Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/dXO3bWb4Qic26qZzQ32UFrN5FRg.roa
File: dXO3bWb4Qic26qZzQ32UFrN5FRg.roa (raw, json)
Hash identifier: VEJVaJb3mYYC53LmYG2HGyu6cys7yrDMEZgseGLoUrM=
Subject key identifier: 75:73:B7:6D:66:F8:42:27:36:EA:A6:73:43:7D:94:16:B3:79:15:18
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A7B4CE871242D8BD5A0248F4B4CCEBD93
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/dXO3bWb4Qic26qZzQ32UFrN5FRg.roa
Signing time: Sat 09 Sep 2023 18:55:52 +0000
ROA not before: Sat 09 Sep 2023 18:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63018
IP address blocks: 45.128.59.0/24 maxlen: 24
171.22.108.0/24 maxlen: 24
92.118.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7b:4c:e8:71:24:2d:8b:d5:a0:24:8f:4b:4c:ce:bd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 9 18:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7573b76d66f8422736eaa673437d9416b3791518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3e:ab:91:fe:72:4b:7f:d5:39:cf:53:93:b4:
f6:dc:3c:58:49:26:1c:64:3f:cc:cd:cb:17:15:09:
31:3a:3a:59:13:e9:71:44:72:f9:51:a3:f6:2d:26:
19:f4:f2:de:36:8f:c2:a4:d6:57:42:29:9b:5c:17:
12:fd:2b:a9:b3:ff:89:a2:51:ed:55:1b:7e:06:32:
c9:7c:bf:4b:8d:74:84:30:08:4b:94:4f:32:92:40:
8b:98:cc:07:6d:a1:cd:cf:b6:dc:63:c0:f9:02:1b:
0c:93:99:f7:f3:7d:92:0b:f9:a5:ca:e1:d1:ad:a3:
3d:e6:24:84:9a:e5:65:b7:81:47:49:bb:ef:e1:73:
2c:77:75:c0:84:7c:2b:2d:87:39:79:7a:7c:e3:93:
6e:6d:0b:a4:55:be:97:bb:c1:dc:4c:5a:d1:07:63:
13:d9:ce:0f:80:05:35:81:9a:57:bb:cc:3c:ca:fa:
95:7c:b1:48:f1:f8:54:ae:11:fa:c6:36:12:82:94:
40:7e:cb:de:37:a8:06:54:73:fd:f6:ac:c8:8a:a9:
e7:33:ea:b4:7b:ab:6a:ed:28:cc:02:b6:b8:0c:47:
58:b8:7f:06:48:06:4b:fc:21:a8:7c:84:78:35:a3:
01:03:80:68:9b:59:35:42:84:81:78:79:63:b9:be:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:73:B7:6D:66:F8:42:27:36:EA:A6:73:43:7D:94:16:B3:79:15:18
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/dXO3bWb4Qic26qZzQ32UFrN5FRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.59.0/24
92.118.235.0/24
171.22.108.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ff:6d:c4:3b:41:63:38:d9:0e:1e:73:ae:47:52:ea:77:5a:
69:b0:f8:bf:09:cf:84:a2:07:cf:fd:92:45:38:ea:03:ff:2c:
f2:6f:05:c1:bd:9c:4a:61:f7:0a:6a:4c:b5:88:64:6b:cf:11:
15:bc:2d:d8:cc:da:f5:4b:97:3a:e8:71:37:72:70:b3:01:a9:
4c:45:8e:e2:b0:3d:bf:d3:42:1e:62:ef:e1:cd:d6:e2:be:3c:
50:c2:7e:63:88:21:c7:85:31:eb:aa:16:2c:a3:dd:b3:c1:fb:
4c:ca:60:98:ac:dc:0d:b3:34:e9:79:9c:9b:80:6b:b0:e9:ce:
f5:fd:5f:ac:2e:e3:6e:f3:6a:98:76:7b:97:f3:d3:c9:54:04:
01:59:2a:ce:c8:db:74:bb:47:fa:d4:2d:b4:8c:9b:8a:a8:63:
58:a8:a3:13:05:ff:c4:88:c1:62:4b:83:7f:59:bf:d1:0f:ec:
45:e4:56:2a:88:ac:39:21:9f:c7:f4:56:af:69:6f:1a:41:d5:
2b:ba:67:91:01:33:ad:4d:57:f2:ec:64:c8:3b:7b:81:d4:65:
9b:6f:0f:46:23:ff:12:fc:8c:4f:88:e2:9b:6e:8d:e1:86:f0:
02:9b:f0:4e:f9:c9:5d:70:11:ba:32:82:de:6a:37:5f:d3:b8:
6b:36:c5:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYp7TOhxJC2L1aAkj0tMzr2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA5MTg1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTczYjc2ZDY2Zjg0MjI3MzZlYWE2NzM0MzdkOTQxNmIzNzkxNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD6rkf5yS3/VOc9Tk7T23DxYSSYc
ZD/MzcsXFQkxOjpZE+lxRHL5UaP2LSYZ9PLeNo/CpNZXQimbXBcS/Sups/+JolHt
VRt+BjLJfL9LjXSEMAhLlE8ykkCLmMwHbaHNz7bcY8D5AhsMk5n3832SC/mlyuHR
raM95iSEmuVlt4FHSbvv4XMsd3XAhHwrLYc5eXp845NubQukVb6Xu8HcTFrRB2MT
2c4PgAU1gZpXu8w8yvqVfLFI8fhUrhH6xjYSgpRAfsveN6gGVHP99qzIiqnnM+q0
e6tq7SjMAra4DEdYuH8GSAZL/CGofIR4NaMBA4Bom1k1QoSBeHljub7KaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHVzt21m+EInNuqmc0N9lBazeRUYMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZFhPM2JXYjRRaWMyNnFaelEzMlVGck41RlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYA7AwQA
XHbrAwQAqxZsMA0GCSqGSIb3DQEBCwUAA4IBAQAq/23EO0FjONkOHnOuR1Lqd1pp
sPi/Cc+EogfP/ZJFOOoD/yzybwXBvZxKYfcKaky1iGRrzxEVvC3YzNr1S5c66HE3
cnCzAalMRY7isD2/00IeYu/hzdbivjxQwn5jiCHHhTHrqhYso92zwftMymCYrNwN
szTpeZybgGuw6c71/V+sLuNu82qYdnuX89PJVAQBWSrOyNt0u0f61C20jJuKqGNY
qKMTBf/EiMFiS4N/Wb/RD+xF5FYqiKw5IZ/H9FavaW8aQdUrumeRATOtTVfy7GTI
O3uB1GWbbw9GI/8S/IxPiOKbbo3hhvACm/BO+cldcBG6MoLeajdf07hrNsVV
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org