Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/quPoXt9DlkjTPDa8XZ8L4O5of3k.roa
File: quPoXt9DlkjTPDa8XZ8L4O5of3k.roa (raw, json)
Hash identifier: IY5NTm+md2BlkQdWdM0i7Xdz+M/75P8iiv2NTF1yPgM=
Subject key identifier: AA:E3:E8:5E:DF:43:96:48:D3:3C:36:BC:5D:9F:0B:E0:EE:68:7F:79
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BDCCD9230A72B28933CF4A9AAA5590772
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/quPoXt9DlkjTPDa8XZ8L4O5of3k.roa
Signing time: Fri 17 Nov 2023 10:22:21 +0000
ROA not before: Fri 17 Nov 2023 10:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 62.76.224.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:cd:92:30:a7:2b:28:93:3c:f4:a9:aa:a5:59:07:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 17 10:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aae3e85edf439648d33c36bc5d9f0be0ee687f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:57:a8:cd:0b:ef:19:d0:4e:8e:d6:d1:74:
51:8f:22:af:7e:8c:18:0a:cb:fb:91:a2:5e:04:15:
b6:a3:25:af:df:35:92:4a:03:3b:62:1c:b3:3a:99:
4f:85:b6:8b:b4:b6:6d:2d:bb:e1:0e:52:f1:1b:11:
45:32:83:62:3c:7a:d3:23:53:1b:99:05:e6:e3:96:
59:c6:bc:80:a5:f8:1b:0b:40:f5:7f:e3:b7:56:0c:
2c:c8:4c:52:e1:11:fb:2b:64:6e:eb:4c:a9:d4:e2:
36:e5:e2:a0:de:1e:b2:13:b4:9f:02:9e:dd:03:69:
60:f0:09:c5:27:60:9a:e7:0e:24:b0:ba:70:d5:83:
4f:b7:4e:34:6e:31:78:03:25:2d:92:c0:d0:6a:36:
ff:52:53:78:c2:0e:fb:e3:80:37:a4:86:b4:16:3c:
6f:8b:83:89:9e:20:c5:cc:83:7a:35:e9:70:19:ce:
e6:02:0e:e7:ed:4e:05:2a:cd:83:f8:c0:44:c1:34:
00:6c:cd:b6:9c:ac:00:3e:f3:16:1c:8a:53:65:c9:
e0:0c:f4:10:08:f5:24:f9:6d:b2:19:84:81:2c:c9:
d9:0f:ed:dd:ab:6a:c4:e6:b6:ad:0b:82:c1:f2:4b:
ca:de:26:bb:78:b5:98:8d:7c:ee:55:6b:ad:fb:9a:
33:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E3:E8:5E:DF:43:96:48:D3:3C:36:BC:5D:9F:0B:E0:EE:68:7F:79
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/quPoXt9DlkjTPDa8XZ8L4O5of3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
Signature Algorithm: sha256WithRSAEncryption
90:31:dd:06:cf:b4:80:89:0f:9c:11:4c:f8:98:04:0c:97:10:
7d:dd:f4:d8:ad:92:8a:57:7a:19:c9:4e:78:96:21:b4:b4:88:
e5:23:8b:21:a4:b5:41:00:85:dd:85:07:de:e8:70:a5:9a:de:
49:ca:0b:e1:f3:37:4c:b2:53:be:bb:44:89:c6:81:97:5b:1c:
95:5b:87:64:37:c1:ca:24:31:6e:12:9b:17:40:6e:6e:b6:3b:
76:9b:71:37:af:21:c1:a9:3a:d0:7e:8c:7e:73:98:9c:c7:3b:
ea:89:16:be:fa:04:5f:0b:32:a2:52:56:2a:0e:86:b2:39:1e:
97:42:a8:1e:c9:12:d1:4b:b0:cd:26:dc:ed:34:c9:37:f8:e1:
63:a1:8d:d1:da:35:dd:1d:2d:4c:7c:01:f8:a0:67:32:4c:fb:
da:82:c7:5c:ff:d2:1c:c1:ac:65:07:6a:6e:7f:e4:fa:c7:2e:
83:40:5b:6b:94:37:2f:d5:61:11:42:4f:fa:d2:6f:d9:04:73:
54:81:45:d3:26:b8:98:10:fd:e4:db:8d:b6:2a:aa:c1:56:f4:
72:50:9f:6f:77:59:33:22:1d:d8:15:43:c0:4c:da:3b:65:ad:
c2:2e:f5:ec:57:79:44:a7:c1:41:9a:d4:e2:90:6e:cd:ea:1d:
93:08:2e:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvczZIwpysokzz0qaqlWQdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE3MTAyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWUzZTg1ZWRmNDM5NjQ4ZDMzYzM2YmM1ZDlmMGJlMGVlNjg3Zjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnJXqM0L7xnQTo7W0XRRjyKvfowY
Csv7kaJeBBW2oyWv3zWSSgM7YhyzOplPhbaLtLZtLbvhDlLxGxFFMoNiPHrTI1Mb
mQXm45ZZxryApfgbC0D1f+O3VgwsyExS4RH7K2Ru60yp1OI25eKg3h6yE7SfAp7d
A2lg8AnFJ2Ca5w4ksLpw1YNPt040bjF4AyUtksDQajb/UlN4wg7744A3pIa0Fjxv
i4OJniDFzIN6NelwGc7mAg7n7U4FKs2D+MBEwTQAbM22nKwAPvMWHIpTZcngDPQQ
CPUk+W2yGYSBLMnZD+3dq2rE5ratC4LB8kvK3ia7eLWYjXzuVWut+5oz9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrj6F7fQ5ZI0zw2vF2fC+DuaH95MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcXVQb1h0OURsa2pUUERhOFhaOEw0TzVvZjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzgMA0G
CSqGSIb3DQEBCwUAA4IBAQCQMd0Gz7SAiQ+cEUz4mAQMlxB93fTYrZKKV3oZyU54
liG0tIjlI4shpLVBAIXdhQfe6HClmt5Jygvh8zdMslO+u0SJxoGXWxyVW4dkN8HK
JDFuEpsXQG5utjt2m3E3ryHBqTrQfox+c5icxzvqiRa++gRfCzKiUlYqDoayOR6X
QqgeyRLRS7DNJtztNMk3+OFjoY3R2jXdHS1MfAH4oGcyTPvagsdc/9IcwaxlB2pu
f+T6xy6DQFtrlDcv1WERQk/60m/ZBHNUgUXTJriYEP3k2422KqrBVvRyUJ9vd1kz
Ih3YFUPATNo7Za3CLvXsV3lEp8FBmtTikG7N6h2TCC7n
-----END CERTIFICATE-----
Generated at Sat Dec 9 11:19:23 2023 by rpki-client on console-fra.rpki-client.org