Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5b8301-9391-4384-b951-5eee123b38dc/1/Q4o10FFH1VaeEEd-xUwolPID03A.roa
File: Q4o10FFH1VaeEEd-xUwolPID03A.roa (raw, json)
Hash identifier: S1k4/QajXsPBOW47JtZUyM0rtDdkoZ/m5/Tgk0wlf3w=
Subject key identifier: 43:8A:35:D0:51:47:D5:56:9E:10:47:7E:C5:4C:28:94:F2:03:D3:70
Certificate issuer: /CN=99f95c37d71aa2f49695e13f417e30a97304aaf4
Certificate serial: 0185737A83A37000C724A28D86AD45E64E30
Authority key identifier: 99:F9:5C:37:D7:1A:A2:F4:96:95:E1:3F:41:7E:30:A9:73:04:AA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mflcN9caovSWleE_QX4wqXMEqvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5b8301-9391-4384-b951-5eee123b38dc/1/Q4o10FFH1VaeEEd-xUwolPID03A.roa
Signing time: Mon 02 Jan 2023 17:14:46 +0000
ROA not before: Mon 02 Jan 2023 17:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212097
IP address blocks: 62.133.38.0/24 maxlen: 24
62.133.36.0/22 maxlen: 22
62.133.36.0/24 maxlen: 24
62.133.37.0/24 maxlen: 24
62.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:83:a3:70:00:c7:24:a2:8d:86:ad:45:e6:4e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99f95c37d71aa2f49695e13f417e30a97304aaf4
Validity
Not Before: Jan 2 17:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=438a35d05147d5569e10477ec54c2894f203d370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:ac:71:32:da:46:0e:4d:20:a2:94:83:c9:
50:18:f5:6c:4f:8d:91:df:30:e2:c2:2a:41:60:ca:
9a:ef:e0:4d:fa:e6:db:a2:d9:68:85:f9:bc:0d:e1:
cb:da:96:f5:ff:63:26:73:9c:b9:04:e2:ec:6b:e9:
32:0a:b3:90:f9:de:15:c8:4e:97:2f:67:60:18:25:
7b:ed:e8:65:8f:09:ff:a8:80:5b:17:6c:ce:09:7c:
5c:14:2a:57:52:54:f9:61:c7:26:f1:76:13:cb:06:
37:cd:e7:f9:2d:a8:fd:ab:9c:fa:46:9e:3d:17:c4:
3a:22:b3:e5:d3:8a:58:3d:5d:1d:df:c4:b0:64:c1:
2a:9a:f8:97:22:9f:6d:c3:ba:04:91:fb:c3:5f:ac:
52:08:e7:d1:28:c5:8d:5f:96:7d:92:dc:34:c8:82:
3e:52:de:47:47:17:0c:f1:b4:56:14:e1:35:01:68:
16:3e:ff:da:59:6b:9a:4b:40:fd:5a:b1:76:83:76:
11:48:1a:ea:8f:84:94:03:89:b1:4b:d8:a8:72:c6:
3f:84:8b:56:73:28:a0:2a:88:a4:a1:e0:2d:a8:1e:
bd:66:33:4e:63:d7:c3:14:17:a4:a2:d6:15:94:35:
40:61:68:33:27:a9:c2:7d:29:94:25:57:5c:e6:d3:
a6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8A:35:D0:51:47:D5:56:9E:10:47:7E:C5:4C:28:94:F2:03:D3:70
X509v3 Authority Key Identifier:
keyid:99:F9:5C:37:D7:1A:A2:F4:96:95:E1:3F:41:7E:30:A9:73:04:AA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mflcN9caovSWleE_QX4wqXMEqvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5b8301-9391-4384-b951-5eee123b38dc/1/Q4o10FFH1VaeEEd-xUwolPID03A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5b8301-9391-4384-b951-5eee123b38dc/1/mflcN9caovSWleE_QX4wqXMEqvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:fd:af:f7:ec:44:ad:61:32:53:b7:a5:6a:26:f6:93:50:3b:
e4:67:7c:18:93:fa:9f:2b:ee:1d:9e:74:fe:4e:99:a3:4e:c2:
36:ae:7b:5a:3f:10:d1:78:eb:40:2c:84:82:0c:7b:18:68:99:
82:2b:f9:d0:06:6f:0d:ea:29:af:07:04:c0:13:7a:81:3c:01:
45:39:9e:4c:39:42:a8:84:e0:01:e2:b6:2e:69:fe:96:b4:d0:
20:dd:86:ae:5f:5c:b4:b6:6f:cb:ac:43:83:18:63:31:d1:b4:
aa:67:02:a7:2b:04:b7:d3:0b:b2:74:71:ca:e4:ac:ec:24:b0:
71:a4:08:e2:75:2a:34:54:a6:b5:a7:b1:b3:dc:9e:38:94:51:
c9:f3:5f:1d:20:72:db:6d:f5:81:e0:fa:9d:66:2c:5a:01:17:
15:48:d8:51:bd:e2:74:4b:36:7a:7e:5f:02:d5:1a:87:87:62:
80:68:c3:fc:bb:ae:8c:d2:06:1e:0d:2e:ed:c3:ab:bb:93:51:
53:be:0c:39:a9:01:32:32:80:52:65:f8:ab:e7:cc:c5:69:18:
d4:f9:12:e8:8d:41:15:78:dc:84:a8:74:4b:50:35:b9:07:68:
e0:25:13:31:62:56:6c:a7:a7:30:4e:b9:49:96:66:00:49:31:
b1:51:39:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzeoOjcADHJKKNhq1F5k4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Zjk1YzM3ZDcxYWEyZjQ5Njk1ZTEzZjQxN2UzMGE5NzMw
NGFhZjQwHhcNMjMwMTAyMTcxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhhMzVkMDUxNDdkNTU2OWUxMDQ3N2VjNTRjMjg5NGYyMDNkMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllCscTLaRg5NIKKUg8lQGPVsT42R
3zDiwipBYMqa7+BN+ubbotlohfm8DeHL2pb1/2Mmc5y5BOLsa+kyCrOQ+d4VyE6X
L2dgGCV77ehljwn/qIBbF2zOCXxcFCpXUlT5Yccm8XYTywY3zef5Laj9q5z6Rp49
F8Q6IrPl04pYPV0d38SwZMEqmviXIp9tw7oEkfvDX6xSCOfRKMWNX5Z9ktw0yII+
Ut5HRxcM8bRWFOE1AWgWPv/aWWuaS0D9WrF2g3YRSBrqj4SUA4mxS9iocsY/hItW
cyigKoikoeAtqB69ZjNOY9fDFBekotYVlDVAYWgzJ6nCfSmUJVdc5tOmCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOKNdBRR9VWnhBHfsVMKJTyA9NwMB8GA1UdIwQY
MBaAFJn5XDfXGqL0lpXhP0F+MKlzBKr0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZsY045Y2FvdlNXbGVFX1FYNHdxWE1FcXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YjgzMDEtOTM5MS00Mzg0LWI5NTEt
NWVlZTEyM2IzOGRjLzEvUTRvMTBGRkgxVmFlRUVkLXhVd29sUElEMDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YjgzMDEtOTM5MS00Mzg0LWI5NTEtNWVlZTEyM2IzOGRj
LzEvbWZsY045Y2FvdlNXbGVFX1FYNHdxWE1FcXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPoUkMA0G
CSqGSIb3DQEBCwUAA4IBAQCb/a/37EStYTJTt6VqJvaTUDvkZ3wYk/qfK+4dnnT+
TpmjTsI2rntaPxDReOtALISCDHsYaJmCK/nQBm8N6imvBwTAE3qBPAFFOZ5MOUKo
hOAB4rYuaf6WtNAg3YauX1y0tm/LrEODGGMx0bSqZwKnKwS30wuydHHK5KzsJLBx
pAjidSo0VKa1p7Gz3J44lFHJ818dIHLbbfWB4PqdZixaARcVSNhRveJ0SzZ6fl8C
1RqHh2KAaMP8u66M0gYeDS7tw6u7k1FTvgw5qQEyMoBSZfir58zFaRjU+RLojUEV
eNyEqHRLUDW5B2jgJRMxYlZsp6cwTrlJlmYASTGxUTkJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:41 2024 by rpki-client on console-fra.rpki-client.org