Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/CiO8rz6OpJP8kXEDtL6_femYWdw.roa
File: CiO8rz6OpJP8kXEDtL6_femYWdw.roa (raw, json)
Hash identifier: xrGwN0Y9hlv70stNpeICmZNMBWdiRqCHB0a8cFQp9FI=
Subject key identifier: 0A:23:BC:AF:3E:8E:A4:93:FC:91:71:03:B4:BE:BF:7D:E9:98:59:DC
Certificate issuer: /CN=81b14fae44dfa0e3349167433c924c9645739861
Certificate serial: 018CC3B69E1D17112E5090F09BDA234474AB
Authority key identifier: 81:B1:4F:AE:44:DF:A0:E3:34:91:67:43:3C:92:4C:96:45:73:98:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gbFPrkTfoOM0kWdDPJJMlkVzmGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/CiO8rz6OpJP8kXEDtL6_femYWdw.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35297
IP address blocks: 62.68.74.0/24 maxlen: 24
2a12:c480::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 30 Sep 2024 07:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9e:1d:17:11:2e:50:90:f0:9b:da:23:44:74:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81b14fae44dfa0e3349167433c924c9645739861
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a23bcaf3e8ea493fc917103b4bebf7de99859dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2c:a0:c6:7f:70:7e:36:70:0a:6d:1b:4b:d1:
de:f5:8b:b4:f8:4e:39:c9:fb:a6:1c:9a:ca:4a:30:
bb:a3:c1:e3:40:3c:c8:9e:35:4a:d4:d9:db:bc:34:
b1:f7:28:f0:5b:be:a2:a0:5f:a3:46:62:5c:93:ce:
c9:85:52:92:8e:26:4d:81:d7:e8:b9:ae:92:de:aa:
66:71:ba:1a:d4:dc:a6:a0:9d:81:16:c0:bf:57:a3:
dd:f4:9d:60:18:bd:ca:b0:59:d8:fd:e5:83:5d:df:
31:5d:2f:64:4f:4e:84:f7:6d:fd:7b:45:fb:17:29:
a7:f1:c1:3f:4f:98:88:54:60:e3:14:bf:1f:83:4d:
03:79:38:7b:15:46:ba:c6:24:c6:56:20:6a:39:8c:
2a:a6:8f:01:76:96:97:e7:12:4b:ac:1d:27:49:28:
ea:a9:96:a7:ea:60:85:51:3c:1e:65:3d:f5:b4:a5:
4b:21:a8:75:0f:a5:b2:a1:07:f1:de:55:42:aa:d0:
c7:cf:00:b9:d8:54:2a:63:eb:c2:dd:57:f2:db:3b:
1a:48:eb:a0:ae:32:01:cf:88:32:49:cc:ac:4e:8d:
f1:56:a1:ab:cd:bd:ef:60:c6:18:ce:b5:94:8d:a8:
a5:f3:2e:0b:ae:8f:52:50:cf:12:8c:c9:76:67:3d:
8c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:23:BC:AF:3E:8E:A4:93:FC:91:71:03:B4:BE:BF:7D:E9:98:59:DC
X509v3 Authority Key Identifier:
keyid:81:B1:4F:AE:44:DF:A0:E3:34:91:67:43:3C:92:4C:96:45:73:98:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbFPrkTfoOM0kWdDPJJMlkVzmGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/CiO8rz6OpJP8kXEDtL6_femYWdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/gbFPrkTfoOM0kWdDPJJMlkVzmGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.74.0/24
IPv6:
2a12:c480::/29
Signature Algorithm: sha256WithRSAEncryption
89:d1:45:1e:1b:8f:58:d4:49:81:6a:31:46:8b:2e:e2:a7:53:
07:66:7e:83:d0:5b:df:aa:91:10:1e:4b:15:58:03:69:af:cd:
db:ec:d3:3f:73:3e:cb:da:af:74:c6:e7:c9:db:f8:e8:4a:08:
4a:da:66:6f:60:a3:ab:95:c3:f4:04:8e:30:c7:55:34:11:fd:
af:45:dc:82:e6:46:d3:40:b2:79:9a:97:10:a4:69:c5:a1:de:
36:d9:b6:0c:60:ec:3b:01:bc:7b:59:43:b7:20:c3:01:65:9c:
7b:60:ff:0e:0a:f8:75:83:ed:e1:f5:51:cd:ab:e4:3c:fe:8b:
e3:95:37:a9:76:db:78:b4:3b:fa:e4:60:8a:03:31:6f:bf:11:
45:19:16:2d:67:d0:46:c9:95:58:e4:d2:70:bf:6e:c6:38:1e:
17:ed:4a:de:a1:10:59:96:72:6d:3e:fd:b8:49:f9:6a:47:93:
e4:9c:14:ec:09:b4:d4:35:d8:ab:46:f5:e8:75:82:06:1f:3c:
a5:0f:d0:86:a7:75:7c:02:3d:50:69:c4:a2:51:5b:96:de:bb:
9a:90:26:95:8f:d8:ce:c5:53:03:e3:64:ea:0d:b0:07:39:a1:
00:7d:d8:5d:df:20:82:00:7a:08:1b:de:5b:4e:96:af:08:f4:
81:72:5a:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtp4dFxEuUJDwm9ojRHSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYjE0ZmFlNDRkZmEwZTMzNDkxNjc0MzNjOTI0Yzk2NDU3
Mzk4NjEwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIzYmNhZjNlOGVhNDkzZmM5MTcxMDNiNGJlYmY3ZGU5OTg1OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Sygxn9wfjZwCm0bS9He9Yu0+E45
yfumHJrKSjC7o8HjQDzInjVK1NnbvDSx9yjwW76ioF+jRmJck87JhVKSjiZNgdfo
ua6S3qpmcboa1NymoJ2BFsC/V6Pd9J1gGL3KsFnY/eWDXd8xXS9kT06E9239e0X7
Fymn8cE/T5iIVGDjFL8fg00DeTh7FUa6xiTGViBqOYwqpo8BdpaX5xJLrB0nSSjq
qZan6mCFUTweZT31tKVLIah1D6WyoQfx3lVCqtDHzwC52FQqY+vC3Vfy2zsaSOug
rjIBz4gyScysTo3xVqGrzb3vYMYYzrWUjail8y4Lro9SUM8SjMl2Zz2MzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAojvK8+jqST/JFxA7S+v33pmFncMB8GA1UdIwQY
MBaAFIGxT65E36DjNJFnQzySTJZFc5hhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2JGUHJrVGZvT00wa1dkRFBKSk1sa1Z6bUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81YjEzMTktYjk4Ny00Zjk0LWIzMjYt
NTc2OTAxOWZlZmI4LzEvQ2lPOHJ6Nk9wSlA4a1hFRHRMNl9mZW1ZV2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81YjEzMTktYjk4Ny00Zjk0LWIzMjYtNTc2OTAxOWZlZmI4
LzEvZ2JGUHJrVGZvT00wa1dkRFBKSk1sa1Z6bUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPkRKMA0E
AgACMAcDBQMqEsSAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ0UUeG49Y1EmBajFGiy7i
p1MHZn6D0FvfqpEQHksVWANpr83b7NM/cz7L2q90xufJ2/joSghK2mZvYKOrlcP0
BI4wx1U0Ef2vRdyC5kbTQLJ5mpcQpGnFod422bYMYOw7Abx7WUO3IMMBZZx7YP8O
Cvh1g+3h9VHNq+Q8/ovjlTepdtt4tDv65GCKAzFvvxFFGRYtZ9BGyZVY5NJwv27G
OB4X7UreoRBZlnJtPv24SflqR5PknBTsCbTUNdirRvXodYIGHzylD9CGp3V8Aj1Q
acSiUVuW3ruakCaVj9jOxVMD42TqDbAHOaEAfdhd3yCCAHoIG95bTpavCPSBcloM
-----END CERTIFICATE-----
Generated at Mon Sep 30 09:20:30 2024 by rpki-client on console-fra.rpki-client.org