Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/bIvYbrW0ng0BuriJzhX9kgphTls.roa
File: bIvYbrW0ng0BuriJzhX9kgphTls.roa (raw, json)
Hash identifier: 5hI0aCwZflc5NXd4N64aqILZOIP1AgdfXGhAnAcFF5g=
Subject key identifier: 6C:8B:D8:6E:B5:B4:9E:0D:01:BA:B8:89:CE:15:FD:92:0A:61:4E:5B
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC4C8A63AA1A4B654CADD82655F246
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/bIvYbrW0ng0BuriJzhX9kgphTls.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60544
IP address blocks: 62.76.205.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Apr 2024 10:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4c:8a:63:aa:1a:4b:65:4c:ad:d8:26:55:f2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c8bd86eb5b49e0d01bab889ce15fd920a614e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:11:7d:c5:a0:20:36:e0:b8:95:ea:41:a8:24:
66:fb:38:ea:97:95:05:53:c4:b9:40:16:fc:09:86:
93:6f:4f:e7:e0:d4:4b:70:1d:23:0e:e4:f6:d4:0d:
98:b9:6d:07:58:0a:4b:56:f8:c2:71:1f:05:7d:95:
71:b2:63:55:43:c7:63:77:f9:59:7c:58:95:93:2f:
1d:70:99:c5:83:e8:bd:bf:79:00:a7:d5:9a:74:cf:
a7:17:b4:5a:17:ad:8d:fa:46:eb:0e:3e:7c:92:45:
54:ef:b3:87:c6:10:1f:1a:8a:fc:e2:7e:78:74:d4:
64:13:02:11:c0:3a:ba:f9:3f:87:7b:5d:32:a1:f9:
bd:fa:d8:3e:e6:f4:6b:f4:7f:64:53:c0:03:69:80:
54:d5:3c:84:1a:02:e5:b8:7b:e4:c2:7a:95:d1:a1:
82:19:03:93:2f:bb:7e:53:82:fa:7b:5f:cf:64:90:
fe:d7:6e:96:72:6b:07:f5:0d:14:69:74:2d:77:d9:
f7:41:d7:df:84:c4:50:c2:1b:98:21:5b:4f:0c:c0:
19:e2:ea:b7:3e:08:01:f7:82:60:02:98:dc:0b:5a:
5b:23:3a:92:c2:03:b8:b8:df:58:95:0f:2f:c1:fd:
f4:0f:95:bf:a3:c9:67:db:0f:a7:60:06:24:73:01:
2e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8B:D8:6E:B5:B4:9E:0D:01:BA:B8:89:CE:15:FD:92:0A:61:4E:5B
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/bIvYbrW0ng0BuriJzhX9kgphTls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.205.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4e:5e:ff:44:91:8d:78:4e:90:77:a0:ac:48:70:c0:92:db:
6e:f7:d0:6d:86:6b:f3:5f:16:51:38:b5:3e:c1:73:29:1e:a2:
aa:8d:1f:3b:be:dd:07:08:5d:9f:cf:53:d5:66:d1:09:2c:f7:
8e:d5:48:80:ee:30:c2:3b:22:4d:f9:3d:bf:f6:d1:f5:5c:c4:
10:6d:1d:ea:e0:f2:84:f4:c9:56:7f:a1:c9:f0:ec:40:70:2d:
5f:00:d5:6a:57:25:e0:d2:ea:11:cc:13:f4:c4:7c:a7:1b:0a:
c9:69:28:d7:0c:a8:8c:15:c3:ec:e1:df:b7:6f:26:8a:77:21:
50:83:5a:96:b8:3d:97:0d:f4:3d:00:ab:68:fe:51:f3:0d:18:
5f:01:c7:17:a7:9d:8f:52:b9:60:6e:5b:37:c8:db:30:f8:0e:
8c:fa:0b:04:69:be:d5:25:52:78:5e:c7:b8:08:95:00:00:00:
a2:bc:cd:d9:16:ce:41:6e:b1:d1:e0:b6:0f:62:50:af:ab:05:
db:34:27:ef:ce:5e:ef:93:c6:7b:74:00:5c:30:3d:45:5d:74:
1d:fe:d1:03:b5:c3:a9:8a:b2:cd:30:09:b8:68:53:9f:24:bc:
90:61:ef:dc:23:ff:b0:42:bb:47:ea:31:8b:de:61:50:0c:53:
3d:21:68:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3EyKY6oaS2VMrdgmVfJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhiZDg2ZWI1YjQ5ZTBkMDFiYWI4ODljZTE1ZmQ5MjBhNjE0ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhF9xaAgNuC4lepBqCRm+zjql5UF
U8S5QBb8CYaTb0/n4NRLcB0jDuT21A2YuW0HWApLVvjCcR8FfZVxsmNVQ8djd/lZ
fFiVky8dcJnFg+i9v3kAp9WadM+nF7RaF62N+kbrDj58kkVU77OHxhAfGor84n54
dNRkEwIRwDq6+T+He10yofm9+tg+5vRr9H9kU8ADaYBU1TyEGgLluHvkwnqV0aGC
GQOTL7t+U4L6e1/PZJD+126WcmsH9Q0UaXQtd9n3QdffhMRQwhuYIVtPDMAZ4uq3
PggB94JgApjcC1pbIzqSwgO4uN9YlQ8vwf30D5W/o8ln2w+nYAYkcwEutQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyL2G61tJ4NAbq4ic4V/ZIKYU5bMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvYkl2WWJyVzBuZzBCdXJpSnpoWDlrZ3BoVGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzNMA0G
CSqGSIb3DQEBCwUAA4IBAQBYTl7/RJGNeE6Qd6CsSHDAkttu99BthmvzXxZROLU+
wXMpHqKqjR87vt0HCF2fz1PVZtEJLPeO1UiA7jDCOyJN+T2/9tH1XMQQbR3q4PKE
9MlWf6HJ8OxAcC1fANVqVyXg0uoRzBP0xHynGwrJaSjXDKiMFcPs4d+3byaKdyFQ
g1qWuD2XDfQ9AKto/lHzDRhfAccXp52PUrlgbls3yNsw+A6M+gsEab7VJVJ4Xse4
CJUAAACivM3ZFs5BbrHR4LYPYlCvqwXbNCfvzl7vk8Z7dABcMD1FXXQd/tEDtcOp
irLNMAm4aFOfJLyQYe/cI/+wQrtH6jGL3mFQDFM9IWgd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org