Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/60oFw47SJdqAfCofMb3t5OK_k8c.roa
File: 60oFw47SJdqAfCofMb3t5OK_k8c.roa (raw, json)
Hash identifier: 8ztm9pmaRcS8rOEpmk4+THHSBh34m6Wm1AcrDwLTNOE=
Subject key identifier: EB:4A:05:C3:8E:D2:25:DA:80:7C:2A:1F:31:BD:ED:E4:E2:BF:93:C7
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 018ACB344D76B47C4A178D099C27832936D0
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/60oFw47SJdqAfCofMb3t5OK_k8c.roa
Signing time: Mon 25 Sep 2023 07:18:37 +0000
ROA not before: Mon 25 Sep 2023 07:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47254
IP address blocks: 212.102.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:34:4d:76:b4:7c:4a:17:8d:09:9c:27:83:29:36:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Sep 25 07:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb4a05c38ed225da807c2a1f31bdede4e2bf93c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:47:c1:39:3e:7a:41:a8:db:9f:c6:db:a0:
cb:46:90:f7:cd:98:49:93:f0:97:bd:a4:5a:ac:df:
f5:9d:d8:05:e7:1e:18:6a:d2:ed:e7:8c:8d:47:da:
0f:76:6a:04:9c:b2:c9:24:27:7b:13:f9:e8:66:44:
42:8f:2c:2b:fc:99:5b:39:f8:24:20:24:f5:30:53:
d3:6b:f2:fe:f6:61:af:69:4a:9c:f4:10:57:3e:79:
15:1e:f7:e9:43:39:1e:47:50:8b:1f:27:8c:4e:ac:
a1:b9:b9:67:9d:35:70:c4:24:24:17:f1:92:e6:b2:
ba:73:e8:7c:59:f1:54:dd:17:a7:41:d4:6e:57:38:
ce:c6:36:ac:12:9f:e5:e8:f0:2b:98:88:04:00:01:
46:6b:3f:b9:9c:fc:c4:18:31:f7:36:3f:02:6e:a5:
ba:90:ce:f2:e3:51:29:f4:3c:6b:ce:7f:f3:37:5e:
aa:f7:e0:e2:05:e6:be:57:1c:40:73:d6:59:00:de:
34:8b:0a:80:cf:b5:40:1a:d8:2b:04:ee:09:c4:ff:
2a:0e:5a:e7:e3:6b:7c:3b:d3:c9:4b:dd:a9:08:c9:
ea:7e:4e:03:2c:a1:6f:a9:ab:58:d5:df:5e:dc:99:
70:e2:0d:d1:ea:53:7b:e1:fb:ad:0e:28:0e:c1:93:
6b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4A:05:C3:8E:D2:25:DA:80:7C:2A:1F:31:BD:ED:E4:E2:BF:93:C7
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/60oFw47SJdqAfCofMb3t5OK_k8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.98.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:46:87:88:be:ab:86:81:f2:3b:bb:a1:be:14:22:7d:f7:ba:
8c:5c:aa:e6:77:d7:40:3f:63:29:8e:2c:c6:bb:ff:30:be:12:
6a:91:7c:f2:f4:92:02:fb:c5:d1:a1:17:ce:9f:ab:77:c2:4d:
7d:ad:15:95:44:f5:05:7d:15:f0:46:23:8e:4c:a9:ec:44:48:
9b:3c:83:3c:02:b1:03:1e:bf:6a:d6:c5:fc:a2:20:b3:09:86:
f8:af:bb:4c:9a:a5:52:9a:5c:ec:d8:af:08:9f:db:a8:3d:d1:
53:7c:fd:58:5f:97:1f:9c:22:42:ec:bc:33:9b:46:8a:38:92:
e4:ae:c5:9b:d8:aa:2e:1f:38:47:ce:a9:31:65:00:78:e8:c1:
48:52:cb:03:38:a4:49:6a:be:31:f8:7a:0d:7f:c8:b4:f6:13:
bf:60:34:3d:d6:99:7f:6d:b8:55:1a:63:ea:36:13:c3:e0:2f:
f7:74:82:41:30:ef:f3:25:6b:fc:0c:11:7c:34:e9:19:d4:f7:
12:b9:2f:89:1a:dc:63:d3:43:5a:6f:dd:4d:f7:a2:b9:1c:b5:
c3:9b:40:d8:55:a0:6d:85:75:21:75:8a:65:02:86:4a:db:5e:
28:ed:4b:bd:37:1d:f5:bb:cb:3c:d6:0f:0b:14:da:68:f8:c9:
1c:50:9a:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrLNE12tHxKF40JnCeDKTbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjMwOTI1MDcxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjRhMDVjMzhlZDIyNWRhODA3YzJhMWYzMWJkZWRlNGUyYmY5M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnRHwTk+ekGo25/G26DLRpD3zZhJ
k/CXvaRarN/1ndgF5x4YatLt54yNR9oPdmoEnLLJJCd7E/noZkRCjywr/JlbOfgk
ICT1MFPTa/L+9mGvaUqc9BBXPnkVHvfpQzkeR1CLHyeMTqyhublnnTVwxCQkF/GS
5rK6c+h8WfFU3RenQdRuVzjOxjasEp/l6PArmIgEAAFGaz+5nPzEGDH3Nj8CbqW6
kM7y41Ep9Dxrzn/zN16q9+DiBea+VxxAc9ZZAN40iwqAz7VAGtgrBO4JxP8qDlrn
42t8O9PJS92pCMnqfk4DLKFvqatY1d9e3Jlw4g3R6lN74futDigOwZNrqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtKBcOO0iXagHwqHzG97eTiv5PHMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvNjBvRnc0N1NKZHFBZkNvZk1iM3Q1T0tfazhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GZiMA0G
CSqGSIb3DQEBCwUAA4IBAQArRoeIvquGgfI7u6G+FCJ997qMXKrmd9dAP2MpjizG
u/8wvhJqkXzy9JIC+8XRoRfOn6t3wk19rRWVRPUFfRXwRiOOTKnsREibPIM8ArED
Hr9q1sX8oiCzCYb4r7tMmqVSmlzs2K8In9uoPdFTfP1YX5cfnCJC7Lwzm0aKOJLk
rsWb2KouHzhHzqkxZQB46MFIUssDOKRJar4x+HoNf8i09hO/YDQ91pl/bbhVGmPq
NhPD4C/3dIJBMO/zJWv8DBF8NOkZ1PcSuS+JGtxj00Nab91N96K5HLXDm0DYVaBt
hXUhdYplAoZK214o7Uu9Nx31u8s81g8LFNpo+MkcUJpB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org