Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/2y0oh0iXLpoLI8FIpNEU3BZpKXs.roa
File: 2y0oh0iXLpoLI8FIpNEU3BZpKXs.roa (raw, json)
Hash identifier: cOBUFTnJfnEfSQzPMEGLStFxrCrlR2oYDqwS007/NDY=
Subject key identifier: DB:2D:28:87:48:97:2E:9A:0B:23:C1:48:A4:D1:14:DC:16:69:29:7B
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 0187D2095D5DBD5B04FA83BF13CEB6828F3F
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/2y0oh0iXLpoLI8FIpNEU3BZpKXs.roa
Signing time: Sun 30 Apr 2023 12:00:41 +0000
ROA not before: Sun 30 Apr 2023 12:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202756
IP address blocks: 62.4.112.0/24 maxlen: 24
62.4.109.0/24 maxlen: 24
62.4.110.0/24 maxlen: 24
62.4.111.0/24 maxlen: 24
62.4.113.0/24 maxlen: 24
62.4.114.0/24 maxlen: 24
62.4.115.0/24 maxlen: 24
62.4.117.0/24 maxlen: 24
62.4.118.0/24 maxlen: 24
62.4.119.0/24 maxlen: 24
62.4.120.0/24 maxlen: 24
62.4.121.0/24 maxlen: 24
62.4.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d2:09:5d:5d:bd:5b:04:fa:83:bf:13:ce:b6:82:8f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Apr 30 12:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db2d288748972e9a0b23c148a4d114dc1669297b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:76:c7:af:4e:c2:2a:f8:c4:50:b7:bb:52:c3:
66:11:1c:05:59:66:a5:1d:12:76:79:d0:b0:ae:8c:
a2:40:18:41:9c:5b:cf:31:e5:8f:c4:d0:66:2c:a6:
d7:81:91:2e:2f:ff:37:b1:44:27:18:32:2e:76:0b:
2f:56:81:7c:16:44:3c:b1:b5:0c:20:e9:7a:0a:0a:
27:73:1f:02:79:00:e5:5e:27:2b:73:b1:72:0c:11:
70:db:e2:5f:02:6b:83:2f:32:25:24:c3:49:10:42:
bf:df:f4:ca:b9:32:13:21:aa:43:a2:5e:a2:40:4a:
9a:ca:40:68:2e:6e:a4:4c:69:b1:89:d9:30:84:ab:
ef:f1:c1:81:28:c5:f0:48:0b:4d:be:8d:40:5b:1d:
3e:4f:e7:f2:8a:21:9b:1a:7e:89:79:e8:d9:80:25:
95:2c:b8:29:7b:f2:8c:26:e4:bb:bd:9d:03:02:6a:
ee:d4:54:c7:9b:0f:0c:65:dc:d1:4f:92:15:04:30:
86:7d:0e:9a:7d:c9:d5:9e:9a:36:b1:5d:a9:64:27:
7d:c4:03:db:d9:32:27:0a:cf:a8:78:e8:d3:81:f2:
d4:73:a3:88:cd:42:fc:ce:a2:2f:7b:ae:06:99:5c:
2e:38:aa:d9:26:ce:36:c4:4e:71:86:40:3d:15:13:
4d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2D:28:87:48:97:2E:9A:0B:23:C1:48:A4:D1:14:DC:16:69:29:7B
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/2y0oh0iXLpoLI8FIpNEU3BZpKXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.109.0-62.4.115.255
62.4.117.0-62.4.122.255
Signature Algorithm: sha256WithRSAEncryption
ae:c7:bb:2b:f5:ed:96:97:ca:87:35:94:82:fd:97:66:74:68:
50:84:24:28:47:da:b2:34:b5:e6:65:3d:85:5c:23:40:23:84:
11:61:22:4b:c4:95:bb:e8:cb:ab:ae:c7:d1:79:69:9e:de:4f:
a7:27:04:5e:b6:35:76:63:fc:f9:4b:ea:8f:7d:00:df:49:10:
b6:fc:8b:bc:16:ea:b4:ad:ac:1c:41:8d:b7:b1:aa:e4:12:60:
37:bd:93:c5:5f:26:c0:b0:d2:61:00:04:c0:5a:d3:88:0b:e5:
d0:25:df:8b:72:2a:93:05:ca:14:3c:65:ba:31:63:4a:67:2b:
64:6b:12:23:dc:c6:09:24:bb:ba:fe:1b:73:57:1e:16:4b:e5:
3a:de:0b:90:97:7f:ee:6e:c2:8b:77:77:37:c3:e4:a1:ad:39:
59:2b:12:0a:93:1f:a8:a3:30:08:3d:a9:2d:60:d4:7b:04:2a:
66:9b:c3:46:33:d5:34:4d:34:77:fd:b5:fc:c6:27:a3:1a:c9:
45:19:78:1c:e7:ac:fa:87:ff:f9:80:6a:cd:31:bf:80:d9:d8:
35:dd:13:85:37:2d:47:2b:c0:91:b2:6c:8e:cb:f3:05:d2:7e:
93:f7:0d:e7:27:ae:5f:25:f9:98:d9:fa:6b:92:ef:ad:ad:3f:
19:e7:94:cb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYfSCV1dvVsE+oO/E862go8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjMwNDMwMTIwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjJkMjg4NzQ4OTcyZTlhMGIyM2MxNDhhNGQxMTRkYzE2NjkyOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHbHr07CKvjEULe7UsNmERwFWWal
HRJ2edCwroyiQBhBnFvPMeWPxNBmLKbXgZEuL/83sUQnGDIudgsvVoF8FkQ8sbUM
IOl6Cgoncx8CeQDlXicrc7FyDBFw2+JfAmuDLzIlJMNJEEK/3/TKuTITIapDol6i
QEqaykBoLm6kTGmxidkwhKvv8cGBKMXwSAtNvo1AWx0+T+fyiiGbGn6JeejZgCWV
LLgpe/KMJuS7vZ0DAmru1FTHmw8MZdzRT5IVBDCGfQ6afcnVnpo2sV2pZCd9xAPb
2TInCs+oeOjTgfLUc6OIzUL8zqIve64GmVwuOKrZJs42xE5xhkA9FRNNTwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNstKIdIly6aCyPBSKTRFNwWaSl7MB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvMnkwb2gwaVhMcG9MSThGSXBORVUzQlpwS1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAA+BG0D
BAI+BHAwDAMEAD4EdQMEAD4EejANBgkqhkiG9w0BAQsFAAOCAQEArse7K/XtlpfK
hzWUgv2XZnRoUIQkKEfasjS15mU9hVwjQCOEEWEiS8SVu+jLq67H0Xlpnt5PpycE
XrY1dmP8+Uvqj30A30kQtvyLvBbqtK2sHEGNt7Gq5BJgN72TxV8mwLDSYQAEwFrT
iAvl0CXfi3IqkwXKFDxlujFjSmcrZGsSI9zGCSS7uv4bc1ceFkvlOt4LkJd/7m7C
i3d3N8Pkoa05WSsSCpMfqKMwCD2pLWDUewQqZpvDRjPVNE00d/21/MYnoxrJRRl4
HOes+of/+YBqzTG/gNnYNd0ThTctRyvAkbJsjsvzBdJ+k/cN5yeuXyX5mNn6a5Lv
ra0/GeeUyw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:52 2024 by rpki-client on console-fra.rpki-client.org