Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/rXR75dkuAgiAouZbHzs4XWz4w_c.roa
File: rXR75dkuAgiAouZbHzs4XWz4w_c.roa (raw, json)
Hash identifier: w09/o36tfjNQL9PRbAA0NKc4pFqtFgrZsHhpes4Ca+8=
Subject key identifier: AD:74:7B:E5:D9:2E:02:08:80:A2:E6:5B:1F:3B:38:5D:6C:F8:C3:F7
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018CC8DF2EFE87481F08A7065E26E6F2ADBF
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/rXR75dkuAgiAouZbHzs4XWz4w_c.roa
Signing time: Tue 02 Jan 2024 06:31:58 +0000
ROA not before: Tue 02 Jan 2024 06:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 147.234.89.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
62.90.135.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 09:20:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:2e:fe:87:48:1f:08:a7:06:5e:26:e6:f2:ad:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 06:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad747be5d92e020880a2e65b1f3b385d6cf8c3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:8d:88:27:11:6f:d3:7c:ac:f7:1f:5e:88:
e0:82:54:49:69:5f:0e:ff:cd:9d:3c:04:91:0b:6e:
73:1e:a6:9f:d4:5c:d8:98:2d:21:1c:ff:06:a7:a6:
16:70:42:94:f7:46:d0:c4:a3:16:20:20:17:0b:22:
a2:cc:46:88:17:10:fa:86:b3:77:f6:9d:e6:04:1d:
81:ec:3e:9f:db:37:3d:85:0c:2c:fb:86:4f:58:cf:
7d:3b:23:39:43:1f:dd:52:97:13:0c:83:6a:37:9d:
37:cc:b2:63:c3:09:0b:fe:2f:2b:01:8d:d5:80:1a:
9b:43:2c:de:ee:17:47:56:c8:11:20:8c:16:1e:69:
79:16:d8:b8:31:4d:a9:77:43:cd:26:3f:83:64:15:
e5:69:a0:01:0a:4f:75:ad:4c:2d:4f:38:c6:f3:ff:
44:e6:33:e1:64:dc:87:b7:b6:cb:fb:27:ca:0b:c7:
a6:9a:9e:84:21:3b:f5:a3:cd:fc:5d:d8:9c:20:fd:
5f:0d:11:72:de:72:08:17:52:21:ed:b7:0f:0c:06:
a7:6b:8f:6a:f4:ec:cd:1d:2a:a4:43:82:83:44:0c:
4c:de:98:88:5e:b2:33:ee:c3:39:7f:59:e4:25:d1:
e3:5f:df:15:78:59:c4:fb:6f:af:bc:e9:7d:ee:ab:
82:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:74:7B:E5:D9:2E:02:08:80:A2:E6:5B:1F:3B:38:5D:6C:F8:C3:F7
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/rXR75dkuAgiAouZbHzs4XWz4w_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.74.0/23
147.234.88.0/23
Signature Algorithm: sha256WithRSAEncryption
13:40:4e:96:9f:46:77:e0:e1:45:47:19:87:51:ae:51:ed:f6:
78:07:2e:85:0c:77:8f:2e:fb:6d:0f:f1:67:f9:ac:29:fe:24:
db:d4:51:46:30:ad:c9:a2:8d:62:49:0d:69:9c:96:85:e9:c8:
5a:eb:ee:0c:e9:96:1b:0f:81:6e:76:dd:a4:e5:b6:b5:29:9c:
0a:33:61:08:3a:61:0c:dd:3e:17:88:5d:7d:71:62:77:ef:c3:
08:71:35:dd:24:e0:95:de:11:a1:29:46:80:00:96:53:04:e8:
c5:ab:48:c1:12:5a:42:be:c2:bc:9e:b2:f2:e5:ba:91:79:4b:
2d:2e:89:8d:c5:0f:3e:b1:dc:36:7f:e7:82:47:89:8e:92:d1:
19:bb:71:f8:1c:8d:84:8c:b2:44:19:79:7b:8b:85:41:b3:4d:
fa:c4:82:4e:8f:75:97:e8:f5:07:b3:e4:71:a4:98:b6:13:22:
a1:54:66:4a:f2:1c:62:c4:96:51:8b:ef:d0:d6:6d:11:cd:88:
7b:94:d0:b6:03:93:c9:92:4b:aa:2d:63:3f:e6:a2:01:83:b6:
87:4f:e1:dc:e1:48:67:34:e5:52:24:53:ba:48:74:39:95:ba:
ce:ea:66:7e:d4:ab:9d:da:df:64:9d:5b:c9:61:0b:ff:c1:c9:
46:cb:75:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3y7+h0gfCKcGXibm8q2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTAyMDYzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc0N2JlNWQ5MmUwMjA4ODBhMmU2NWIxZjNiMzg1ZDZjZjhjM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSCNiCcRb9N8rPcfXojgglRJaV8O
/82dPASRC25zHqaf1FzYmC0hHP8Gp6YWcEKU90bQxKMWICAXCyKizEaIFxD6hrN3
9p3mBB2B7D6f2zc9hQws+4ZPWM99OyM5Qx/dUpcTDINqN503zLJjwwkL/i8rAY3V
gBqbQyze7hdHVsgRIIwWHml5Fti4MU2pd0PNJj+DZBXlaaABCk91rUwtTzjG8/9E
5jPhZNyHt7bL+yfKC8emmp6EITv1o838XdicIP1fDRFy3nIIF1Ih7bcPDAana49q
9OzNHSqkQ4KDRAxM3piIXrIz7sM5f1nkJdHjX98VeFnE+2+vvOl97quC+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK10e+XZLgIIgKLmWx87OF1s+MP3MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvclhSNzVka3VBZ2lBb3VaYkh6czRYV3o0d19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPlqHAwQB
k+pKAwQBk+pYMA0GCSqGSIb3DQEBCwUAA4IBAQATQE6Wn0Z34OFFRxmHUa5R7fZ4
By6FDHePLvttD/Fn+awp/iTb1FFGMK3Joo1iSQ1pnJaF6cha6+4M6ZYbD4Fudt2k
5ba1KZwKM2EIOmEM3T4XiF19cWJ378MIcTXdJOCV3hGhKUaAAJZTBOjFq0jBElpC
vsK8nrLy5bqReUstLomNxQ8+sdw2f+eCR4mOktEZu3H4HI2EjLJEGXl7i4VBs036
xIJOj3WX6PUHs+RxpJi2EyKhVGZK8hxixJZRi+/Q1m0RzYh7lNC2A5PJkkuqLWM/
5qIBg7aHT+Hc4UhnNOVSJFO6SHQ5lbrO6mZ+1Kud2t9knVvJYQv/wclGy3UR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org