Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6yNrK-pzvPDCZ5jid-L2nzqs5MI.roa
File: 6yNrK-pzvPDCZ5jid-L2nzqs5MI.roa (raw, json)
Hash identifier: KCDJl4C6E/3TU0eh2yKuZNYn5PAhwsLPEsbf12v5rU8=
Subject key identifier: EB:23:6B:2B:EA:73:BC:F0:C2:67:98:E2:77:E2:F6:9F:3A:AC:E4:C2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189DE041CDD6FD8E3D0DCC6C4A0514C2505
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6yNrK-pzvPDCZ5jid-L2nzqs5MI.roa
Signing time: Thu 10 Aug 2023 05:55:58 +0000
ROA not before: Thu 10 Aug 2023 05:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 62.76.225.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:04:1c:dd:6f:d8:e3:d0:dc:c6:c4:a0:51:4c:25:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 10 05:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb236b2bea73bcf0c26798e277e2f69f3aace4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f6:08:69:48:fd:1b:4b:48:c8:74:12:9e:b4:
10:6e:97:5f:29:37:7f:84:55:e9:b9:b8:69:82:f6:
84:1a:a0:54:bd:e0:3f:20:b3:aa:b4:2a:b2:9c:cc:
30:9f:df:2d:6f:79:96:6f:34:70:ba:bd:9e:e7:6d:
b3:a5:fe:90:77:85:8c:70:0c:5b:8b:1d:4f:bc:ac:
5d:54:4f:9d:17:51:77:42:b9:a5:4c:65:c6:a0:c5:
f5:39:9e:40:0e:f9:e9:31:4f:59:89:29:15:d7:66:
8e:19:28:e6:97:25:d9:0a:73:2d:83:66:12:3d:36:
37:46:ad:33:4d:36:dc:61:c1:f5:91:f1:7a:c2:81:
2e:cd:1b:5a:cc:71:3f:e7:de:cb:5f:3c:20:b2:51:
64:0f:63:93:da:34:1c:9c:59:f2:a5:5f:c3:71:3f:
41:08:eb:36:6c:d1:8e:a9:46:51:c5:d8:30:79:72:
3c:6b:8c:69:a9:00:da:21:f6:d3:0c:c2:6f:fb:36:
49:4e:97:2b:e3:5a:e2:26:11:15:12:51:80:5e:8e:
ab:6e:bb:93:63:b8:fb:cf:5e:5c:2e:da:49:06:c0:
38:0e:ee:44:7b:c4:a9:6f:5c:c5:62:42:71:f5:b6:
89:43:40:a4:dd:12:18:0c:6a:28:6e:4b:f4:68:04:
49:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:23:6B:2B:EA:73:BC:F0:C2:67:98:E2:77:E2:F6:9F:3A:AC:E4:C2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6yNrK-pzvPDCZ5jid-L2nzqs5MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
193.124.91.0/24
193.124.95.0/24
195.133.81.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:39:08:f0:ff:53:79:0d:95:33:83:6e:05:6f:d7:d3:9b:16:
b9:82:2f:d7:95:f7:ce:9a:ed:a6:4a:99:d9:8f:54:2d:aa:2e:
11:03:e3:d4:ab:25:ed:e5:a3:13:f7:67:bd:34:64:92:1d:f3:
b8:b9:15:5b:ec:6a:78:e4:6e:75:41:45:e6:0e:b6:7e:cd:18:
af:89:c7:4f:24:2f:2d:f4:5a:d0:a8:b4:79:13:e2:c9:42:49:
7a:23:e6:1b:03:34:d5:5f:bf:ff:d8:83:12:c8:01:e2:b1:1a:
68:a2:1c:1a:18:33:8f:28:24:30:85:fa:ba:f1:e8:69:02:ca:
26:5e:0f:00:a0:eb:db:05:a8:55:88:61:2b:1f:cd:93:6a:2a:
f5:3b:a2:4c:c7:18:52:3a:85:de:9c:76:6e:13:67:65:f7:bd:
d5:38:58:f6:31:78:b0:4d:1e:92:1d:87:62:fa:3b:5e:c0:0d:
93:76:4f:1a:04:53:9d:17:bc:d9:20:9d:16:bd:21:10:52:55:
b0:8e:1a:cd:03:d1:a3:b9:90:1b:6e:b6:c9:92:ec:1d:47:16:
0c:c2:3c:99:15:96:83:6c:c4:53:82:0c:31:91:17:15:cc:4f:
76:0a:4b:2f:e8:b4:62:c3:d9:ec:cb:b4:7d:03:bb:eb:9e:d6:
b4:65:a3:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYneBBzdb9jj0NzGxKBRTCUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODEwMDU1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjIzNmIyYmVhNzNiY2YwYzI2Nzk4ZTI3N2UyZjY5ZjNhYWNlNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/YIaUj9G0tIyHQSnrQQbpdfKTd/
hFXpubhpgvaEGqBUveA/ILOqtCqynMwwn98tb3mWbzRwur2e522zpf6Qd4WMcAxb
ix1PvKxdVE+dF1F3QrmlTGXGoMX1OZ5ADvnpMU9ZiSkV12aOGSjmlyXZCnMtg2YS
PTY3Rq0zTTbcYcH1kfF6woEuzRtazHE/597LXzwgslFkD2OT2jQcnFnypV/DcT9B
COs2bNGOqUZRxdgweXI8a4xpqQDaIfbTDMJv+zZJTpcr41riJhEVElGAXo6rbruT
Y7j7z15cLtpJBsA4Du5Ee8Spb1zFYkJx9baJQ0Ck3RIYDGoobkv0aARJUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOsjayvqc7zwwmeY4nfi9p86rOTCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNnlOckstcHp2UERDWjVqaWQtTDJuenFzNU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzhAwQA
wXxbAwQAwXxfAwQAw4VRMA0GCSqGSIb3DQEBCwUAA4IBAQAMOQjw/1N5DZUzg24F
b9fTmxa5gi/XlffOmu2mSpnZj1Qtqi4RA+PUqyXt5aMT92e9NGSSHfO4uRVb7Gp4
5G51QUXmDrZ+zRivicdPJC8t9FrQqLR5E+LJQkl6I+YbAzTVX7//2IMSyAHisRpo
ohwaGDOPKCQwhfq68ehpAsomXg8AoOvbBahViGErH82Tair1O6JMxxhSOoXenHZu
E2dl973VOFj2MXiwTR6SHYdi+jtewA2Tdk8aBFOdF7zZIJ0WvSEQUlWwjhrNA9Gj
uZAbbrbJkuwdRxYMwjyZFZaDbMRTggwxkRcVzE92Cksv6LRiw9nsy7R9A7vrnta0
ZaPv
-----END CERTIFICATE-----
Generated at Sat Aug 12 07:18:22 2023 by rpki-client on console-ams.rpki-client.org