Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/90Iok8Z1a-qTdPzW7IUyQOjU7HU.roa
File: 90Iok8Z1a-qTdPzW7IUyQOjU7HU.roa (raw, json)
Hash identifier: wNThB7w1hKHs0g7FKzJzM9AbUkCaLmOQjqyqcHqyeXI=
Subject key identifier: F7:42:28:93:C6:75:6B:EA:93:74:FC:D6:EC:85:32:40:E8:D4:EC:75
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 01856F42F6410AFD0CAA1FF4AE4270174DD8
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/90Iok8Z1a-qTdPzW7IUyQOjU7HU.roa
Signing time: Sun 01 Jan 2023 21:35:37 +0000
ROA not before: Sun 01 Jan 2023 21:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49915
IP address blocks: 62.69.150.0/24 maxlen: 24
62.69.148.0/23 maxlen: 24
91.216.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f6:41:0a:fd:0c:aa:1f:f4:ae:42:70:17:4d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 21:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7422893c6756bea9374fcd6ec853240e8d4ec75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:20:99:aa:f3:b4:0b:a5:f8:47:1e:81:2d:
ec:38:2d:c4:40:a8:fd:30:50:7e:00:4c:0e:03:fd:
e8:01:d5:26:51:62:70:44:2b:7a:29:a3:63:6b:c6:
fb:85:e9:28:7d:7b:aa:59:4b:99:74:9a:e5:df:c5:
b8:be:e0:a2:ac:4a:32:3b:7e:07:9f:d0:df:09:3a:
94:84:f8:e5:d4:9f:79:a1:e6:f3:48:86:cb:1f:a5:
d3:f7:1e:4a:54:fb:ef:38:75:a3:4d:37:6d:7c:18:
83:b4:18:2a:40:af:19:5f:8d:17:05:d7:59:30:ca:
3c:95:43:28:f1:f8:df:29:37:12:f5:f2:79:79:54:
6e:9e:8d:de:39:e1:6e:c2:66:f0:b8:99:ff:16:f1:
75:ae:8e:ad:5c:c0:8d:c1:1c:5d:fd:39:ed:23:44:
37:c2:9f:81:6c:c5:6f:72:7f:cc:dd:94:e7:d9:06:
a4:74:cf:07:96:b6:b3:52:07:7a:61:40:14:f6:88:
6e:80:0a:09:c7:75:a6:84:cb:8c:f4:1f:21:1c:52:
56:18:74:87:0f:5c:ec:10:04:8b:16:f6:7f:89:8b:
13:14:a2:d7:ba:7b:e6:61:69:0c:3b:ae:66:7e:4f:
69:88:38:a7:1d:c1:46:a9:01:6a:3f:49:68:2b:7c:
67:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:42:28:93:C6:75:6B:EA:93:74:FC:D6:EC:85:32:40:E8:D4:EC:75
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/90Iok8Z1a-qTdPzW7IUyQOjU7HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.148.0-62.69.150.255
91.216.158.0/24
Signature Algorithm: sha256WithRSAEncryption
17:53:57:1c:f9:8d:ee:e0:aa:65:7f:60:0c:1a:a3:c0:93:c9:
a9:ca:36:7d:f1:33:c4:76:6d:ba:5d:d3:99:3e:cc:f7:2e:89:
6a:58:fb:3b:ff:78:63:cd:eb:65:0e:29:76:f3:45:19:7d:f6:
b3:05:9d:1e:85:22:5c:eb:e4:a5:c4:27:28:1b:ec:77:0e:68:
79:cf:7f:87:8d:cb:e0:9f:5f:f1:b4:53:1c:e4:3c:bd:44:c5:
56:ae:23:7e:01:58:07:c1:74:bd:9e:44:61:b0:36:62:c1:a9:
d8:bb:29:95:63:38:31:6b:15:88:54:18:83:c6:ee:b8:05:a0:
78:4d:37:66:c4:43:71:f7:47:7a:73:49:ac:13:17:61:ba:72:
da:b5:90:e4:e0:5c:4a:e3:9c:5f:a0:7e:c8:ca:1f:87:e3:b0:
2e:6b:22:65:4f:0a:10:9e:4a:56:9b:2c:2a:a8:89:74:9c:db:
05:5e:9a:ef:cf:67:50:ff:55:a6:d4:d9:e2:50:b2:0c:b4:c6:
be:08:e8:7f:58:61:6e:a9:4d:88:4e:6f:d9:16:d6:de:63:4f:
15:b2:88:ff:e5:5e:35:51:af:de:77:89:e9:71:12:11:25:23:
ae:7f:bd:57:8b:0e:37:f9:fe:60:b3:d1:6c:72:0f:7e:5e:8e:
7e:d6:d8:af
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvQvZBCv0Mqh/0rkJwF03YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjE1MjFhNzEyNzE1N2Y3ZGFmMGFkMDkxMzk0YWQ1YTFj
Y2U3NzkwHhcNMjMwMTAxMjEzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQyMjg5M2M2NzU2YmVhOTM3NGZjZDZlYzg1MzI0MGU4ZDRlYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtecgmarztAul+EcegS3sOC3EQKj9
MFB+AEwOA/3oAdUmUWJwRCt6KaNja8b7hekofXuqWUuZdJrl38W4vuCirEoyO34H
n9DfCTqUhPjl1J95oebzSIbLH6XT9x5KVPvvOHWjTTdtfBiDtBgqQK8ZX40XBddZ
MMo8lUMo8fjfKTcS9fJ5eVRuno3eOeFuwmbwuJn/FvF1ro6tXMCNwRxd/TntI0Q3
wp+BbMVvcn/M3ZTn2QakdM8HlrazUgd6YUAU9ohugAoJx3WmhMuM9B8hHFJWGHSH
D1zsEASLFvZ/iYsTFKLXunvmYWkMO65mfk9piDinHcFGqQFqP0loK3xnOwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPdCKJPGdWvqk3T81uyFMkDo1Ox1MB8GA1UdIwQY
MBaAFA8hUhpxJxV/fa8K0JE5StWhzOd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQt
ZmFkNWZkNzk3MGJhLzEvOTBJb2s4WjFhLXFUZFB6VzdJVXlRT2pVN0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQtZmFkNWZkNzk3MGJh
LzEvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAI+RZQD
BAA+RZYDBABb2J4wDQYJKoZIhvcNAQELBQADggEBABdTVxz5je7gqmV/YAwao8CT
yanKNn3xM8R2bbpd05k+zPcuiWpY+zv/eGPN62UOKXbzRRl99rMFnR6FIlzr5KXE
Jygb7HcOaHnPf4eNy+CfX/G0UxzkPL1ExVauI34BWAfBdL2eRGGwNmLBqdi7KZVj
ODFrFYhUGIPG7rgFoHhNN2bEQ3H3R3pzSawTF2G6ctq1kOTgXErjnF+gfsjKH4fj
sC5rImVPChCeSlabLCqoiXSc2wVemu/PZ1D/VabU2eJQsgy0xr4I6H9YYW6pTYhO
b9kW1t5jTxWyiP/lXjVRr953ielxEhElI65/vVeLDjf5/mCz0WxyD35ejn7W2K8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:11 2024 by rpki-client on console-fra.rpki-client.org