Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2KmjXNohFWDzV47KlEB8iSMOofY.roa
File: 2KmjXNohFWDzV47KlEB8iSMOofY.roa (raw, json)
Hash identifier: OFGBVEXxI0i5dEIRhzM4hGcDJoq7oUesbc4FaJ+uqno=
Subject key identifier: D8:A9:A3:5C:DA:21:15:60:F3:57:8E:CA:94:40:7C:89:23:0E:A1:F6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019305E60711A246F592B00D722C26F71112
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2KmjXNohFWDzV47KlEB8iSMOofY.roa
Signing time: Thu 07 Nov 2024 09:13:01 +0000
ROA not before: Thu 07 Nov 2024 09:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 62.106.84.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 09:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:e6:07:11:a2:46:f5:92:b0:0d:72:2c:26:f7:11:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 7 09:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8a9a35cda211560f3578eca94407c89230ea1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c2:64:be:c0:c5:dd:28:62:06:62:ae:c0:16:
be:92:5a:ac:d4:e3:8e:11:7d:fe:ea:a2:a2:d0:22:
a5:ff:8f:03:9c:61:41:77:b5:37:dd:88:1c:3a:8b:
01:b4:27:a1:42:df:df:81:e9:e6:4f:71:6e:45:0f:
f4:32:c7:ad:de:e0:08:fc:e3:d3:c9:fb:cf:d0:5f:
2b:32:90:5a:bd:61:71:0d:4f:ee:e5:c9:69:f0:c0:
00:38:e5:be:e9:3c:30:00:f4:bc:a9:d5:5c:64:2e:
e1:99:01:7c:a2:95:d8:9e:70:20:8e:ac:88:03:d9:
86:58:0c:29:22:24:20:f3:07:ee:74:01:46:c6:03:
bc:65:1a:57:bd:8a:0d:78:78:d3:9f:5c:b0:80:ed:
fa:24:69:5f:52:d3:c5:0f:a3:08:72:b0:c3:e6:de:
b9:e6:5c:16:6a:09:ba:e3:87:51:e3:a2:f1:32:97:
02:66:48:90:67:3a:a5:d3:24:7a:e0:75:2a:05:f3:
99:3c:ee:ec:9b:9b:4b:c7:91:ef:f6:64:28:da:62:
8f:12:1d:cb:8d:c9:fd:70:2b:d0:45:15:5b:1f:db:
b1:a3:ea:a3:80:3b:ca:ab:bc:91:bd:4c:46:0f:02:
f2:d2:c1:f1:b7:27:37:cc:2d:11:11:9c:20:65:00:
a5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A9:A3:5C:DA:21:15:60:F3:57:8E:CA:94:40:7C:89:23:0E:A1:F6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2KmjXNohFWDzV47KlEB8iSMOofY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.84.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e8:d4:28:c5:b0:56:ca:f1:5d:72:04:21:6a:83:71:88:e9:
3c:46:2e:e8:1b:d8:d9:a5:7f:d9:78:75:ab:4b:0f:72:5b:4f:
60:dd:6e:46:ce:33:66:66:69:dc:9b:b8:af:50:47:eb:62:82:
7b:83:53:88:71:21:b3:cf:46:db:77:a7:c6:82:3e:97:68:f2:
14:46:70:e0:32:9b:da:22:0b:df:64:8b:12:73:87:5d:33:81:
6d:74:3d:c5:4f:f3:d1:88:3b:11:71:98:27:55:7f:43:12:8d:
43:33:30:8e:e8:f8:66:02:3b:1c:84:b9:ea:ab:f2:13:4a:3e:
59:57:04:bc:3f:d7:2d:dd:9c:ab:e0:b2:b6:d1:bc:18:c6:39:
84:0c:8d:25:a1:e5:bc:d4:4e:9b:e5:7f:94:fc:a7:95:5d:53:
5d:ce:ad:bb:f3:95:75:7c:80:d3:f8:92:bd:b3:59:af:72:ab:
5b:34:68:71:86:2f:f6:1c:28:a3:1e:85:cf:1b:46:4d:33:5d:
e8:ac:17:8a:a4:da:42:59:57:20:9b:7e:51:b3:5d:55:a3:c3:
a6:fd:dc:56:8f:3c:78:ec:17:df:57:eb:14:89:94:7e:70:e1:
59:7e:ab:7e:7b:61:c1:3b:e1:78:96:2d:04:7a:dd:30:d3:80:
f7:ea:ce:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMF5gcRokb1krANciwm9xESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMTA3MDkxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE5YTM1Y2RhMjExNTYwZjM1NzhlY2E5NDQwN2M4OTIzMGVhMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscJkvsDF3ShiBmKuwBa+klqs1OOO
EX3+6qKi0CKl/48DnGFBd7U33YgcOosBtCehQt/fgenmT3FuRQ/0Mset3uAI/OPT
yfvP0F8rMpBavWFxDU/u5clp8MAAOOW+6TwwAPS8qdVcZC7hmQF8opXYnnAgjqyI
A9mGWAwpIiQg8wfudAFGxgO8ZRpXvYoNeHjTn1ywgO36JGlfUtPFD6MIcrDD5t65
5lwWagm644dR46LxMpcCZkiQZzql0yR64HUqBfOZPO7sm5tLx5Hv9mQo2mKPEh3L
jcn9cCvQRRVbH9uxo+qjgDvKq7yRvUxGDwLy0sHxtyc3zC0REZwgZQClywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNipo1zaIRVg81eOypRAfIkjDqH2MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMkttalhOb2hGV0R6VjQ3S2xFQjhpU01Pb2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPmpUAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQCT6NQoxbBWyvFdcgQhaoNxiOk8Ri7oG9jZ
pX/ZeHWrSw9yW09g3W5GzjNmZmncm7ivUEfrYoJ7g1OIcSGzz0bbd6fGgj6XaPIU
RnDgMpvaIgvfZIsSc4ddM4FtdD3FT/PRiDsRcZgnVX9DEo1DMzCO6PhmAjschLnq
q/ITSj5ZVwS8P9ct3Zyr4LK20bwYxjmEDI0loeW81E6b5X+U/KeVXVNdzq2785V1
fIDT+JK9s1mvcqtbNGhxhi/2HCijHoXPG0ZNM13orBeKpNpCWVcgm35Rs11Vo8Om
/dxWjzx47BffV+sUiZR+cOFZfqt+e2HBO+F4li0Eet0w04D36s4c
-----END CERTIFICATE-----
Generated at Mon Nov 11 13:29:12 2024 by rpki-client on console-ams.rpki-client.org