Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/CLjjPvzyvmVafkXqOqkwHHCHzVo.roa
File: CLjjPvzyvmVafkXqOqkwHHCHzVo.roa (raw, json)
Hash identifier: Hm3Vrg6IM2Eujlyu+ni8qinMnoxCsbgQF/P1M/6HKvg=
Subject key identifier: 08:B8:E3:3E:FC:F2:BE:65:5A:7E:45:EA:3A:A9:30:1C:70:87:CD:5A
Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Certificate serial: 018A1859AF4A3E6EB9FFCB60121D1A5F7A17
Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/CLjjPvzyvmVafkXqOqkwHHCHzVo.roa
Signing time: Mon 21 Aug 2023 13:47:25 +0000
ROA not before: Mon 21 Aug 2023 13:47:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35600
IP address blocks: 62.220.150.0/24 maxlen: 24
2001:789::/32 maxlen: 32
2001:789::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:59:af:4a:3e:6e:b9:ff:cb:60:12:1d:1a:5f:7a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Validity
Not Before: Aug 21 13:47:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08b8e33efcf2be655a7e45ea3aa9301c7087cd5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7e:59:72:57:34:fc:bc:55:12:b4:ae:99:50:
ae:be:a0:e4:10:1a:b9:a4:24:5c:39:ac:28:e6:ef:
53:3f:67:e8:bb:6c:89:5c:db:1e:a2:16:37:65:e9:
df:04:af:2a:c9:ce:c3:95:60:29:9d:cd:54:15:ac:
7f:a8:3e:8b:fb:57:f7:a8:72:0e:e5:7e:26:2f:88:
63:02:9b:86:15:0b:87:ed:ee:a1:ba:41:4b:2a:d3:
4e:7c:a1:5e:a9:fe:47:5e:5c:21:87:57:ba:51:28:
27:a7:03:93:3a:0e:21:d4:49:c9:5c:05:8e:5f:5c:
82:66:1b:d7:fa:e7:12:15:03:92:75:7e:b4:60:f9:
c0:3d:2c:f7:8e:35:b1:5a:72:6a:a5:89:bc:d1:3f:
43:d1:9f:d9:f9:ce:25:bd:40:e2:8f:1c:1f:c1:fc:
6b:5c:c6:86:fe:76:3f:76:8a:d3:4f:78:66:65:24:
ea:58:f5:f0:84:61:96:d3:9e:ad:01:f1:09:8d:80:
ea:a3:8b:aa:1e:46:51:b1:5d:ac:1a:d0:24:57:c1:
dd:89:bb:cc:6d:01:df:96:f2:8a:da:79:67:75:51:
1a:e8:24:8d:51:86:08:07:f4:07:e5:99:5d:08:c0:
bf:9e:37:62:25:f9:eb:a3:85:85:65:7e:0c:79:35:
df:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B8:E3:3E:FC:F2:BE:65:5A:7E:45:EA:3A:A9:30:1C:70:87:CD:5A
X509v3 Authority Key Identifier:
keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/CLjjPvzyvmVafkXqOqkwHHCHzVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.150.0/24
IPv6:
2001:789::/32
Signature Algorithm: sha256WithRSAEncryption
73:99:e9:9f:aa:72:39:14:55:d3:f9:39:ce:18:2d:dd:0f:b7:
74:9c:e9:8a:e9:d5:f6:6b:24:48:9f:a5:ed:b2:59:86:b6:23:
36:35:57:ea:3b:9b:f1:40:c2:7f:00:14:e5:08:ae:0d:37:a3:
04:16:55:22:0a:12:42:ac:70:aa:60:b6:38:ec:4c:34:5c:b8:
8d:f1:fb:28:da:42:86:cf:32:2c:3c:be:0f:8a:57:0f:e1:f1:
a7:46:bb:61:b7:e4:61:f6:b9:49:69:0c:ac:ee:49:35:eb:c6:
9b:b0:f5:93:0f:3d:eb:b0:c7:52:92:41:2f:b9:e8:2c:4f:ca:
83:26:1c:4a:30:b9:96:a7:65:16:10:f4:58:97:58:e0:93:26:
66:1d:36:3a:0f:a4:1e:28:60:3f:61:2f:d0:dc:33:27:27:52:
63:74:e4:50:27:a0:6c:bd:2f:14:d4:a3:ca:3b:61:86:87:ed:
d6:5f:65:66:ea:8e:a9:8c:8e:dd:75:10:d7:c0:d8:16:f6:68:
50:f2:22:d1:51:38:93:96:d1:4c:38:00:0e:5c:53:0a:d3:9c:
e9:29:32:03:ba:32:42:c8:ca:37:fb:27:9d:02:dd:a9:8e:68:
93:82:7a:a8:02:1c:ed:7f:be:b6:70:99:3f:bb:11:a0:73:a0:
6d:bb:88:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoYWa9KPm65/8tgEh0aX3oXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZThjNzhmMTYxMzk3YWUxZGJkMGFjMzIyNTg0ZjYyZmI3
NDAwOTcwHhcNMjMwODIxMTM0NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGI4ZTMzZWZjZjJiZTY1NWE3ZTQ1ZWEzYWE5MzAxYzcwODdjZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn5Zclc0/LxVErSumVCuvqDkEBq5
pCRcOawo5u9TP2fou2yJXNseohY3ZenfBK8qyc7DlWApnc1UFax/qD6L+1f3qHIO
5X4mL4hjApuGFQuH7e6hukFLKtNOfKFeqf5HXlwhh1e6USgnpwOTOg4h1EnJXAWO
X1yCZhvX+ucSFQOSdX60YPnAPSz3jjWxWnJqpYm80T9D0Z/Z+c4lvUDijxwfwfxr
XMaG/nY/dorTT3hmZSTqWPXwhGGW056tAfEJjYDqo4uqHkZRsV2sGtAkV8HdibvM
bQHflvKK2nlndVEa6CSNUYYIB/QH5ZldCMC/njdiJfnro4WFZX4MeTXf6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAi44z788r5lWn5F6jqpMBxwh81aMB8GA1UdIwQY
MBaAFFrox48WE5euHb0KwyJYT2L7dACXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMt
NDdiY2QzOWMzZDg2LzEvQ0xqalB2enl2bVZhZmtYcU9xa3dISENIelZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMtNDdiY2QzOWMzZDg2
LzEvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPtyWMA0E
AgACMAcDBQAgAQeJMA0GCSqGSIb3DQEBCwUAA4IBAQBzmemfqnI5FFXT+TnOGC3d
D7d0nOmK6dX2ayRIn6XtslmGtiM2NVfqO5vxQMJ/ABTlCK4NN6MEFlUiChJCrHCq
YLY47Ew0XLiN8fso2kKGzzIsPL4PilcP4fGnRrtht+Rh9rlJaQys7kk168absPWT
Dz3rsMdSkkEvuegsT8qDJhxKMLmWp2UWEPRYl1jgkyZmHTY6D6QeKGA/YS/Q3DMn
J1JjdORQJ6BsvS8U1KPKO2GGh+3WX2Vm6o6pjI7ddRDXwNgW9mhQ8iLRUTiTltFM
OAAOXFMK05zpKTIDujJCyMo3+yedAt2pjmiTgnqoAhztf762cJk/uxGgc6Btu4ga
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:28 2024 by rpki-client on console-ams.rpki-client.org