Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SY6xYwFTqpIxIeyrsGJ_YMcavNk.roa
File: SY6xYwFTqpIxIeyrsGJ_YMcavNk.roa (raw, json)
Hash identifier: nYZzHz5TvQRPg1IenkfRLjdG+jGBDKovSHPmBs9umQo=
Subject key identifier: 49:8E:B1:63:01:53:AA:92:31:21:EC:AB:B0:62:7F:60:C7:1A:BC:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186356AFA38974A598C9E5822CB02820D0C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SY6xYwFTqpIxIeyrsGJ_YMcavNk.roa
Signing time: Thu 09 Feb 2023 09:04:08 +0000
ROA not before: Thu 09 Feb 2023 09:04:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:6a:fa:38:97:4a:59:8c:9e:58:22:cb:02:82:0d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 9 09:04:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=498eb1630153aa923121ecabb0627f60c71abcd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ae:cb:91:72:93:4e:83:47:8b:00:bd:ca:e6:
37:3c:a1:b1:f6:68:4d:0e:ca:5c:ae:8f:9f:55:bf:
e5:c3:43:02:cf:1b:aa:c0:4e:3c:bf:05:3c:16:43:
b8:3f:8b:18:e9:9d:96:57:17:70:80:ce:ef:1a:7a:
bb:23:85:52:87:eb:3b:01:c4:92:4c:96:01:58:34:
64:9a:5a:16:56:8d:e8:d4:4d:78:08:12:36:ee:5a:
61:ba:13:b0:b7:81:d7:a5:b7:9b:d0:d6:8a:50:08:
01:ed:89:28:d4:98:6b:95:39:fb:89:d3:33:e5:ff:
1c:22:69:dd:87:4d:b0:98:76:d4:c6:a0:9a:a8:aa:
fb:a8:55:e1:2d:5c:67:8a:7b:58:d3:a1:26:41:07:
00:7f:17:2d:eb:39:3c:96:33:2e:c3:3f:a2:06:60:
ca:72:f0:cc:87:c2:b6:ec:fa:0d:48:9f:c7:c2:22:
6d:31:ef:2f:14:0e:f2:a9:05:8f:de:72:84:53:00:
bc:8f:ae:8a:36:a7:a3:2c:22:65:71:01:83:ec:86:
8d:74:bb:5e:93:30:c2:90:a6:20:a4:18:9a:54:cf:
4b:c7:1f:d4:99:35:db:6d:8f:fd:f2:6a:6e:23:b2:
b8:c7:44:c7:07:32:45:17:e1:50:d0:8d:da:7d:c4:
e9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8E:B1:63:01:53:AA:92:31:21:EC:AB:B0:62:7F:60:C7:1A:BC:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SY6xYwFTqpIxIeyrsGJ_YMcavNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
194.87.36.0/24
195.58.54.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a3:6b:ff:24:68:58:9e:e0:a5:01:0a:22:e1:a5:3e:91:e3:
c1:5b:d3:5f:06:42:c9:01:f0:d9:ec:ff:42:ce:39:67:9d:00:
6b:e5:f4:75:ce:8d:31:0e:81:c3:c9:60:75:96:9b:a3:33:96:
a6:7a:d1:52:be:65:78:e4:8b:98:df:8f:f8:39:98:d7:05:af:
03:54:c4:2d:ce:a8:ff:9b:af:50:4d:1b:6a:50:45:38:e7:53:
b6:78:e6:ce:78:46:92:68:f8:be:f9:5e:aa:6f:09:da:2f:e9:
5a:44:d2:48:be:ba:2a:70:ac:21:76:c8:8b:72:a0:65:52:04:
75:3b:83:3e:b7:3f:ba:4b:6a:6c:19:f7:f8:b9:59:c9:38:ef:
5c:18:20:5c:5e:da:15:8e:05:56:ea:f2:90:34:a6:98:15:0d:
03:56:30:35:06:eb:8b:75:0c:17:1c:56:24:ad:d0:5c:85:65:
03:6f:59:fc:df:4e:9b:04:16:4a:34:17:e2:1f:c7:5a:7f:8d:
09:43:65:73:4d:78:e0:e4:5d:42:5d:cf:f3:17:3c:0f:db:7c:
5c:35:a0:d2:b1:68:b1:05:7e:1c:2e:27:cc:06:fb:7c:8a:37:
92:5b:6b:47:dc:0f:59:ae:48:81:4f:98:fc:de:2f:db:82:ad:
06:72:20:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYY1avo4l0pZjJ5YIssCgg0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA5MDkwNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OThlYjE2MzAxNTNhYTkyMzEyMWVjYWJiMDYyN2Y2MGM3MWFiY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK7LkXKTToNHiwC9yuY3PKGx9mhN
Dspcro+fVb/lw0MCzxuqwE48vwU8FkO4P4sY6Z2WVxdwgM7vGnq7I4VSh+s7AcSS
TJYBWDRkmloWVo3o1E14CBI27lphuhOwt4HXpbeb0NaKUAgB7Yko1JhrlTn7idMz
5f8cImndh02wmHbUxqCaqKr7qFXhLVxnintY06EmQQcAfxct6zk8ljMuwz+iBmDK
cvDMh8K27PoNSJ/HwiJtMe8vFA7yqQWP3nKEUwC8j66KNqejLCJlcQGD7IaNdLte
kzDCkKYgpBiaVM9Lxx/UmTXbbY/98mpuI7K4x0THBzJFF+FQ0I3afcTpGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEmOsWMBU6qSMSHsq7Bif2DHGrzZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1k2eFl3RlRxcEl4SWV5cnNHSl9ZTWNhdk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzoAwQA
PkzrAwQAwlckAwQAwzo2MA0GCSqGSIb3DQEBCwUAA4IBAQBXo2v/JGhYnuClAQoi
4aU+kePBW9NfBkLJAfDZ7P9CzjlnnQBr5fR1zo0xDoHDyWB1lpujM5ametFSvmV4
5IuY34/4OZjXBa8DVMQtzqj/m69QTRtqUEU451O2eObOeEaSaPi++V6qbwnaL+la
RNJIvroqcKwhdsiLcqBlUgR1O4M+tz+6S2psGff4uVnJOO9cGCBcXtoVjgVW6vKQ
NKaYFQ0DVjA1BuuLdQwXHFYkrdBchWUDb1n8306bBBZKNBfiH8daf40JQ2VzTXjg
5F1CXc/zFzwP23xcNaDSsWixBX4cLifMBvt8ijeSW2tH3A9ZrkiBT5j83i/bgq0G
ciAP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org