Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/68v0kP_w3yvVetdo4Nd5uJCF994.roa
File: 68v0kP_w3yvVetdo4Nd5uJCF994.roa (raw, json)
Hash identifier: hGa7VnnyYMbJwIsdHgeCT6yOMPuez1z5FrDWHS2HqQ8=
Subject key identifier: EB:CB:F4:90:FF:F0:DF:2B:D5:7A:D7:68:E0:D7:79:B8:90:85:F7:DE
Certificate issuer: /CN=08018478914871aab0e1c0036d3626ebad6e20cc
Certificate serial: 018B617FEEFC2E8D4E6DCA8B0AD575B1FBE9
Authority key identifier: 08:01:84:78:91:48:71:AA:B0:E1:C0:03:6D:36:26:EB:AD:6E:20:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAGEeJFIcaqw4cADbTYm661uIMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/68v0kP_w3yvVetdo4Nd5uJCF994.roa
Signing time: Tue 24 Oct 2023 11:44:15 +0000
ROA not before: Tue 24 Oct 2023 11:44:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216273
IP address blocks: 92.61.168.0/21 maxlen: 24
2a10:6540::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:7f:ee:fc:2e:8d:4e:6d:ca:8b:0a:d5:75:b1:fb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08018478914871aab0e1c0036d3626ebad6e20cc
Validity
Not Before: Oct 24 11:44:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebcbf490fff0df2bd57ad768e0d779b89085f7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f0:bb:21:06:ba:df:c0:ef:a1:d9:da:1b:a8:
f7:d4:0c:e7:97:7b:1d:a3:16:00:4a:c1:24:a2:8b:
9d:07:80:9c:13:c5:bf:5d:71:07:82:24:9c:f4:51:
ca:ca:0b:c1:46:2a:83:87:25:d0:66:e3:47:65:c5:
2a:23:61:d2:d9:3b:ff:28:b3:0f:d3:36:b8:94:61:
84:ff:f8:72:57:8f:eb:37:6a:ab:95:35:4b:36:e8:
46:bf:45:ef:f8:68:82:cc:81:61:36:34:88:de:b7:
f1:0c:e6:cf:90:34:2d:0c:26:34:a3:6e:13:9c:5a:
71:86:17:16:cb:55:43:3d:f9:b1:32:51:41:b7:04:
3b:ab:dc:f1:14:97:6f:c1:e9:b7:0c:57:ae:af:11:
55:a9:84:ca:94:d2:02:86:2a:19:41:c6:63:ca:a0:
9d:dc:cd:9f:d1:d1:c9:9f:0b:56:98:5c:eb:28:1d:
f1:18:6a:18:d0:26:69:4f:df:c1:49:79:51:88:77:
fe:ce:70:08:96:a4:d5:93:53:ff:25:e1:93:46:95:
01:05:65:1a:32:98:dd:86:b5:61:8a:fb:d1:a4:10:
6e:1d:ae:05:3a:2e:44:04:52:f4:83:9b:22:9f:8d:
a1:8d:d6:83:e3:f7:ac:a8:a7:ac:6c:08:47:00:ba:
c7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CB:F4:90:FF:F0:DF:2B:D5:7A:D7:68:E0:D7:79:B8:90:85:F7:DE
X509v3 Authority Key Identifier:
keyid:08:01:84:78:91:48:71:AA:B0:E1:C0:03:6D:36:26:EB:AD:6E:20:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAGEeJFIcaqw4cADbTYm661uIMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/68v0kP_w3yvVetdo4Nd5uJCF994.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/CAGEeJFIcaqw4cADbTYm661uIMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.168.0/21
IPv6:
2a10:6540::/29
Signature Algorithm: sha256WithRSAEncryption
0b:ad:6e:cc:8b:f2:6c:35:18:f8:66:af:d6:9a:90:ae:fe:1f:
7c:7d:2d:2d:00:ce:3b:b7:46:05:fd:ba:56:1f:d4:3f:8c:f4:
a4:69:c2:7c:6c:c7:ff:e6:ec:38:a9:e6:bc:6f:48:da:bc:42:
ee:ea:cc:cf:9d:d6:a7:6e:67:bf:a0:a3:0e:71:be:34:a9:68:
9d:83:57:db:54:e2:da:e4:06:f0:a5:3f:37:52:be:4f:e1:b5:
3c:77:b6:55:00:50:f3:a6:c4:3d:e1:69:eb:29:da:00:11:c5:
b5:e4:cc:9b:2e:af:d3:b9:d7:d8:96:9f:1a:84:59:5c:7b:25:
10:2c:d9:6a:f0:5a:43:88:ac:fc:66:5d:d6:05:f1:5a:e1:6b:
62:44:8c:1a:57:e7:cb:fe:25:2b:e8:2b:15:13:d5:80:17:79:
d7:7a:7c:25:85:32:8a:25:fa:83:64:63:a9:89:c4:81:19:1b:
d0:49:5f:13:7f:d2:7b:08:99:15:62:b2:20:96:95:4d:0f:42:
4b:0e:b8:0a:c0:9d:67:f3:6d:87:88:6c:57:84:cd:ce:2f:2d:
c6:74:1f:7d:2e:dc:73:8d:54:6a:74:0f:52:b8:35:68:3e:05:
e7:f6:1d:f8:17:4b:0f:24:7b:3d:c6:76:e9:ea:34:a9:97:91:
0c:2f:26:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYthf+78Lo1ObcqLCtV1sfvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDE4NDc4OTE0ODcxYWFiMGUxYzAwMzZkMzYyNmViYWQ2
ZTIwY2MwHhcNMjMxMDI0MTE0NDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmNiZjQ5MGZmZjBkZjJiZDU3YWQ3NjhlMGQ3NzliODkwODVmN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfC7IQa638DvodnaG6j31Aznl3sd
oxYASsEkooudB4CcE8W/XXEHgiSc9FHKygvBRiqDhyXQZuNHZcUqI2HS2Tv/KLMP
0za4lGGE//hyV4/rN2qrlTVLNuhGv0Xv+GiCzIFhNjSI3rfxDObPkDQtDCY0o24T
nFpxhhcWy1VDPfmxMlFBtwQ7q9zxFJdvwem3DFeurxFVqYTKlNIChioZQcZjyqCd
3M2f0dHJnwtWmFzrKB3xGGoY0CZpT9/BSXlRiHf+znAIlqTVk1P/JeGTRpUBBWUa
MpjdhrVhivvRpBBuHa4FOi5EBFL0g5sin42hjdaD4/esqKesbAhHALrHPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOvL9JD/8N8r1XrXaODXebiQhffeMB8GA1UdIwQY
MBaAFAgBhHiRSHGqsOHAA202JuutbiDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FHRWVKRkljYXF3NGNBRGJUWW02NjF1SU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC81ZjgzYzQtNjQwZC00ZmYzLTljZjQt
NjA2MjdlMTE1MjY5LzEvNjh2MGtQX3czeXZWZXRkbzROZDV1SkNGOTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC81ZjgzYzQtNjQwZC00ZmYzLTljZjQtNjA2MjdlMTE1MjY5
LzEvQ0FHRWVKRkljYXF3NGNBRGJUWW02NjF1SU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXD2oMA0E
AgACMAcDBQMqEGVAMA0GCSqGSIb3DQEBCwUAA4IBAQALrW7Mi/JsNRj4Zq/WmpCu
/h98fS0tAM47t0YF/bpWH9Q/jPSkacJ8bMf/5uw4qea8b0javELu6szPndanbme/
oKMOcb40qWidg1fbVOLa5AbwpT83Ur5P4bU8d7ZVAFDzpsQ94WnrKdoAEcW15Myb
Lq/TudfYlp8ahFlceyUQLNlq8FpDiKz8Zl3WBfFa4WtiRIwaV+fL/iUr6CsVE9WA
F3nXenwlhTKKJfqDZGOpicSBGRvQSV8Tf9J7CJkVYrIglpVND0JLDrgKwJ1n822H
iGxXhM3OLy3GdB99LtxzjVRqdA9SuDVoPgXn9h34F0sPJHs9xnbp6jSpl5EMLyYy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:37 2024 by rpki-client on console-ams.rpki-client.org