Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/mnDBJHgBGK2xoOebudPU1n9pjrQ.roa
File: mnDBJHgBGK2xoOebudPU1n9pjrQ.roa (raw, json)
Hash identifier: YmEMJ6CQzNnD2LCiyMMohCTufsY46dda1mvz9fpUiqg=
Subject key identifier: 9A:70:C1:24:78:01:18:AD:B1:A0:E7:9B:B9:D3:D4:D6:7F:69:8E:B4
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC522DC26438C66D1750169A510AD7
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/mnDBJHgBGK2xoOebudPU1n9pjrQ.roa
Signing time: Mon 01 Jan 2024 16:29:59 +0000
ROA not before: Mon 01 Jan 2024 16:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211078
IP address blocks: 62.76.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:52:2d:c2:64:38:c6:6d:17:50:16:9a:51:0a:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a70c124780118adb1a0e79bb9d3d4d67f698eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:df:7c:7b:cc:5e:10:8b:f2:c7:d9:f2:0a:
c6:2c:47:94:fd:6c:76:e8:24:f8:8d:7c:71:57:b2:
38:27:59:a6:0a:77:d1:60:3f:3d:15:2a:d3:98:19:
54:3e:d2:c7:bb:84:1a:73:c5:7e:fc:8f:d5:b0:b4:
cb:2b:fc:32:ee:a4:09:d5:0b:af:4b:3f:01:13:08:
c5:58:f5:7b:a4:fc:bb:2d:23:c2:f7:f3:04:73:0d:
27:fa:bf:49:ac:6e:f0:f4:df:66:7e:be:c8:62:0d:
33:51:23:62:d8:e5:7f:c8:f0:18:3b:82:e7:47:de:
d4:bc:b1:72:19:13:49:76:07:4c:f6:08:b1:08:a1:
29:05:9d:ef:ca:73:db:9b:7a:da:b6:2f:b3:fa:7a:
6a:7e:6b:76:fe:66:75:6f:a3:93:d2:d3:c2:5b:01:
c6:c4:7a:78:21:01:58:eb:ce:b3:95:87:98:a9:19:
6a:84:fe:7e:0c:86:87:4d:ab:6b:d5:fe:2d:49:86:
ba:32:ca:50:11:87:75:b0:8d:21:c8:a8:1c:d7:a9:
32:88:c6:02:50:de:1b:b2:35:1f:a1:e9:97:6b:2f:
fb:15:54:61:04:64:86:f8:a7:13:94:51:d9:dd:e7:
c6:3a:b9:2f:37:5b:0e:4f:83:46:bb:d3:87:f7:9a:
a6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:70:C1:24:78:01:18:AD:B1:A0:E7:9B:B9:D3:D4:D6:7F:69:8E:B4
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/mnDBJHgBGK2xoOebudPU1n9pjrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.14.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:dc:e3:55:ef:8c:6b:0b:b6:b1:55:18:61:5c:67:c3:c9:23:
4e:5f:b1:1f:a2:f7:77:1f:3d:2d:88:86:79:54:96:a5:46:4d:
11:39:a2:94:4e:cf:86:82:6a:d7:da:33:d8:2a:38:c9:56:e8:
a7:79:0b:30:2f:90:cd:ad:bb:9f:41:9c:cb:7e:6b:9a:6e:a6:
6b:de:83:70:33:6a:69:1a:26:f3:6d:a9:a0:f5:2b:28:34:90:
5d:4d:2d:fa:ed:90:4d:54:9b:d6:fe:af:81:a8:10:50:ff:02:
9a:52:45:6c:f3:d4:b2:22:94:6c:24:76:8d:22:58:40:09:5b:
9a:4a:15:21:79:9f:15:a6:a6:84:04:aa:73:b1:36:6e:af:1f:
2b:5a:a5:1c:26:b9:15:ae:ba:2b:21:15:83:2e:9e:48:be:df:
ef:f4:cf:aa:15:c5:25:93:89:10:80:67:67:27:68:13:38:4c:
ca:6b:d6:81:eb:10:d2:7f:d1:db:3a:27:65:5f:79:04:21:73:
73:11:c3:90:f2:f2:96:e1:ca:0d:6f:5b:49:78:3a:c9:38:a4:
1d:c7:f3:73:e1:ee:1d:07:d7:4a:9b:6f:da:ee:ba:4e:f3:b1:
91:33:9c:48:75:cd:5c:be:2c:51:78:ef:4c:22:95:01:99:ff:
87:a9:fe:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3FItwmQ4xm0XUBaaUQrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTcwYzEyNDc4MDExOGFkYjFhMGU3OWJiOWQzZDRkNjdmNjk4ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx3ffHvMXhCL8sfZ8grGLEeU/Wx2
6CT4jXxxV7I4J1mmCnfRYD89FSrTmBlUPtLHu4Qac8V+/I/VsLTLK/wy7qQJ1Quv
Sz8BEwjFWPV7pPy7LSPC9/MEcw0n+r9JrG7w9N9mfr7IYg0zUSNi2OV/yPAYO4Ln
R97UvLFyGRNJdgdM9gixCKEpBZ3vynPbm3rati+z+npqfmt2/mZ1b6OT0tPCWwHG
xHp4IQFY686zlYeYqRlqhP5+DIaHTatr1f4tSYa6MspQEYd1sI0hyKgc16kyiMYC
UN4bsjUfoemXay/7FVRhBGSG+KcTlFHZ3efGOrkvN1sOT4NGu9OH95qmdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpwwSR4ARitsaDnm7nT1NZ/aY60MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvbW5EQkpIZ0JHSzJ4b09lYnVkUFUxbjlwanJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkwOMA0G
CSqGSIb3DQEBCwUAA4IBAQCg3ONV74xrC7axVRhhXGfDySNOX7Efovd3Hz0tiIZ5
VJalRk0ROaKUTs+GgmrX2jPYKjjJVuineQswL5DNrbufQZzLfmuabqZr3oNwM2pp
Gibzbamg9SsoNJBdTS367ZBNVJvW/q+BqBBQ/wKaUkVs89SyIpRsJHaNIlhACVua
ShUheZ8VpqaEBKpzsTZurx8rWqUcJrkVrrorIRWDLp5Ivt/v9M+qFcUlk4kQgGdn
J2gTOEzKa9aB6xDSf9HbOidlX3kEIXNzEcOQ8vKW4coNb1tJeDrJOKQdx/Nz4e4d
B9dKm2/a7rpO87GRM5xIdc1cvixReO9MIpUBmf+Hqf4T
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:09 2025 by rpki-client