Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/24xsqYJoZvHX7vYHDMteLl8_Q8s.roa
File: 24xsqYJoZvHX7vYHDMteLl8_Q8s.roa (raw, json)
Hash identifier: eISsZ1Liyy6ji1jpB9Wd2ZJDAOWz41u87yC6ydwqtmU=
Subject key identifier: DB:8C:6C:A9:82:68:66:F1:D7:EE:F6:07:0C:CB:5E:2E:5F:3F:43:CB
Certificate issuer: /CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Certificate serial: 018D3A7CC3B56700B3502BEC98D22964E82D
Authority key identifier: EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/24xsqYJoZvHX7vYHDMteLl8_Q8s.roa
Signing time: Wed 24 Jan 2024 08:01:11 +0000
ROA not before: Wed 24 Jan 2024 08:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60764
IP address blocks: 86.62.12.0/24 maxlen: 32
86.62.13.0/24 maxlen: 32
86.62.14.0/24 maxlen: 32
86.62.15.0/24 maxlen: 32
185.174.192.0/24 maxlen: 32
185.174.193.0/24 maxlen: 32
185.174.194.0/24 maxlen: 32
185.174.195.0/24 maxlen: 32
2a09:3300::/32 maxlen: 32
2a0b:b500::/30 maxlen: 30
2a0b:b500::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 25 Jan 2024 06:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:7c:c3:b5:67:00:b3:50:2b:ec:98:d2:29:64:e8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Validity
Not Before: Jan 24 08:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db8c6ca9826866f1d7eef6070ccb5e2e5f3f43cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b7:ec:05:1e:1a:3d:5f:0b:3a:69:0d:2d:e9:
f1:90:76:77:50:aa:62:84:9e:5b:a9:04:16:d7:21:
a6:5c:8b:c2:57:97:06:20:41:8e:3e:d1:1a:c6:fa:
16:a1:9f:a6:a4:6d:c3:64:e5:2f:fa:9c:8e:2b:db:
da:57:be:b2:ca:ec:77:f2:79:88:ac:41:aa:d9:f4:
b7:ac:71:11:76:21:3a:86:82:c0:2e:f1:94:d7:90:
49:bf:e6:d8:28:0b:a3:9f:63:82:f8:1b:0a:19:12:
6c:eb:94:67:63:2c:ba:60:4e:13:1a:66:27:05:5f:
92:1c:7b:68:12:4b:57:21:1e:ae:f8:1a:8b:a3:d5:
4c:78:15:a3:d4:4d:a2:9d:e0:6f:4f:df:52:b9:b2:
d6:b0:06:b3:ba:e8:a9:7a:df:2a:d4:f4:e3:6f:ba:
06:39:19:84:ba:14:e7:b5:e6:74:a2:00:8c:40:86:
73:36:74:4d:11:02:c6:9d:d3:68:b5:d6:85:c1:6e:
ac:bf:4b:00:88:de:de:d2:02:80:b2:0d:cf:da:fa:
3f:09:ed:26:32:16:aa:d4:c5:39:68:e0:2a:cc:61:
69:36:7e:39:b2:e4:ee:bc:68:2f:92:8d:c8:db:ad:
ac:ca:f5:68:96:65:22:0d:f9:ce:0e:11:d1:34:fa:
1e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8C:6C:A9:82:68:66:F1:D7:EE:F6:07:0C:CB:5E:2E:5F:3F:43:CB
X509v3 Authority Key Identifier:
keyid:EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/24xsqYJoZvHX7vYHDMteLl8_Q8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/6-MkxP_wckDusfAOY-Y198uQL5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.12.0/22
185.174.192.0/22
IPv6:
2a09:3300::/32
2a0b:b500::/30
Signature Algorithm: sha256WithRSAEncryption
2f:2b:30:e3:c0:3e:5f:03:41:79:b3:fd:c6:9c:ec:57:8f:d1:
33:e4:aa:20:2d:a0:6e:83:8a:45:76:34:42:da:a1:01:c0:cf:
1f:c2:b6:3c:d6:88:cf:87:bf:06:9d:0b:89:d2:16:be:f5:de:
23:cd:c9:d8:56:23:86:53:19:3b:be:00:41:ce:5c:69:aa:09:
db:de:9b:d7:27:a3:5f:42:5f:68:73:a0:f6:11:da:81:b4:b5:
44:b8:be:d9:b7:64:70:1c:f8:b4:a9:da:dc:7c:ef:14:35:d2:
c2:1b:9e:5d:59:89:76:eb:02:d2:ff:fd:e2:e1:1a:cb:ed:a2:
97:56:4d:e1:0a:e3:a9:23:48:ee:16:98:59:0c:b3:35:07:a8:
65:9d:99:c6:a7:c7:65:f1:44:34:3b:01:e4:57:ef:49:05:92:
ab:2e:00:66:95:5c:57:26:bd:6b:b9:35:72:20:71:22:fc:03:
5b:0e:fe:15:20:23:71:27:d9:2c:e5:0f:21:3b:e6:c6:16:ef:
b8:27:02:25:5c:a6:11:7d:69:be:8e:b3:8d:b9:f6:a1:89:23:
45:51:80:57:5d:e3:bb:e9:86:25:0b:0e:d8:1b:3d:d1:d2:c3:
10:6c:85:69:e8:a3:78:87:af:4d:f2:85:80:7c:eb:ce:e0:05:
27:2b:41:7b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY06fMO1ZwCzUCvsmNIpZOgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZTMyNGM0ZmZmMDcyNDBlZWIxZjAwZTYzZTYzNWY3Y2I5
MDJmOTgwHhcNMjQwMTI0MDgwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhjNmNhOTgyNjg2NmYxZDdlZWY2MDcwY2NiNWUyZTVmM2Y0M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLfsBR4aPV8LOmkNLenxkHZ3UKpi
hJ5bqQQW1yGmXIvCV5cGIEGOPtEaxvoWoZ+mpG3DZOUv+pyOK9vaV76yyux38nmI
rEGq2fS3rHERdiE6hoLALvGU15BJv+bYKAujn2OC+BsKGRJs65RnYyy6YE4TGmYn
BV+SHHtoEktXIR6u+BqLo9VMeBWj1E2ineBvT99SubLWsAazuuipet8q1PTjb7oG
ORmEuhTnteZ0ogCMQIZzNnRNEQLGndNotdaFwW6sv0sAiN7e0gKAsg3P2vo/Ce0m
Mhaq1MU5aOAqzGFpNn45suTuvGgvko3I262syvVolmUiDfnODhHRNPoeywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNuMbKmCaGbx1+72BwzLXi5fP0PLMB8GA1UdIwQY
MBaAFOvjJMT/8HJA7rHwDmPmNffLkC+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAt
OGFmMDVhZTMxOTJjLzEvMjR4c3FZSm9adkhYN3ZZSERNdGVMbDhfUThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAtOGFmMDVhZTMxOTJj
LzEvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCVj4MAwQC
ua7AMBQEAgACMA4DBQAqCTMAAwUCKgu1ADANBgkqhkiG9w0BAQsFAAOCAQEALysw
48A+XwNBebP9xpzsV4/RM+SqIC2gboOKRXY0QtqhAcDPH8K2PNaIz4e/Bp0LidIW
vvXeI83J2FYjhlMZO74AQc5caaoJ296b1yejX0JfaHOg9hHagbS1RLi+2bdkcBz4
tKna3HzvFDXSwhueXVmJdusC0v/94uEay+2il1ZN4QrjqSNI7haYWQyzNQeoZZ2Z
xqfHZfFENDsB5FfvSQWSqy4AZpVcVya9a7k1ciBxIvwDWw7+FSAjcSfZLOUPITvm
xhbvuCcCJVymEX1pvo6zjbn2oYkjRVGAV13ju+mGJQsO2Bs90dLDEGyFaeijeIev
TfKFgHzrzuAFJytBew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:23 2024 by rpki-client on console-fra.rpki-client.org