Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/XITAIftagNp-p7A3FC0-uX8LiT8.roa
File: XITAIftagNp-p7A3FC0-uX8LiT8.roa (raw, json)
Hash identifier: WZeUI6d1ZaD5M6aDqU2i4Nae8DaZf3uDZuV+i+t1BWQ=
Subject key identifier: 5C:84:C0:21:FB:5A:80:DA:7E:A7:B0:37:14:2D:3E:B9:7F:0B:89:3F
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0192707E35A2F9C398912CA3BBAACC8703BE
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/XITAIftagNp-p7A3FC0-uX8LiT8.roa
Signing time: Wed 09 Oct 2024 08:56:12 +0000
ROA not before: Wed 09 Oct 2024 08:56:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24
IP address blocks: 62.233.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:7e:35:a2:f9:c3:98:91:2c:a3:bb:aa:cc:87:03:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 9 08:56:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c84c021fb5a80da7ea7b037142d3eb97f0b893f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:68:6c:48:e3:79:53:45:b8:02:45:38:24:6d:
aa:62:13:bc:d5:52:87:ae:4a:07:cf:2a:a2:f5:a3:
51:fc:29:be:ea:af:69:c3:ea:ef:95:aa:fa:0c:1f:
9d:f5:67:7d:14:37:dd:b9:1c:23:f9:5e:33:d6:e6:
e7:95:41:fc:3f:cf:2c:0f:c2:c8:f0:1e:4d:ff:66:
af:68:60:a1:a1:84:14:c5:69:7a:ad:90:a8:4f:bb:
11:3d:08:4a:68:7d:23:56:1f:dd:f0:d2:52:2e:12:
c9:80:b7:03:8b:c5:f7:bf:52:3f:a0:d5:5b:4c:59:
4d:24:50:f0:63:a5:ec:75:65:ad:80:95:67:7d:4e:
bd:8f:57:1e:b6:ef:39:ad:a7:84:f6:47:08:96:f3:
bc:1e:da:70:de:b3:8e:d2:46:8c:c4:73:37:3d:b4:
79:03:1f:c3:01:61:2b:aa:08:cc:b8:83:7f:73:84:
d7:a8:e2:af:77:f4:a8:30:b4:cc:6c:11:c3:5b:99:
67:40:49:e9:6b:34:c2:95:f6:03:14:92:e4:73:f6:
e3:02:06:2b:7c:c0:9c:89:e2:6c:9d:5b:f8:c7:0c:
62:48:1f:2e:30:c1:59:00:0f:2a:f5:f4:65:6d:a8:
77:66:b0:9f:b9:c8:ed:ce:3d:0f:24:cd:50:21:e5:
fb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:84:C0:21:FB:5A:80:DA:7E:A7:B0:37:14:2D:3E:B9:7F:0B:89:3F
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/XITAIftagNp-p7A3FC0-uX8LiT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.59.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f3:81:51:a3:8d:0e:6b:df:df:48:a3:fb:3b:7e:dd:05:4b:
4e:23:2d:ec:9c:36:0e:e6:6a:07:18:2c:b8:df:b3:7e:0b:1a:
2e:c5:e7:51:98:2a:7b:a1:66:be:fa:1e:a7:09:35:33:98:c1:
c4:01:d6:ae:9a:fb:45:d8:b2:24:4a:58:7d:d5:0d:c3:06:30:
ad:a7:26:dd:d9:71:a7:02:3e:7d:22:60:f3:ee:7d:65:69:5d:
6a:6a:d2:c8:60:9b:a4:9c:2e:01:5c:0e:ba:db:b5:fc:e2:3c:
a8:53:9b:42:1a:b1:da:a9:34:e2:3c:35:fa:2c:b5:f0:d2:88:
83:76:90:83:6f:f3:0c:15:36:53:51:3a:34:46:8f:23:6d:21:
20:00:e4:68:53:01:72:b4:7a:c3:37:04:e2:e3:53:f5:7c:ff:
6f:3d:61:2f:76:9e:bb:7b:bc:7b:6e:b8:ff:21:de:db:33:7f:
3f:53:2b:d3:29:f3:ce:29:6e:e1:de:5c:36:90:72:4f:28:c9:
63:bc:35:b5:1d:da:4f:39:e4:e6:4e:a6:fb:fd:be:c4:9c:37:
ea:b4:20:bc:5b:c1:d1:50:1e:7d:bc:f9:59:1c:a4:ae:dd:6d:
a7:2f:9e:43:2f:13:1b:49:4b:7e:18:44:7f:98:56:59:10:1b:
98:6d:6e:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJwfjWi+cOYkSyju6rMhwO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQxMDA5MDg1NjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg0YzAyMWZiNWE4MGRhN2VhN2IwMzcxNDJkM2ViOTdmMGI4OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mhsSON5U0W4AkU4JG2qYhO81VKH
rkoHzyqi9aNR/Cm+6q9pw+rvlar6DB+d9Wd9FDfduRwj+V4z1ubnlUH8P88sD8LI
8B5N/2avaGChoYQUxWl6rZCoT7sRPQhKaH0jVh/d8NJSLhLJgLcDi8X3v1I/oNVb
TFlNJFDwY6XsdWWtgJVnfU69j1cetu85raeE9kcIlvO8Htpw3rOO0kaMxHM3PbR5
Ax/DAWErqgjMuIN/c4TXqOKvd/SoMLTMbBHDW5lnQEnpazTClfYDFJLkc/bjAgYr
fMCcieJsnVv4xwxiSB8uMMFZAA8q9fRlbah3ZrCfucjtzj0PJM1QIeX7zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyEwCH7WoDafqewNxQtPrl/C4k/MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvWElUQUlmdGFnTnAtcDdBM0ZDMC11WDhMaVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuk7MA0G
CSqGSIb3DQEBCwUAA4IBAQAg84FRo40Oa9/fSKP7O37dBUtOIy3snDYO5moHGCy4
37N+CxouxedRmCp7oWa++h6nCTUzmMHEAdaumvtF2LIkSlh91Q3DBjCtpybd2XGn
Aj59ImDz7n1laV1qatLIYJuknC4BXA6627X84jyoU5tCGrHaqTTiPDX6LLXw0oiD
dpCDb/MMFTZTUTo0Ro8jbSEgAORoUwFytHrDNwTi41P1fP9vPWEvdp67e7x7brj/
Id7bM38/UyvTKfPOKW7h3lw2kHJPKMljvDW1HdpPOeTmTqb7/b7EnDfqtCC8W8HR
UB59vPlZHKSu3W2nL55DLxMbSUt+GER/mFZZEBuYbW7U
-----END CERTIFICATE-----
Generated at Mon Oct 21 16:36:34 2024 by rpki-client on console-ams.rpki-client.org