Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/_QZIFVv4a6iCa321-101DQTpfAI.roa
File: _QZIFVv4a6iCa321-101DQTpfAI.roa (raw, json)
Hash identifier: TG4gH0snXMi8LROtX8uEXA4YTnwIdSIJSL7iakyVPUI=
Subject key identifier: FD:06:48:15:5B:F8:6B:A8:82:6B:7D:B5:FB:5D:35:0D:04:E9:7C:02
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018F1E539E0E334817354C2944A0228F390E
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/_QZIFVv4a6iCa321-101DQTpfAI.roa
Signing time: Sat 27 Apr 2024 06:52:27 +0000
ROA not before: Sat 27 Apr 2024 06:52:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 62.133.60.0/24 maxlen: 24
62.133.61.0/24 maxlen: 24
62.133.62.0/24 maxlen: 24
62.133.63.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Aug 2024 14:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1e:53:9e:0e:33:48:17:35:4c:29:44:a0:22:8f:39:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 27 06:52:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd0648155bf86ba8826b7db5fb5d350d04e97c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4e:d5:2b:99:f0:a5:f9:d9:63:96:92:f3:14:
f5:54:db:5a:ab:67:8f:d4:d6:e9:20:9d:42:c4:be:
ef:3a:15:e3:ad:3c:aa:a0:4b:db:8c:13:39:e8:89:
44:19:e0:1d:5c:34:d9:ae:c7:52:bd:db:b6:b3:02:
d8:2e:b0:79:a4:86:da:18:01:fb:a6:b9:47:65:d5:
ba:87:e7:01:7c:e3:47:1f:3c:4c:7e:29:d4:c8:91:
95:41:95:17:9f:c6:b9:b2:72:0c:53:6b:51:4f:a7:
31:31:1a:ca:94:6b:74:fd:d3:41:92:8d:42:9b:ef:
23:b2:80:75:c7:ae:bd:b0:c9:71:33:3f:b6:0a:11:
a4:8a:d9:6e:9b:a0:ef:27:fe:40:2b:90:91:19:01:
b3:c6:3d:8e:ef:4d:96:b0:e2:5e:2e:f3:90:25:96:
d3:90:05:33:26:0f:b2:87:07:3b:c4:83:49:da:98:
12:12:02:d9:0b:57:7a:4f:f9:7a:29:39:b5:c0:b9:
a1:de:9d:63:0f:09:a4:fa:4f:8e:fa:e2:93:51:48:
de:3a:d1:0b:87:80:85:6c:7e:0e:38:1d:19:b8:cf:
c4:bb:f8:e5:e2:fb:36:2a:e7:2d:4f:a4:f8:34:9e:
b9:ee:ba:18:43:04:e0:42:84:c1:70:d0:52:f4:58:
cf:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:06:48:15:5B:F8:6B:A8:82:6B:7D:B5:FB:5D:35:0D:04:E9:7C:02
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/_QZIFVv4a6iCa321-101DQTpfAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.60.0/22
194.156.102.0/24
Signature Algorithm: sha256WithRSAEncryption
90:44:f3:67:bf:4d:30:6b:e3:fe:90:ce:a0:6f:16:29:6e:47:
3d:0a:6a:12:8e:62:2c:12:91:38:14:19:4b:d7:78:0d:70:bb:
72:3a:64:ec:0a:f0:25:5c:a2:95:40:41:82:3a:19:9b:01:90:
bb:b4:2b:bb:0c:59:be:59:5e:e2:fa:93:0a:49:bc:0a:93:5e:
77:c7:dc:6e:a0:4a:0d:6f:fa:29:ee:ff:e5:36:a3:75:da:fe:
8e:91:75:58:50:40:a1:27:08:09:cd:3e:57:f5:76:fa:40:20:
b7:84:51:75:74:e3:39:5c:cf:7c:72:61:52:1d:63:0f:54:cd:
86:b9:d9:79:1f:49:91:d0:bc:f0:17:c1:89:cf:21:43:07:37:
77:76:71:e7:17:54:a1:f3:69:15:6f:67:b4:fa:84:9c:3f:6a:
0f:aa:42:d5:99:a0:51:55:48:60:84:eb:2b:a1:96:c6:43:39:
fc:07:3f:93:2b:b7:ee:5c:78:35:74:db:6b:4b:58:a5:f8:78:
cb:0e:11:a9:5e:4f:aa:54:8c:65:50:f4:4a:45:1d:b0:ab:d3:
02:37:d0:64:81:76:d9:f6:33:a2:9c:fe:21:8e:03:d4:56:e5:
5c:b7:c2:9c:5e:6b:c9:17:eb:c3:42:71:7e:77:03:60:ee:d0:
e4:24:b0:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8eU54OM0gXNUwpRKAijzkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwNDI3MDY1MjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA2NDgxNTViZjg2YmE4ODI2YjdkYjVmYjVkMzUwZDA0ZTk3YzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE7VK5nwpfnZY5aS8xT1VNtaq2eP
1NbpIJ1CxL7vOhXjrTyqoEvbjBM56IlEGeAdXDTZrsdSvdu2swLYLrB5pIbaGAH7
prlHZdW6h+cBfONHHzxMfinUyJGVQZUXn8a5snIMU2tRT6cxMRrKlGt0/dNBko1C
m+8jsoB1x669sMlxMz+2ChGkitlum6DvJ/5AK5CRGQGzxj2O702WsOJeLvOQJZbT
kAUzJg+yhwc7xINJ2pgSEgLZC1d6T/l6KTm1wLmh3p1jDwmk+k+O+uKTUUjeOtEL
h4CFbH4OOB0ZuM/Eu/jl4vs2KuctT6T4NJ657roYQwTgQoTBcNBS9FjPnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP0GSBVb+Guogmt9tftdNQ0E6XwCMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvX1FaSUZWdjRhNmlDYTMyMS0xMDFEUVRwZkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPoU8AwQA
wpxmMA0GCSqGSIb3DQEBCwUAA4IBAQCQRPNnv00wa+P+kM6gbxYpbkc9CmoSjmIs
EpE4FBlL13gNcLtyOmTsCvAlXKKVQEGCOhmbAZC7tCu7DFm+WV7i+pMKSbwKk153
x9xuoEoNb/op7v/lNqN12v6OkXVYUEChJwgJzT5X9Xb6QCC3hFF1dOM5XM98cmFS
HWMPVM2Gudl5H0mR0LzwF8GJzyFDBzd3dnHnF1Sh82kVb2e0+oScP2oPqkLVmaBR
VUhghOsroZbGQzn8Bz+TK7fuXHg1dNtrS1il+HjLDhGpXk+qVIxlUPRKRR2wq9MC
N9BkgXbZ9jOinP4hjgPUVuVct8KcXmvJF+vDQnF+dwNg7tDkJLAt
-----END CERTIFICATE-----
Generated at Fri Aug 23 17:38:59 2024 by rpki-client on console-fra.rpki-client.org