Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLndlrJQh0vLulOJgrD1fVc2iNU.roa
File: CLndlrJQh0vLulOJgrD1fVc2iNU.roa (raw, json)
Hash identifier: mdzBSeMRbI6Z2Vjg3fwKF0GWs+qnHTbnnNjeVeNPeng=
Subject key identifier: 08:B9:DD:96:B2:50:87:4B:CB:BA:53:89:82:B0:F5:7D:57:36:88:D5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190E45CCB85367C87E9F05E49E831E9A642
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLndlrJQh0vLulOJgrD1fVc2iNU.roa
Signing time: Wed 24 Jul 2024 10:50:04 +0000
ROA not before: Wed 24 Jul 2024 10:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211014
IP address blocks: 62.76.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 12:04:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:5c:cb:85:36:7c:87:e9:f0:5e:49:e8:31:e9:a6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 24 10:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08b9dd96b250874bcbba538982b0f57d573688d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:20:c0:7a:27:6f:f2:de:32:5e:65:4e:4f:
c0:4d:73:62:9b:84:fb:4a:fb:69:7c:cc:d4:81:13:
38:0f:7c:a4:df:6c:93:e7:0f:2a:4a:8e:59:d2:28:
87:e4:75:c1:3c:16:f0:6a:a2:a8:1b:af:f1:67:d5:
6f:36:48:55:f8:17:27:2e:e7:ef:74:0e:d8:ea:71:
f3:8b:54:cb:25:b1:4e:90:e7:ba:ac:12:d2:88:fd:
eb:fb:f3:68:86:73:06:ea:ad:5d:a1:db:91:70:13:
58:8a:2d:89:4c:a2:46:15:4a:c2:36:20:26:23:68:
f0:4b:f8:7a:93:57:d1:b2:aa:e2:32:9d:7a:2f:97:
4d:9c:4f:fb:ce:fa:17:f7:a5:13:8e:2e:4a:e6:9c:
72:32:f7:40:e3:87:07:19:13:12:a5:19:c0:57:99:
38:66:3f:5d:6e:77:2d:df:37:88:c1:bd:b6:7f:02:
33:2d:3d:17:47:f4:cf:e5:22:9f:a4:c1:2f:2d:e2:
20:53:5a:05:c8:9c:e9:89:98:fb:be:e7:76:e0:c6:
c7:df:0b:26:b9:9f:24:01:b0:1e:f2:e1:9a:31:e5:
c1:92:f1:27:f4:fb:2f:03:93:04:07:0f:f9:cb:db:
b2:c0:4d:64:0f:01:6f:51:e0:26:a7:d3:28:91:6b:
95:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B9:DD:96:B2:50:87:4B:CB:BA:53:89:82:B0:F5:7D:57:36:88:D5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLndlrJQh0vLulOJgrD1fVc2iNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:9f:d9:76:9b:93:72:ac:d2:c0:94:55:f1:5e:c5:73:05:99:
25:a8:e9:4c:a5:14:8a:d3:c8:cd:e9:4f:e0:c0:fe:7f:c4:85:
47:ac:ea:50:b7:f1:9f:5a:ab:be:0a:50:1a:46:05:2a:bc:50:
89:0f:52:24:af:a4:c0:fe:d1:73:7f:16:d7:79:ff:2b:bd:0a:
9b:e1:e1:a5:cc:86:f7:c5:9a:8a:e4:c6:82:c1:e0:c6:90:09:
57:25:f7:35:26:58:eb:ea:bb:7a:12:d1:45:4c:9d:c6:dd:86:
fc:08:e8:0c:b0:90:d7:db:70:56:77:a4:03:75:a7:fc:ad:ec:
65:2d:17:b9:86:2e:28:64:84:54:02:c6:d2:19:36:74:cb:0b:
99:ae:9a:7d:95:05:e8:01:22:0e:df:da:ba:f3:95:e7:3d:16:
7c:63:f6:da:77:ba:ec:05:e3:bb:10:c5:1e:c7:96:6f:3e:d6:
8d:f9:45:64:a1:13:fd:e4:4d:0c:ad:bc:8e:96:28:cb:71:38:
5c:9a:65:56:f3:b5:82:9e:42:da:c3:dd:c8:b0:5b:7f:2e:8e:
ae:5f:c4:cf:a8:72:e4:87:5a:4f:18:7c:9f:36:3f:5e:91:f8:
4a:e0:3d:83:67:30:2a:8b:d9:b0:37:51:69:a3:b1:50:43:a6:
c3:ab:e1:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDkXMuFNnyH6fBeSegx6aZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzI0MTA1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGI5ZGQ5NmIyNTA4NzRiY2JiYTUzODk4MmIwZjU3ZDU3MzY4OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx8gwHonb/LeMl5lTk/ATXNim4T7
SvtpfMzUgRM4D3yk32yT5w8qSo5Z0iiH5HXBPBbwaqKoG6/xZ9VvNkhV+BcnLufv
dA7Y6nHzi1TLJbFOkOe6rBLSiP3r+/NohnMG6q1doduRcBNYii2JTKJGFUrCNiAm
I2jwS/h6k1fRsqriMp16L5dNnE/7zvoX96UTji5K5pxyMvdA44cHGRMSpRnAV5k4
Zj9dbnct3zeIwb22fwIzLT0XR/TP5SKfpMEvLeIgU1oFyJzpiZj7vud24MbH3wsm
uZ8kAbAe8uGaMeXBkvEn9PsvA5MEBw/5y9uywE1kDwFvUeAmp9MokWuVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAi53ZayUIdLy7pTiYKw9X1XNojVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0xuZGxySlFoMHZMdWxPSmdyRDFmVmMyaU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzpMA0G
CSqGSIb3DQEBCwUAA4IBAQBcn9l2m5NyrNLAlFXxXsVzBZklqOlMpRSK08jN6U/g
wP5/xIVHrOpQt/GfWqu+ClAaRgUqvFCJD1Ikr6TA/tFzfxbXef8rvQqb4eGlzIb3
xZqK5MaCweDGkAlXJfc1Jljr6rt6EtFFTJ3G3Yb8COgMsJDX23BWd6QDdaf8rexl
LRe5hi4oZIRUAsbSGTZ0ywuZrpp9lQXoASIO39q685XnPRZ8Y/bad7rsBeO7EMUe
x5ZvPtaN+UVkoRP95E0MrbyOlijLcThcmmVW87WCnkLaw93IsFt/Lo6uX8TPqHLk
h1pPGHyfNj9ekfhK4D2DZzAqi9mwN1Fpo7FQQ6bDq+Fc
-----END CERTIFICATE-----
Generated at Mon Jul 29 14:18:38 2024 by rpki-client on console-ams.rpki-client.org