Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qo0CCST5z2s34I3JqoNLAFnBT5M.roa
File: qo0CCST5z2s34I3JqoNLAFnBT5M.roa (raw, json)
Hash identifier: JHlN0QbRniZlR5dWvHy9YZEeHKFq+hYycJmnEd3lock=
Subject key identifier: AA:8D:02:09:24:F9:CF:6B:37:E0:8D:C9:AA:83:4B:00:59:C1:4F:93
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C3196E4940C32A3ADD0BC9079C1CFEBD2
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qo0CCST5z2s34I3JqoNLAFnBT5M.roa
Signing time: Sun 03 Dec 2023 21:30:21 +0000
ROA not before: Sun 03 Dec 2023 21:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.106.84.0/24 maxlen: 24
91.200.220.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Dec 2023 06:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:31:96:e4:94:0c:32:a3:ad:d0:bc:90:79:c1:cf:eb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 3 21:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa8d020924f9cf6b37e08dc9aa834b0059c14f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3e:73:b1:80:d4:32:d2:e1:1f:2a:58:81:62:
7b:c7:b0:00:70:56:d1:84:28:e6:a5:8d:c6:53:b5:
a0:ec:dd:7f:c7:48:95:d2:ef:e2:74:4b:56:fd:45:
87:36:68:09:d3:c5:2d:48:0c:f2:e0:4f:43:7c:04:
18:d9:44:f6:ad:45:61:f8:09:a3:16:41:d0:51:2f:
38:d1:5d:fb:26:c8:b2:3d:86:b7:28:0d:1c:cc:5b:
a6:62:3c:44:31:be:11:44:57:42:ab:80:0a:50:d7:
3b:8f:f4:72:87:b5:e0:d2:9c:1b:22:3a:df:90:ca:
cf:b1:92:41:c5:fa:62:56:5f:79:5f:b7:02:06:a0:
de:15:77:8d:d8:40:82:5e:a1:14:28:97:08:6a:7b:
4f:3b:ba:1c:16:2d:b3:be:b3:da:b8:76:99:ae:42:
ee:27:20:a8:1f:49:82:23:d7:40:d3:08:95:08:58:
c2:aa:b0:cf:e5:58:12:e9:c5:c3:fc:17:d3:65:d0:
da:d3:24:e8:80:31:65:13:ba:ec:f3:8b:cd:06:52:
ed:73:33:3c:89:db:58:23:dd:cf:87:b7:ee:91:1e:
06:54:dc:5d:9b:90:3c:f6:49:9b:67:08:85:5f:9b:
76:ae:5c:83:61:23:df:b3:7a:8b:0b:4d:b0:98:b0:
a5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8D:02:09:24:F9:CF:6B:37:E0:8D:C9:AA:83:4B:00:59:C1:4F:93
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qo0CCST5z2s34I3JqoNLAFnBT5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.84.0/24
91.200.220.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
46:2d:f5:e8:02:0d:ea:1f:50:f9:ac:a8:83:82:21:8f:e6:b6:
cb:6d:73:35:b3:7a:a3:46:23:5d:f2:58:67:4d:e3:8d:ce:92:
e2:c2:10:3e:f3:6e:80:03:54:6f:3a:f8:2d:7d:eb:09:3e:8a:
c1:39:9c:08:d1:0c:6a:14:95:de:02:6c:5c:a3:52:1b:8d:d6:
a8:67:cd:f9:5c:da:0b:74:46:aa:0b:11:74:0e:58:b9:4a:88:
40:11:20:11:2c:00:0d:0d:b3:43:dd:33:49:c3:83:4c:01:33:
59:9a:61:1a:4b:cf:2f:6f:2d:0f:9b:cc:a9:ad:e3:cb:85:2d:
cc:b8:89:f0:ff:b4:67:97:8b:15:2c:b1:fc:39:f9:33:09:45:
39:af:1c:49:00:a8:e1:a0:78:20:20:1c:6d:f7:d4:70:7b:45:
6c:41:ed:0f:30:a5:0e:e6:25:bc:d8:83:2f:ca:ad:cb:51:88:
89:6e:13:3c:36:54:0e:74:ca:e1:83:42:65:2e:87:72:71:60:
cc:02:03:85:9e:e8:44:f8:55:fa:1d:ec:b9:7d:b5:47:90:e4:
32:a1:21:43:88:99:d3:be:6f:8a:0b:66:28:fd:bf:b7:eb:6f:
04:4f:d8:2b:85:41:1a:d4:82:ec:5d:e3:3a:aa:04:7e:2b:3c:
9a:ea:85:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwxluSUDDKjrdC8kHnBz+vSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjAzMjEzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThkMDIwOTI0ZjljZjZiMzdlMDhkYzlhYTgzNGIwMDU5YzE0ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj5zsYDUMtLhHypYgWJ7x7AAcFbR
hCjmpY3GU7Wg7N1/x0iV0u/idEtW/UWHNmgJ08UtSAzy4E9DfAQY2UT2rUVh+Amj
FkHQUS840V37JsiyPYa3KA0czFumYjxEMb4RRFdCq4AKUNc7j/Ryh7Xg0pwbIjrf
kMrPsZJBxfpiVl95X7cCBqDeFXeN2ECCXqEUKJcIantPO7ocFi2zvrPauHaZrkLu
JyCoH0mCI9dA0wiVCFjCqrDP5VgS6cXD/BfTZdDa0yTogDFlE7rs84vNBlLtczM8
idtYI93Ph7fukR4GVNxdm5A89kmbZwiFX5t2rlyDYSPfs3qLC02wmLClWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKqNAgkk+c9rN+CNyaqDSwBZwU+TMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcW8wQ0NTVDV6MnMzNEkzSnFvTkxBRm5CVDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPmpUAwQA
W8jcAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBGLfXoAg3qH1D5rKiDgiGP5rbL
bXM1s3qjRiNd8lhnTeONzpLiwhA+826AA1RvOvgtfesJPorBOZwI0QxqFJXeAmxc
o1IbjdaoZ835XNoLdEaqCxF0Dli5SohAESARLAANDbND3TNJw4NMATNZmmEaS88v
by0Pm8yprePLhS3MuInw/7Rnl4sVLLH8OfkzCUU5rxxJAKjhoHggIBxt99Rwe0Vs
Qe0PMKUO5iW82IMvyq3LUYiJbhM8NlQOdMrhg0JlLodycWDMAgOFnuhE+FX6Hey5
fbVHkOQyoSFDiJnTvm+KC2Yo/b+3628ET9grhUEa1ILsXeM6qgR+Kzya6oW0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org