Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f70a9c-1528-4e66-b7a6-061639812c74/1/fB7BVjDgzwPxSbbRjN-i4JGVwao.roa
File: fB7BVjDgzwPxSbbRjN-i4JGVwao.roa (raw, json)
Hash identifier: qOBY494hs64S2OY6aoED2K600Pj+g0tCT+anO7cK9HE=
Subject key identifier: 7C:1E:C1:56:30:E0:CF:03:F1:49:B6:D1:8C:DF:A2:E0:91:95:C1:AA
Certificate issuer: /CN=642794c2d2cfa054638ba950a5f668e87601412d
Certificate serial: 019276B38F7D3BBC2A924218F59B6EAA545C
Authority key identifier: 64:27:94:C2:D2:CF:A0:54:63:8B:A9:50:A5:F6:68:E8:76:01:41:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZCeUwtLPoFRji6lQpfZo6HYBQS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f70a9c-1528-4e66-b7a6-061639812c74/1/fB7BVjDgzwPxSbbRjN-i4JGVwao.roa
Signing time: Thu 10 Oct 2024 13:52:12 +0000
ROA not before: Thu 10 Oct 2024 13:52:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51815
IP address blocks: 62.102.148.0/23 maxlen: 23
62.102.151.0/24 maxlen: 24
78.108.48.0/20 maxlen: 20
91.190.136.0/21 maxlen: 21
176.56.240.0/20 maxlen: 20
185.170.180.0/22 maxlen: 22
185.204.144.0/22 maxlen: 22
2a00:1520::/32 maxlen: 32
2a02:2490::/32 maxlen: 32
2a0b:b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:b3:8f:7d:3b:bc:2a:92:42:18:f5:9b:6e:aa:54:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=642794c2d2cfa054638ba950a5f668e87601412d
Validity
Not Before: Oct 10 13:52:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c1ec15630e0cf03f149b6d18cdfa2e09195c1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:85:24:aa:8b:19:21:c0:11:68:e7:59:d8:
56:d9:44:c5:88:27:07:1b:61:2a:5e:15:b5:1d:56:
f4:a4:a8:a1:91:6d:78:06:2f:0c:52:0c:ad:41:de:
5d:f4:91:9e:47:7a:f8:1d:9a:2c:14:b1:e5:b0:7b:
8c:b2:2a:92:6a:84:29:34:2b:65:63:c0:68:ea:bc:
78:66:18:b1:3f:85:40:66:8f:a1:2c:6a:94:9f:d7:
f8:1c:6b:26:74:e6:f5:f4:02:ff:50:35:f5:eb:50:
10:f4:21:c9:59:ed:b6:85:0d:11:de:4f:9c:4a:2c:
80:45:b4:0f:04:95:6a:47:a9:b5:81:df:17:21:2d:
3a:51:2d:c4:0a:f3:aa:af:c1:0c:04:c6:75:73:86:
86:e1:2d:bb:2c:54:59:d6:14:32:31:33:47:40:6d:
b8:2f:4e:9b:9d:41:c9:de:3c:6b:de:1f:9c:06:55:
70:2e:80:af:2a:86:b5:e7:be:04:0e:3a:50:ae:af:
70:0f:14:fe:20:3a:17:8c:93:af:0f:51:07:29:9f:
da:15:c1:db:6a:3c:c1:25:c6:a7:bb:3f:c0:2a:05:
f2:ce:85:2e:27:85:9e:8e:b1:46:e2:0c:d8:10:37:
41:65:8a:86:ba:b2:c7:53:be:c4:b3:aa:c1:5a:6b:
ba:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1E:C1:56:30:E0:CF:03:F1:49:B6:D1:8C:DF:A2:E0:91:95:C1:AA
X509v3 Authority Key Identifier:
keyid:64:27:94:C2:D2:CF:A0:54:63:8B:A9:50:A5:F6:68:E8:76:01:41:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZCeUwtLPoFRji6lQpfZo6HYBQS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f70a9c-1528-4e66-b7a6-061639812c74/1/fB7BVjDgzwPxSbbRjN-i4JGVwao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f70a9c-1528-4e66-b7a6-061639812c74/1/ZCeUwtLPoFRji6lQpfZo6HYBQS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.102.148.0/23
62.102.151.0/24
78.108.48.0/20
91.190.136.0/21
176.56.240.0/20
185.170.180.0/22
185.204.144.0/22
IPv6:
2a00:1520::/32
2a02:2490::/32
2a0b:b40::/29
Signature Algorithm: sha256WithRSAEncryption
02:7b:af:91:3b:11:9a:e2:2b:0a:53:22:f8:85:77:21:49:46:
61:af:6c:5c:fe:f6:0a:fa:0a:09:85:0b:5e:46:a7:26:16:b7:
c0:9f:d6:21:45:f0:ed:43:a0:16:c0:55:8d:00:bf:bc:b0:a6:
97:00:2b:77:d7:aa:8d:fc:80:f2:5a:fa:49:14:86:e9:ea:f8:
c2:7a:0e:50:ae:8c:88:3d:5e:93:b9:0c:74:b8:f0:53:5f:3a:
42:a2:2e:25:7a:37:c0:b9:88:46:04:6e:29:fc:c4:ea:7e:cf:
42:d6:f3:2b:e2:5b:d5:8f:43:1c:cc:bd:cd:25:14:1e:aa:13:
25:09:04:29:3f:27:9c:fc:ab:86:6b:50:4e:2c:0d:c8:6d:1c:
dc:7a:7d:53:a1:1b:af:58:d5:e1:61:96:b2:a8:ff:68:eb:50:
96:75:dd:d7:41:9e:fd:9e:ef:bc:62:96:d9:f1:e5:1e:cd:2d:
94:8d:3e:90:60:61:71:93:1e:8f:75:8b:9c:29:7e:1d:ea:38:
38:5b:84:e5:e9:70:7e:4c:40:43:98:4c:f1:9a:59:e3:73:94:
18:e4:89:b3:60:f1:9d:9c:43:f4:97:74:f9:2a:0a:75:d0:cc:
b6:58:9e:14:7b:e7:85:a2:bb:e5:fa:44:81:e0:ec:10:3e:2c:
9f:08:51:0c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZJ2s499O7wqkkIY9ZtuqlRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Mjc5NGMyZDJjZmEwNTQ2MzhiYTk1MGE1ZjY2OGU4NzYw
MTQxMmQwHhcNMjQxMDEwMTM1MjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzFlYzE1NjMwZTBjZjAzZjE0OWI2ZDE4Y2RmYTJlMDkxOTVjMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOCFJKqLGSHAEWjnWdhW2UTFiCcH
G2EqXhW1HVb0pKihkW14Bi8MUgytQd5d9JGeR3r4HZosFLHlsHuMsiqSaoQpNCtl
Y8Bo6rx4ZhixP4VAZo+hLGqUn9f4HGsmdOb19AL/UDX161AQ9CHJWe22hQ0R3k+c
SiyARbQPBJVqR6m1gd8XIS06US3ECvOqr8EMBMZ1c4aG4S27LFRZ1hQyMTNHQG24
L06bnUHJ3jxr3h+cBlVwLoCvKoa1574EDjpQrq9wDxT+IDoXjJOvD1EHKZ/aFcHb
ajzBJcanuz/AKgXyzoUuJ4WejrFG4gzYEDdBZYqGurLHU77Es6rBWmu6CQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHwewVYw4M8D8Um20YzfouCRlcGqMB8GA1UdIwQY
MBaAFGQnlMLSz6BUY4upUKX2aOh2AUEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkNlVXd0TFBvRlJqaTZsUXBmWm82SFlCUVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNzBhOWMtMTUyOC00ZTY2LWI3YTYt
MDYxNjM5ODEyYzc0LzEvZkI3QlZqRGd6d1B4U2JiUmpOLWk0SkdWd2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNzBhOWMtMTUyOC00ZTY2LWI3YTYtMDYxNjM5ODEyYzc0
LzEvWkNlVXd0TFBvRlJqaTZsUXBmWm82SFlCUVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQBPmaUAwQA
PmaXAwQETmwwAwQDW76IAwQEsDjwAwQCuaq0AwQCucyQMBsEAgACMBUDBQAqABUg
AwUAKgIkkAMFAyoLC0AwDQYJKoZIhvcNAQELBQADggEBAAJ7r5E7EZriKwpTIviF
dyFJRmGvbFz+9gr6CgmFC15GpyYWt8Cf1iFF8O1DoBbAVY0Av7ywppcAK3fXqo38
gPJa+kkUhunq+MJ6DlCujIg9XpO5DHS48FNfOkKiLiV6N8C5iEYEbin8xOp+z0LW
8yviW9WPQxzMvc0lFB6qEyUJBCk/J5z8q4ZrUE4sDchtHNx6fVOhG69Y1eFhlrKo
/2jrUJZ13ddBnv2e77xiltnx5R7NLZSNPpBgYXGTHo91i5wpfh3qODhbhOXpcH5M
QEOYTPGaWeNzlBjkibNg8Z2cQ/SXdPkqCnXQzLZYnhR754Wiu+X6RIHg7BA+LJ8I
UQw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:36 2025 by rpki-client