Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/SmX1S7xU7sBP8aUB7J4U2DxADp8.roa
File: SmX1S7xU7sBP8aUB7J4U2DxADp8.roa (raw, json)
Hash identifier: y9QzSIC3xPF378NRry4QFIW/+0yUS+FEcNGRWSK9JRM=
Subject key identifier: 4A:65:F5:4B:BC:54:EE:C0:4F:F1:A5:01:EC:9E:14:D8:3C:40:0E:9F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018E2D603B646A9F843B4D81FBDEE9095A8A
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/SmX1S7xU7sBP8aUB7J4U2DxADp8.roa
Signing time: Mon 11 Mar 2024 11:57:45 +0000
ROA not before: Mon 11 Mar 2024 11:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15723
IP address blocks: 62.217.129.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 12 Mar 2024 10:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:60:3b:64:6a:9f:84:3b:4d:81:fb:de:e9:09:5a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Mar 11 11:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a65f54bbc54eec04ff1a501ec9e14d83c400e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ff:cc:5d:89:47:20:1b:97:e3:ae:a9:29:d1:
77:78:c2:d3:d6:0b:e9:70:61:20:56:6a:24:0a:0a:
ce:99:46:f2:ef:09:0a:94:08:4c:04:4f:90:f5:a9:
8d:6f:0a:2a:5a:02:c7:ac:bb:2a:84:7c:e3:90:81:
9f:37:5a:56:12:bc:57:f1:70:20:65:09:bf:38:85:
dd:59:0f:d3:ec:1d:6f:80:03:a1:82:06:ac:78:07:
dd:1c:60:14:94:52:5a:83:37:be:fa:16:8a:44:82:
6e:87:41:de:78:c5:31:9e:d9:91:48:50:33:a6:01:
ca:d9:4a:8b:88:ec:c0:3d:e3:5a:ca:84:d8:76:71:
cb:23:80:01:4a:50:c9:de:80:ef:4c:e4:bf:62:c9:
03:fe:45:9d:15:a5:3c:38:46:d9:ad:4f:2d:3e:f0:
2a:54:6e:0c:f6:1a:21:51:04:fe:c3:4d:c4:5f:71:
1f:06:7a:56:e8:35:c4:8d:c2:f7:5c:34:a6:9b:b4:
f8:cc:b3:48:2c:2c:b9:ae:92:37:45:3d:f0:16:bd:
78:8c:d1:4c:76:93:b6:b1:ca:c0:66:44:f0:74:6c:
8b:d9:36:93:b5:62:a1:26:4b:c5:47:46:82:55:fc:
01:4b:e4:64:1b:22:3d:f6:91:42:61:f8:39:d6:da:
af:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:65:F5:4B:BC:54:EE:C0:4F:F1:A5:01:EC:9E:14:D8:3C:40:0E:9F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/SmX1S7xU7sBP8aUB7J4U2DxADp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.217.129.0/24
62.217.131.0/24
62.217.134.0/24
62.217.138.0/24
62.217.141.0-62.217.142.255
62.217.146.0-62.217.149.255
62.217.151.0/24
62.217.156.0/22
185.81.217.0/24
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:61:7c:98:db:c6:c4:4a:ac:90:03:16:1b:9f:b9:bb:ad:24:
ad:35:39:95:fd:e6:f0:1c:f5:0a:06:11:f8:52:55:ab:f5:16:
5a:4c:8a:4d:1b:eb:67:68:b5:56:de:01:a0:0f:ef:39:c5:b9:
98:52:ab:0e:0a:02:c7:4f:c6:2a:69:e1:53:4f:d8:47:a9:c6:
44:d8:f6:d9:0e:62:c4:98:f4:66:29:83:0c:38:6f:0b:28:32:
b0:30:58:78:02:42:ad:9f:1c:c9:b2:ad:c1:39:8e:39:c7:df:
ae:c0:45:84:10:90:b6:ab:40:f9:5d:f1:2c:e7:07:bf:6a:ea:
8e:fc:de:19:c3:66:3f:84:10:4d:ad:cd:04:3b:78:5e:b8:42:
be:81:b3:7d:28:90:ea:d4:57:da:3d:be:5b:dc:da:eb:d4:91:
0a:3c:5c:14:d9:7a:0d:5b:24:ae:af:40:1f:87:69:8a:0b:14:
c8:04:5c:0c:37:29:ee:eb:47:3e:73:6b:87:fa:73:6c:ab:b9:
5e:46:ca:10:cf:99:ae:92:2d:98:7b:13:cf:fe:a3:34:c6:2d:
84:0c:0c:94:a3:62:e2:cb:a0:a0:f2:f8:b1:24:b1:4a:a1:4a:
57:2c:d3:0e:c2:fb:65:31:07:aa:ac:c9:35:0e:4f:7b:9b:a0:
e2:67:6a:ff
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY4tYDtkap+EO02B+97pCVqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMzExMTE1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY1ZjU0YmJjNTRlZWMwNGZmMWE1MDFlYzllMTRkODNjNDAwZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj//MXYlHIBuX466pKdF3eMLT1gvp
cGEgVmokCgrOmUby7wkKlAhMBE+Q9amNbwoqWgLHrLsqhHzjkIGfN1pWErxX8XAg
ZQm/OIXdWQ/T7B1vgAOhggaseAfdHGAUlFJagze++haKRIJuh0HeeMUxntmRSFAz
pgHK2UqLiOzAPeNayoTYdnHLI4ABSlDJ3oDvTOS/YskD/kWdFaU8OEbZrU8tPvAq
VG4M9hohUQT+w03EX3EfBnpW6DXEjcL3XDSmm7T4zLNILCy5rpI3RT3wFr14jNFM
dpO2scrAZkTwdGyL2TaTtWKhJkvFR0aCVfwBS+RkGyI99pFCYfg51tqvAwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEpl9Uu8VO7AT/GlAeyeFNg8QA6fMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvU21YMVM3eFU3c0JQOGFVQjdKNFUyRHhBRHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAPtmBAwQA
PtmDAwQAPtmGAwQAPtmKMAwDBAA+2Y0DBAA+2Y4wDAMEAT7ZkgMEAT7ZlAMEAD7Z
lwMEAj7ZnAMEALlR2QMEArxACDANBgkqhkiG9w0BAQsFAAOCAQEAPGF8mNvGxEqs
kAMWG5+5u60krTU5lf3m8Bz1CgYR+FJVq/UWWkyKTRvrZ2i1Vt4BoA/vOcW5mFKr
DgoCx0/GKmnhU0/YR6nGRNj22Q5ixJj0ZimDDDhvCygysDBYeAJCrZ8cybKtwTmO
OcffrsBFhBCQtqtA+V3xLOcHv2rqjvzeGcNmP4QQTa3NBDt4XrhCvoGzfSiQ6tRX
2j2+W9za69SRCjxcFNl6DVskrq9AH4dpigsUyARcDDcp7utHPnNrh/pzbKu5XkbK
EM+ZrpItmHsTz/6jNMYthAwMlKNi4sugoPL4sSSxSqFKVyzTDsL7ZTEHqqzJNQ5P
e5ug4mdq/w==
-----END CERTIFICATE-----
Generated at Tue Mar 12 14:23:37 2024 by rpki-client on console-fra.rpki-client.org