nwSPQk0vmkMUamoyIOeIoKPnPvx
mSVaG7GTSBTUZf5856isTABw0QBXBeTPf5/AwUlktVPUGM+4of42HSQD4sc/GdW8
/6g1dOaKc/FT4A9ZmTarkeLV0Sisb4rhWXUOeRCgH6swB72jtu/12NYNtTF2lVeN
tMcqNKR2txwSIV4SPeXErCLwvasCWErH5U9LTwKqpfveaRoEzmRCSf+1nBdn45Ba
o09Xxy+BJ5itG83SVEpw6acUMJ+MHpLI3/7WAqC2OlLcLQ6AJV7tjG3xyXEttlzW
-----END CERTIFICATE-----
Generated at Tue Oct 29 11:58:33 2024 by rpki-client on console-ams.rpki-client.org