Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/pcrmxUSnHd2oOsHG7g0gPYbli_k.roa
File: pcrmxUSnHd2oOsHG7g0gPYbli_k.roa (raw, json)
Hash identifier: OUZ5NLEnu+Hmk3SuGMFwVvzI7ie/L5S+PCvTFmGzXn4=
Subject key identifier: A5:CA:E6:C5:44:A7:1D:DD:A8:3A:C1:C6:EE:0D:20:3D:86:E5:8B:F9
Certificate issuer: /CN=08d79d20d76a9ddb075b94f9f00052ab218276b7
Certificate serial: 018CC56E169C87824EA440569A3C687B9178
Authority key identifier: 08:D7:9D:20:D7:6A:9D:DB:07:5B:94:F9:F0:00:52:AB:21:82:76:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/pcrmxUSnHd2oOsHG7g0gPYbli_k.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 62.108.64.0/22 maxlen: 24
62.108.68.0/22 maxlen: 24
62.108.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 11:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:16:9c:87:82:4e:a4:40:56:9a:3c:68:7b:91:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d79d20d76a9ddb075b94f9f00052ab218276b7
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5cae6c544a71ddda83ac1c6ee0d203d86e58bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:79:1a:65:c5:f6:20:d3:0f:7c:5f:c3:94:fb:
6b:6e:ae:9b:d7:6c:bc:75:d3:d5:40:b1:79:a6:e7:
57:05:cd:34:68:9a:fc:01:60:db:cc:b0:21:5a:aa:
19:c3:6b:79:7b:7e:02:11:ae:cf:23:26:1c:3f:ee:
fe:55:fa:85:05:a5:c4:a1:bf:a0:d4:a7:bc:f0:8a:
aa:f6:1b:07:e8:60:46:79:d1:81:5d:6e:bb:8e:00:
90:31:49:cd:56:df:4b:7e:0e:e8:ff:29:fe:23:f7:
8c:19:d1:3d:6a:86:4f:be:ec:19:61:6e:58:b4:8a:
ef:7d:13:b5:0a:e5:b7:ec:82:58:5f:aa:ec:2e:65:
d5:ba:9f:6f:45:9a:aa:ff:75:ce:ee:c2:4e:7a:11:
6c:75:5a:9d:dc:86:31:65:6e:d5:9c:1c:8a:7b:bc:
b7:19:06:e5:98:07:6b:29:6f:35:90:79:49:13:37:
ac:96:19:f6:2d:3a:0d:d6:8f:24:5a:3f:ba:39:1e:
92:28:71:a2:06:63:48:d0:c1:77:70:4c:32:9a:de:
5b:57:59:f3:4a:46:4d:eb:cd:71:18:71:69:3f:d4:
83:f0:76:0f:26:b2:d0:50:3e:7c:13:3e:20:e4:22:
c7:d2:fd:ad:e1:94:74:f5:98:6b:ab:39:2c:87:b0:
cb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CA:E6:C5:44:A7:1D:DD:A8:3A:C1:C6:EE:0D:20:3D:86:E5:8B:F9
X509v3 Authority Key Identifier:
keyid:08:D7:9D:20:D7:6A:9D:DB:07:5B:94:F9:F0:00:52:AB:21:82:76:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/pcrmxUSnHd2oOsHG7g0gPYbli_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/CNedINdqndsHW5T58ABSqyGCdrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.64.0-62.108.75.255
Signature Algorithm: sha256WithRSAEncryption
15:68:b4:8c:f5:6d:a0:c7:c4:a8:fb:36:ab:2c:f3:37:9e:19:
16:3d:c2:30:34:43:7e:37:c0:ef:78:53:39:01:2d:f5:d5:c2:
d6:da:78:f0:6e:b8:40:b8:72:c3:7f:a8:a8:ae:59:ea:41:63:
fa:51:bd:1c:b4:da:5c:79:9a:c8:0e:c8:f8:ff:d3:3a:cb:e1:
ef:b0:70:fb:c0:09:c1:38:17:03:d4:90:a2:dd:44:88:f8:06:
e3:fd:02:ae:f4:61:8c:71:16:9c:f6:8a:ff:20:c4:e3:22:9d:
92:a1:10:09:c7:eb:ad:38:ed:86:58:bd:e7:4d:ca:ec:ac:06:
08:7d:6f:0a:80:da:74:7d:3d:94:7c:6e:77:e4:96:a7:49:90:
1d:d8:ee:9e:f6:ea:f4:c7:2b:79:8a:28:5f:7f:7a:9f:38:04:
ec:d2:c5:1a:f8:89:18:b4:c1:80:28:75:78:82:62:ab:40:5a:
75:cb:81:c7:85:0f:a1:14:46:18:1d:ae:42:6e:02:94:73:ad:
1a:7d:4f:26:c1:3e:a9:5a:1b:7c:de:3f:ff:12:4a:1e:9c:88:
2e:7e:cd:9a:29:cd:f2:04:83:05:16:1e:17:a2:2f:6a:5a:02:
fa:48:32:42:b2:31:8f:c0:35:ae:b9:e6:77:3d:d5:48:5e:24:
ab:43:08:cb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFbhach4JOpEBWmjxoe5F4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDc5ZDIwZDc2YTlkZGIwNzViOTRmOWYwMDA1MmFiMjE4
Mjc2YjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWNhZTZjNTQ0YTcxZGRkYTgzYWMxYzZlZTBkMjAzZDg2ZTU4YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3kaZcX2INMPfF/DlPtrbq6b12y8
ddPVQLF5pudXBc00aJr8AWDbzLAhWqoZw2t5e34CEa7PIyYcP+7+VfqFBaXEob+g
1Ke88Iqq9hsH6GBGedGBXW67jgCQMUnNVt9Lfg7o/yn+I/eMGdE9aoZPvuwZYW5Y
tIrvfRO1CuW37IJYX6rsLmXVup9vRZqq/3XO7sJOehFsdVqd3IYxZW7VnByKe7y3
GQblmAdrKW81kHlJEzeslhn2LToN1o8kWj+6OR6SKHGiBmNI0MF3cEwymt5bV1nz
SkZN681xGHFpP9SD8HYPJrLQUD58Ez4g5CLH0v2t4ZR09Zhrqzksh7DL/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKXK5sVEpx3dqDrBxu4NID2G5Yv5MB8GA1UdIwQY
MBaAFAjXnSDXap3bB1uU+fAAUqshgna3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05lZElOZHFuZHNIVzVUNThBQlNxeUdDZHJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zNzEwOWQtMTMzNy00YjJkLWJjMWIt
NDhkYzg4YjU2MDIwLzEvcGNybXhVU25IZDJvT3NIRzdnMGdQWWJsaV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zNzEwOWQtMTMzNy00YjJkLWJjMWItNDhkYzg4YjU2MDIw
LzEvQ05lZElOZHFuZHNIVzVUNThBQlNxeUdDZHJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAY+bEAD
BAI+bEgwDQYJKoZIhvcNAQELBQADggEBABVotIz1baDHxKj7Nqss8zeeGRY9wjA0
Q343wO94UzkBLfXVwtbaePBuuEC4csN/qKiuWepBY/pRvRy02lx5msgOyPj/0zrL
4e+wcPvACcE4FwPUkKLdRIj4BuP9Aq70YYxxFpz2iv8gxOMinZKhEAnH66047YZY
vedNyuysBgh9bwqA2nR9PZR8bnfklqdJkB3Y7p726vTHK3mKKF9/ep84BOzSxRr4
iRi0wYAodXiCYqtAWnXLgceFD6EURhgdrkJuApRzrRp9TybBPqlaG3zeP/8SSh6c
iC5+zZopzfIEgwUWHheiL2paAvpIMkKyMY/ANa655nc91UheJKtDCMs=
-----END CERTIFICATE-----
Generated at Thu Jul 4 12:31:58 2024 by rpki-client on console-fra.rpki-client.org