Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/HhnAQp37pVQGXyhDLlrKpk5L2oA.roa
File: HhnAQp37pVQGXyhDLlrKpk5L2oA.roa (raw, json)
Hash identifier: IYA6j88fkwtWarbDCAJ5TwPI3EFGLvTMjc8tbxsZFEQ=
Subject key identifier: 1E:19:C0:42:9D:FB:A5:54:06:5F:28:43:2E:5A:CA:A6:4E:4B:DA:80
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0192AEF2221DDC6D0D50E36B03AA3D3D5950
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/HhnAQp37pVQGXyhDLlrKpk5L2oA.roa
Signing time: Mon 21 Oct 2024 11:59:16 +0000
ROA not before: Mon 21 Oct 2024 11:59:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 62.233.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 09:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:f2:22:1d:dc:6d:0d:50:e3:6b:03:aa:3d:3d:59:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 21 11:59:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e19c0429dfba554065f28432e5acaa64e4bda80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dc:c0:94:77:a5:6f:68:e9:51:ee:7b:4e:b3:
c9:4f:ed:d0:b7:0d:1f:a5:15:51:84:c7:d9:82:31:
57:90:73:63:ce:e2:39:b4:a5:51:51:1b:11:5d:77:
a3:f7:9b:07:41:78:0f:87:a1:e4:5f:8f:bc:36:7a:
6b:3d:7b:cc:dc:27:e8:ef:87:57:ca:e0:af:64:c5:
5c:43:46:41:6d:75:7c:bb:e8:b5:a6:ed:1e:2c:72:
d2:fe:e2:f7:89:ac:4f:9a:e0:53:55:09:70:8e:17:
7f:50:25:8c:50:d9:33:28:b1:ff:34:31:06:5d:04:
f5:50:20:53:66:92:b0:59:b4:1f:7c:18:ce:96:5f:
f1:6f:89:39:9b:93:3d:5b:40:5e:0c:c1:03:43:be:
21:73:f5:5c:ca:18:5e:92:00:fd:1a:50:fd:20:df:
52:e0:a5:a0:fb:87:aa:c8:a3:bf:3e:70:0d:ef:c0:
e2:c5:6e:29:64:27:9b:87:8c:00:39:e6:b7:ce:06:
f0:8b:99:9c:57:96:0a:2d:22:76:45:7b:47:65:9c:
88:28:f5:ae:09:fc:37:c2:2a:50:e9:8f:13:7f:62:
3c:ce:3b:3d:f7:8a:96:1d:6a:df:4e:ad:e0:cd:38:
14:69:65:b9:d2:41:82:cb:95:b1:fc:94:83:d8:43:
d4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:19:C0:42:9D:FB:A5:54:06:5F:28:43:2E:5A:CA:A6:4E:4B:DA:80
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/HhnAQp37pVQGXyhDLlrKpk5L2oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:21:f3:dc:46:af:c5:bb:0f:c4:16:f4:b8:db:c2:fa:cb:f4:
69:ac:65:2a:1b:dd:4e:06:ae:4a:73:e1:aa:dd:0f:ae:f4:20:
35:bf:ad:2e:5a:d7:9b:43:1d:e0:7d:79:91:6b:72:64:13:9c:
d6:08:32:b7:c1:9e:1c:e9:a0:ce:6c:60:a5:ba:92:6f:ea:31:
c4:07:6e:45:bc:fe:61:3a:43:3f:54:1f:66:13:a2:11:67:de:
b7:21:b9:5c:b0:7e:65:60:96:70:f0:5f:ba:75:e4:31:43:52:
9d:03:96:8b:b5:da:1c:a3:b2:74:04:3b:f1:b6:2d:17:64:dd:
94:5a:e2:ee:62:2a:5a:0d:98:df:85:54:42:40:3a:1a:60:1b:
64:e4:12:75:ea:7e:2f:19:23:11:d0:47:20:d8:43:b3:3c:2c:
8b:33:bb:a5:e4:06:30:f0:35:d5:c0:73:7a:ca:7b:98:24:14:
6b:40:5b:c1:8b:61:19:63:5c:a2:4a:a1:de:23:f8:36:50:68:
0f:ce:af:5a:2c:ce:50:8e:50:e8:06:9f:bc:b5:25:a8:b0:0a:
8b:54:53:d0:ab:10:39:bf:ec:19:cd:c6:92:16:00:9e:5a:e2:
37:28:00:d3:f4:7a:23:1d:0b:af:f8:ed:cf:40:ce:4f:b0:b7:
9f:6b:97:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKu8iId3G0NUONrA6o9PVlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQxMDIxMTE1OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE5YzA0MjlkZmJhNTU0MDY1ZjI4NDMyZTVhY2FhNjRlNGJkYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytzAlHelb2jpUe57TrPJT+3Qtw0f
pRVRhMfZgjFXkHNjzuI5tKVRURsRXXej95sHQXgPh6HkX4+8NnprPXvM3Cfo74dX
yuCvZMVcQ0ZBbXV8u+i1pu0eLHLS/uL3iaxPmuBTVQlwjhd/UCWMUNkzKLH/NDEG
XQT1UCBTZpKwWbQffBjOll/xb4k5m5M9W0BeDMEDQ74hc/VcyhhekgD9GlD9IN9S
4KWg+4eqyKO/PnAN78DixW4pZCebh4wAOea3zgbwi5mcV5YKLSJ2RXtHZZyIKPWu
Cfw3wipQ6Y8Tf2I8zjs994qWHWrfTq3gzTgUaWW50kGCy5Wx/JSD2EPUQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4ZwEKd+6VUBl8oQy5ayqZOS9qAMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvSGhuQVFwMzdwVlFHWHloRExscktwazVMMm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuk7MA0G
CSqGSIb3DQEBCwUAA4IBAQAKIfPcRq/Fuw/EFvS428L6y/RprGUqG91OBq5Kc+Gq
3Q+u9CA1v60uWtebQx3gfXmRa3JkE5zWCDK3wZ4c6aDObGClupJv6jHEB25FvP5h
OkM/VB9mE6IRZ963IblcsH5lYJZw8F+6deQxQ1KdA5aLtdoco7J0BDvxti0XZN2U
WuLuYipaDZjfhVRCQDoaYBtk5BJ16n4vGSMR0Ecg2EOzPCyLM7ul5AYw8DXVwHN6
ynuYJBRrQFvBi2EZY1yiSqHeI/g2UGgPzq9aLM5QjlDoBp+8tSWosAqLVFPQqxA5
v+wZzcaSFgCeWuI3KADT9HojHQuv+O3PQM5PsLefa5cb
-----END CERTIFICATE-----
Generated at Wed Oct 23 11:59:33 2024 by rpki-client on console-fra.rpki-client.org