Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/HIuD97uQOmxyCat6Sq8a1aqugSc.roa
File: HIuD97uQOmxyCat6Sq8a1aqugSc.roa (raw, json)
Hash identifier: 5M/+SxoDgwZfoL6PN6x6oFkAfUM3c4XoeO+pUPHXQ5o=
Subject key identifier: 1C:8B:83:F7:BB:90:3A:6C:72:09:AB:7A:4A:AF:1A:D5:AA:AE:81:27
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018CC8DF7A4578B48D80F0B5F7DB9B0FD0F6
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/HIuD97uQOmxyCat6Sq8a1aqugSc.roa
Signing time: Tue 02 Jan 2024 06:32:18 +0000
ROA not before: Tue 02 Jan 2024 06:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216468
IP address blocks: 62.108.104.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7a:45:78:b4:8d:80:f0:b5:f7:db:9b:0f:d0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jan 2 06:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c8b83f7bb903a6c7209ab7a4aaf1ad5aaae8127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8f:e0:56:e0:25:74:6b:82:af:92:cf:a1:97:
73:cc:a6:25:80:34:28:dc:08:0b:09:8b:ff:3b:ea:
5b:e6:b7:95:7b:b1:ca:5f:8d:a1:0f:4e:ed:a6:09:
b2:91:d6:2d:21:91:3c:04:f4:b1:3f:a7:8b:56:31:
09:59:d0:1e:83:0c:de:67:6e:f4:42:c1:af:bf:f9:
cc:ee:66:99:5a:a6:fc:91:1f:fa:fd:c5:64:5a:b9:
89:eb:cf:bb:a7:f8:25:97:7c:97:1f:39:da:0d:99:
27:47:89:1d:2f:77:17:10:59:1d:97:a3:38:b5:06:
53:e8:10:2e:5a:ea:c5:ab:f9:55:43:37:34:41:57:
ef:38:d1:ca:46:58:cd:f0:3e:3c:3a:ff:e5:14:38:
18:99:1e:9c:36:3b:be:c0:87:96:86:48:22:fe:8a:
14:a7:9c:42:44:37:fd:ff:b5:36:b5:cb:54:2b:6b:
89:31:5f:49:8a:2e:a7:16:14:b8:78:64:71:ff:49:
ed:8d:93:b6:47:b0:fc:3b:5b:e7:d7:53:0a:e6:bf:
ce:e4:e9:6f:5a:29:d3:18:67:2a:e5:8b:53:d7:f3:
3e:9f:80:d6:98:d2:85:05:fe:c9:9e:de:1c:e6:de:
1b:1e:2b:ff:f6:a3:67:87:9e:7f:ce:0e:90:ab:85:
95:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8B:83:F7:BB:90:3A:6C:72:09:AB:7A:4A:AF:1A:D5:AA:AE:81:27
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/HIuD97uQOmxyCat6Sq8a1aqugSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.104.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:7a:45:db:d0:f1:d0:19:24:d5:aa:dc:79:e0:59:f6:a3:a2:
fb:46:fe:a1:72:09:fe:14:c9:2c:98:6a:07:23:8c:d0:ae:0f:
45:61:04:a5:d4:b7:b7:67:03:eb:31:a6:84:0f:34:58:03:37:
ed:fd:29:d0:9d:9c:88:26:d0:d1:b3:6d:fc:7d:23:44:02:44:
c1:60:70:26:b2:62:6d:c6:d2:cd:27:86:43:97:1a:67:5b:c2:
6b:51:cb:f9:ef:41:ad:77:5c:d7:03:39:96:09:d5:43:23:5a:
e0:e0:d0:c5:87:7d:20:17:99:08:eb:8d:b2:75:0c:ee:cd:ec:
59:b0:94:3f:f0:36:f7:19:69:83:f5:51:60:a3:60:37:1f:ff:
b8:37:e4:ae:83:55:7b:5a:76:df:72:0b:db:51:f8:b6:67:6a:
23:78:59:ef:c4:40:03:aa:6f:b9:c2:a1:8a:93:25:c4:1c:09:
05:1f:97:9a:6a:59:a5:33:b2:a3:31:bb:58:1b:35:8c:de:80:
57:ec:12:8e:16:af:fa:3d:88:0c:94:9f:0e:90:02:41:82:2a:
9b:51:82:90:90:d6:d6:ee:7b:7f:aa:b4:cb:66:4d:8e:e7:70:
e4:2f:0b:a3:b3:79:21:c1:4f:68:ee:f4:cc:58:fc:6b:d0:77:
b8:63:f9:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI33pFeLSNgPC199ubD9D2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjQwMTAyMDYzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhiODNmN2JiOTAzYTZjNzIwOWFiN2E0YWFmMWFkNWFhYWU4MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo/gVuAldGuCr5LPoZdzzKYlgDQo
3AgLCYv/O+pb5reVe7HKX42hD07tpgmykdYtIZE8BPSxP6eLVjEJWdAegwzeZ270
QsGvv/nM7maZWqb8kR/6/cVkWrmJ68+7p/gll3yXHznaDZknR4kdL3cXEFkdl6M4
tQZT6BAuWurFq/lVQzc0QVfvONHKRljN8D48Ov/lFDgYmR6cNju+wIeWhkgi/ooU
p5xCRDf9/7U2tctUK2uJMV9Jii6nFhS4eGRx/0ntjZO2R7D8O1vn11MK5r/O5Olv
WinTGGcq5YtT1/M+n4DWmNKFBf7Jnt4c5t4bHiv/9qNnh55/zg6Qq4WVPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByLg/e7kDpscgmrekqvGtWqroEnMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvSEl1RDk3dVFPbXh5Q2F0NlNxOGExYXF1Z1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPmxoMA0G
CSqGSIb3DQEBCwUAA4IBAQAbekXb0PHQGSTVqtx54Fn2o6L7Rv6hcgn+FMksmGoH
I4zQrg9FYQSl1Le3ZwPrMaaEDzRYAzft/SnQnZyIJtDRs238fSNEAkTBYHAmsmJt
xtLNJ4ZDlxpnW8JrUcv570Gtd1zXAzmWCdVDI1rg4NDFh30gF5kI642ydQzuzexZ
sJQ/8Db3GWmD9VFgo2A3H/+4N+Sug1V7WnbfcgvbUfi2Z2ojeFnvxEADqm+5wqGK
kyXEHAkFH5eaalmlM7KjMbtYGzWM3oBX7BKOFq/6PYgMlJ8OkAJBgiqbUYKQkNbW
7nt/qrTLZk2O53DkLwujs3khwU9o7vTMWPxr0He4Y/ks
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:46 2025 by rpki-client