Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SSrkY1qNd4toWzYr-e5GaDOMYgo.roa
File: SSrkY1qNd4toWzYr-e5GaDOMYgo.roa (raw, json)
Hash identifier: bVcrCuT83PBv2hVOo2wx+rvcDNW+8fuYg2yiGqP8QDE=
Subject key identifier: 49:2A:E4:63:5A:8D:77:8B:68:5B:36:2B:F9:EE:46:68:33:8C:62:0A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AE0C0B098074DB3F077F8C79488318F9A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SSrkY1qNd4toWzYr-e5GaDOMYgo.roa
Signing time: Fri 29 Sep 2023 11:43:59 +0000
ROA not before: Fri 29 Sep 2023 11:43:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216366
IP address blocks: 62.76.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:c0:b0:98:07:4d:b3:f0:77:f8:c7:94:88:31:8f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 29 11:43:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=492ae4635a8d778b685b362bf9ee4668338c620a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fd:d2:d2:d0:11:70:d2:4e:01:1d:c6:9c:3d:
2f:e1:23:88:b7:98:80:4a:93:ee:55:e5:28:c5:90:
a2:20:d0:d4:23:c3:05:6f:d7:c8:ea:1f:3c:d2:b2:
9e:0f:e0:75:33:ac:d7:bd:be:67:e1:ad:21:93:ac:
9d:16:a7:1d:ca:25:8e:a1:af:30:af:b4:4a:14:fb:
cc:b2:de:d3:27:f2:89:6d:6f:8e:00:d5:e3:38:7f:
5f:a8:79:98:f9:8d:cf:25:9c:23:44:69:7a:2f:9e:
2a:f4:87:e0:44:fc:8e:b3:67:be:60:ba:57:5a:fb:
08:a8:ba:9a:6c:e6:6d:47:e6:34:9c:91:33:5e:ed:
2a:11:15:96:91:b5:6d:e1:5b:a6:8e:f1:41:ba:5c:
80:a9:18:8a:a0:4e:18:4b:85:72:8f:b8:b5:b9:a1:
ee:c5:72:4a:da:63:b1:c0:1b:05:78:ac:95:ae:dc:
33:e6:52:77:c9:ef:ce:7d:09:d0:b7:ff:18:78:b5:
1d:b9:bc:f6:05:9c:da:e8:9f:c0:e7:70:9d:7b:32:
c0:5b:57:e3:3f:0e:7a:35:11:e6:d1:81:09:29:f0:
b3:55:90:5d:ee:f0:a7:fa:88:83:03:21:5c:5f:23:
4c:07:63:2f:c3:5d:d2:e5:50:a1:02:76:84:cf:0c:
f2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2A:E4:63:5A:8D:77:8B:68:5B:36:2B:F9:EE:46:68:33:8C:62:0A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SSrkY1qNd4toWzYr-e5GaDOMYgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:c7:11:86:68:9a:f0:61:a7:f1:c4:66:7a:af:ed:d3:f4:d9:
fd:22:32:e6:75:1f:3a:b6:ae:96:61:05:f9:15:44:51:c8:1d:
57:87:e0:c2:6b:72:bc:35:99:6f:e1:f1:24:39:a0:94:af:be:
c3:99:12:73:05:91:42:ed:d8:f1:5d:dc:d1:04:19:78:49:4f:
62:5c:37:16:af:c8:ff:ca:a5:08:93:d2:86:94:0e:50:6e:5e:
58:e6:57:8f:c2:b4:2e:f2:62:f9:f3:8a:f0:13:93:d4:e8:fd:
a5:c1:65:fd:cb:4d:ca:21:75:a2:ce:54:2f:3b:c4:f3:e7:5d:
ce:74:56:e6:fb:f4:08:88:4b:46:cb:e1:30:21:77:2a:d8:59:
72:f9:45:e8:5d:64:e5:98:a8:17:fe:8e:67:d6:b1:81:e8:6b:
57:50:42:dd:22:e0:eb:1a:d1:1c:02:ef:fb:41:7f:e4:25:46:
52:56:c0:be:b3:c3:6a:8a:86:79:ed:79:30:cd:2e:fa:18:34:
f8:80:3d:ad:2e:c7:e1:3e:99:98:44:68:c9:02:a8:80:5e:ef:
54:f1:aa:1a:53:bc:75:71:bf:ec:63:52:d9:2c:41:73:8e:74:
80:98:af:ab:da:c6:e4:b2:d2:fb:31:66:92:19:c8:1c:42:2e:
ee:4e:00:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrgwLCYB02z8Hf4x5SIMY+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI5MTE0MzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTJhZTQ2MzVhOGQ3NzhiNjg1YjM2MmJmOWVlNDY2ODMzOGM2MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/3S0tARcNJOAR3GnD0v4SOIt5iA
SpPuVeUoxZCiINDUI8MFb9fI6h880rKeD+B1M6zXvb5n4a0hk6ydFqcdyiWOoa8w
r7RKFPvMst7TJ/KJbW+OANXjOH9fqHmY+Y3PJZwjRGl6L54q9IfgRPyOs2e+YLpX
WvsIqLqabOZtR+Y0nJEzXu0qERWWkbVt4VumjvFBulyAqRiKoE4YS4Vyj7i1uaHu
xXJK2mOxwBsFeKyVrtwz5lJ3ye/OfQnQt/8YeLUdubz2BZza6J/A53CdezLAW1fj
Pw56NRHm0YEJKfCzVZBd7vCn+oiDAyFcXyNMB2Mvw13S5VChAnaEzwzyNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkq5GNajXeLaFs2K/nuRmgzjGIKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1Nya1kxcU5kNHRvV3pZci1lNUdhRE9NWWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzhMA0G
CSqGSIb3DQEBCwUAA4IBAQA8xxGGaJrwYafxxGZ6r+3T9Nn9IjLmdR86tq6WYQX5
FURRyB1Xh+DCa3K8NZlv4fEkOaCUr77DmRJzBZFC7djxXdzRBBl4SU9iXDcWr8j/
yqUIk9KGlA5Qbl5Y5lePwrQu8mL584rwE5PU6P2lwWX9y03KIXWizlQvO8Tz513O
dFbm+/QIiEtGy+EwIXcq2Fly+UXoXWTlmKgX/o5n1rGB6GtXUELdIuDrGtEcAu/7
QX/kJUZSVsC+s8NqioZ57XkwzS76GDT4gD2tLsfhPpmYRGjJAqiAXu9U8aoaU7x1
cb/sY1LZLEFzjnSAmK+r2sbkstL7MWaSGcgcQi7uTgBO
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org