Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/I80YGwBKpH8Y9UaUw059FfSx4P8.roa
File: I80YGwBKpH8Y9UaUw059FfSx4P8.roa (raw, json)
Hash identifier: lPoI17r6425hNbSswnrjRpZ88D/zabdXIo7RGkD1rYU=
Subject key identifier: 23:CD:18:1B:00:4A:A4:7F:18:F5:46:94:C3:4E:7D:15:F4:B1:E0:FF
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 0185724C586A6E44983743134944D9EEB162
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/I80YGwBKpH8Y9UaUw059FfSx4P8.roa
Signing time: Mon 02 Jan 2023 11:44:44 +0000
ROA not before: Mon 02 Jan 2023 11:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62046
IP address blocks: 212.59.104.0/24 maxlen: 24
62.181.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:58:6a:6e:44:98:37:43:13:49:44:d9:ee:b1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jan 2 11:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23cd181b004aa47f18f54694c34e7d15f4b1e0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:95:5e:2c:9d:6e:85:d4:9f:f7:a5:56:b4:c7:
7a:86:bd:95:74:ea:ae:2f:dd:54:b3:93:9a:4d:df:
b3:75:12:92:31:24:bd:c6:b6:9e:63:81:fe:18:76:
8a:93:72:93:5c:f5:90:b4:77:1b:28:81:b2:db:74:
6c:df:86:2c:49:b8:1d:96:81:40:9e:85:91:de:3d:
fa:8d:c3:22:08:d4:8b:74:b1:c0:2a:44:22:c0:56:
4d:50:62:4b:49:40:64:8f:c7:dd:5e:b2:76:40:73:
b6:b2:49:69:f4:4a:8b:74:e4:cd:85:4c:ed:31:64:
38:23:71:53:d3:94:b4:83:f8:dd:ea:01:ec:b4:12:
52:43:a2:a2:ef:bb:5e:b0:24:05:12:91:b3:ab:20:
3b:01:88:61:ab:94:0c:7a:c4:83:93:90:c1:6c:c4:
85:13:26:75:1c:a5:8d:68:b8:05:1b:7f:16:ba:c9:
87:80:95:85:48:5e:d0:72:31:6c:09:4b:92:6f:10:
13:9b:fd:21:f5:fd:ea:9a:2a:29:9f:1b:b5:b8:01:
2b:f2:7d:07:98:1e:96:e4:f5:82:d8:34:10:4c:c3:
0b:aa:88:aa:e6:0b:55:d4:c5:61:33:2e:5a:93:5b:
1f:ef:e3:8b:bf:d3:62:b3:8a:39:bb:c4:94:1a:c5:
a7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CD:18:1B:00:4A:A4:7F:18:F5:46:94:C3:4E:7D:15:F4:B1:E0:FF
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/I80YGwBKpH8Y9UaUw059FfSx4P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.56.0/24
212.59.104.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:de:d6:fd:84:23:75:4c:ad:c2:c2:80:2a:c6:3c:24:de:30:
65:4b:48:ad:c6:9d:c8:a0:aa:cb:2a:f6:af:35:66:ee:1c:0f:
51:f1:9d:99:c4:e1:f3:c8:71:ac:70:78:81:0f:31:8d:41:5a:
14:ce:74:dc:73:37:7f:05:ce:aa:42:86:27:be:b9:87:85:41:
2d:0f:ac:94:57:9e:27:e9:fa:6b:77:d6:ea:cd:5f:a3:fd:9c:
5c:da:8a:b7:2c:1f:2c:df:1f:af:6e:0c:15:2a:11:69:c6:b6:
55:d4:fc:e3:f2:f1:96:a6:2a:9f:9d:a3:d7:29:2f:39:f5:ce:
65:91:18:65:d8:d8:86:1d:ab:66:84:64:de:1c:63:8a:46:12:
05:4e:9d:fd:53:25:e6:08:46:47:b3:a3:b0:9e:1b:03:07:fb:
97:1d:af:5e:09:4e:f4:6a:ba:91:c5:23:76:54:5b:13:24:cc:
4d:32:f6:7f:3e:fc:bb:b9:71:3b:35:08:16:80:87:84:f5:a4:
80:ca:bc:3a:78:21:70:c2:85:1b:1a:36:26:f4:63:74:d6:fc:
2b:e4:5d:a5:eb:86:46:df:65:93:92:20:91:b8:d1:74:51:b5:
af:38:cb:c6:5b:98:91:0b:39:c6:52:aa:84:ac:6d:28:9f:b8:
82:00:e9:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyTFhqbkSYN0MTSUTZ7rFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjMwMTAyMTE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NkMTgxYjAwNGFhNDdmMThmNTQ2OTRjMzRlN2QxNWY0YjFlMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZVeLJ1uhdSf96VWtMd6hr2VdOqu
L91Us5OaTd+zdRKSMSS9xraeY4H+GHaKk3KTXPWQtHcbKIGy23Rs34YsSbgdloFA
noWR3j36jcMiCNSLdLHAKkQiwFZNUGJLSUBkj8fdXrJ2QHO2sklp9EqLdOTNhUzt
MWQ4I3FT05S0g/jd6gHstBJSQ6Ki77tesCQFEpGzqyA7AYhhq5QMesSDk5DBbMSF
EyZ1HKWNaLgFG38WusmHgJWFSF7QcjFsCUuSbxATm/0h9f3qmiopnxu1uAEr8n0H
mB6W5PWC2DQQTMMLqoiq5gtV1MVhMy5ak1sf7+OLv9Nis4o5u8SUGsWncwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCPNGBsASqR/GPVGlMNOfRX0seD/MB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvSTgwWUd3QktwSDhZOVVhVXcwNTlGZlN4NFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPrU4AwQA
1DtoMA0GCSqGSIb3DQEBCwUAA4IBAQA83tb9hCN1TK3CwoAqxjwk3jBlS0itxp3I
oKrLKvavNWbuHA9R8Z2ZxOHzyHGscHiBDzGNQVoUznTcczd/Bc6qQoYnvrmHhUEt
D6yUV54n6fprd9bqzV+j/Zxc2oq3LB8s3x+vbgwVKhFpxrZV1Pzj8vGWpiqfnaPX
KS859c5lkRhl2NiGHatmhGTeHGOKRhIFTp39UyXmCEZHs6OwnhsDB/uXHa9eCU70
arqRxSN2VFsTJMxNMvZ/Pvy7uXE7NQgWgIeE9aSAyrw6eCFwwoUbGjYm9GN01vwr
5F2l64ZG32WTkiCRuNF0UbWvOMvGW5iRCznGUqqErG0on7iCAOkP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:28 2024 by rpki-client on console-fra.rpki-client.org