Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iPwOUbsnkArgMffpuaxKjvoQU34.roa
File: iPwOUbsnkArgMffpuaxKjvoQU34.roa (raw, json)
Hash identifier: pVK/4NitXBbe7KXPPtrtNuCCzoUIt6QXpqWmCOXDPkg=
Subject key identifier: 88:FC:0E:51:BB:27:90:0A:E0:31:F7:E9:B9:AC:4A:8E:FA:10:53:7E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019035985948D6FB8FD77BE4DADFB589CC5F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iPwOUbsnkArgMffpuaxKjvoQU34.roa
Signing time: Thu 20 Jun 2024 12:21:34 +0000
ROA not before: Thu 20 Jun 2024 12:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 18:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:98:59:48:d6:fb:8f:d7:7b:e4:da:df:b5:89:cc:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 20 12:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88fc0e51bb27900ae031f7e9b9ac4a8efa10537e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a3:63:9b:24:3c:2d:2a:bb:cc:be:0d:4e:c4:
71:bc:83:27:d7:b4:36:b3:04:41:0d:d6:d0:b9:fc:
d3:d1:a5:e3:7a:75:7a:76:3a:5c:8d:14:54:8f:30:
e4:2e:31:c8:a8:0f:d8:b4:69:a5:5b:3e:e7:b4:42:
5f:5c:87:2f:5f:4f:1c:0c:0d:72:06:e4:a8:72:a8:
b7:fb:06:49:49:ad:f3:70:68:ec:bc:50:94:5a:9d:
ad:88:d6:f8:da:81:3a:21:4c:43:a9:58:e6:79:1f:
b8:ae:14:76:31:05:68:a2:14:76:ac:94:a3:b0:e7:
6e:b1:aa:12:ed:87:54:85:19:38:db:ad:74:00:be:
fc:34:2f:61:86:dc:cf:5a:b0:4f:b6:b3:65:72:e2:
ea:3b:cb:aa:75:2f:b0:b6:28:0d:f2:3d:3e:4c:bb:
94:34:a4:96:ae:06:c9:ce:b1:33:e0:fa:4d:78:43:
ba:e3:ed:70:89:48:5d:42:65:f5:b8:44:57:02:83:
23:97:a3:92:0b:70:22:5b:3a:0b:f3:06:d7:af:5d:
4c:f5:b9:eb:d9:0f:f9:ac:3b:a9:88:39:b8:78:05:
2f:b9:d2:d3:42:bb:25:18:41:eb:57:86:a9:e7:21:
ec:ea:c9:3a:23:16:b7:4c:6a:c6:c0:f1:e8:62:ed:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FC:0E:51:BB:27:90:0A:E0:31:F7:E9:B9:AC:4A:8E:FA:10:53:7E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iPwOUbsnkArgMffpuaxKjvoQU34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.144.0/24
62.197.147.0/24
62.197.150.0/24
62.197.152.0/24
92.62.121.0/24
193.19.108.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
21:60:fc:22:5d:0f:56:d7:21:53:c1:bc:97:6d:67:d5:65:62:
40:c7:99:8e:35:98:f5:4d:be:20:e6:24:85:52:5b:f0:1b:c7:
d6:9c:34:37:8a:ed:bb:f9:1a:ed:90:fc:56:d0:fa:f0:67:d3:
4c:d8:b0:68:64:5c:e4:87:65:97:19:f8:db:ad:d0:ed:a7:0d:
26:fc:fa:a7:c2:e7:31:9b:67:a2:ac:5c:04:75:83:09:d6:db:
7d:03:bd:e0:31:ab:86:91:fd:f2:d5:fb:71:08:95:48:68:a4:
fa:b1:96:08:8e:7f:35:2a:29:fd:e6:90:b1:aa:55:25:df:b1:
0e:d3:3b:dc:66:a4:cc:7c:c1:6d:d2:25:fa:c7:8a:07:33:8d:
12:77:ea:7c:7a:92:57:45:96:11:d2:92:21:6e:c7:f0:8f:ad:
00:a7:54:ec:0c:79:0c:fa:64:85:96:46:22:83:90:00:83:98:
05:a5:60:f5:3b:33:90:a0:70:75:17:85:d2:e1:36:f3:e6:bc:
8c:48:34:ca:0d:4e:e7:0e:94:7a:28:ab:ba:8c:b8:b4:99:d0:
f8:6d:83:37:31:27:7e:74:10:9e:16:9b:a6:b8:6d:25:87:71:
b8:5e:cd:cb:73:f2:6d:b4:f2:02:c4:e9:84:93:f4:22:8e:f9:
19:ae:88:3d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZA1mFlI1vuP13vk2t+1icxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNjIwMTIyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZjMGU1MWJiMjc5MDBhZTAzMWY3ZTliOWFjNGE4ZWZhMTA1MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6NjmyQ8LSq7zL4NTsRxvIMn17Q2
swRBDdbQufzT0aXjenV6djpcjRRUjzDkLjHIqA/YtGmlWz7ntEJfXIcvX08cDA1y
BuSocqi3+wZJSa3zcGjsvFCUWp2tiNb42oE6IUxDqVjmeR+4rhR2MQVoohR2rJSj
sOdusaoS7YdUhRk42610AL78NC9hhtzPWrBPtrNlcuLqO8uqdS+wtigN8j0+TLuU
NKSWrgbJzrEz4PpNeEO64+1wiUhdQmX1uERXAoMjl6OSC3AiWzoL8wbXr11M9bnr
2Q/5rDupiDm4eAUvudLTQrslGEHrV4ap5yHs6sk6Ixa3TGrGwPHoYu1tNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIj8DlG7J5AK4DH36bmsSo76EFN+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaVB3T1Vic25rQXJnTWZmcHVheEtqdm9RVTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPsWQAwQA
PsWTAwQAPsWWAwQAPsWYAwQAXD55AwQAwRNsAwQA3J7HMA0GCSqGSIb3DQEBCwUA
A4IBAQAhYPwiXQ9W1yFTwbyXbWfVZWJAx5mONZj1Tb4g5iSFUlvwG8fWnDQ3iu27
+RrtkPxW0PrwZ9NM2LBoZFzkh2WXGfjbrdDtpw0m/Pqnwucxm2eirFwEdYMJ1tt9
A73gMauGkf3y1ftxCJVIaKT6sZYIjn81Kin95pCxqlUl37EO0zvcZqTMfMFt0iX6
x4oHM40Sd+p8epJXRZYR0pIhbsfwj60Ap1TsDHkM+mSFlkYig5AAg5gFpWD1OzOQ
oHB1F4XS4Tbz5ryMSDTKDU7nDpR6KKu6jLi0mdD4bYM3MSd+dBCeFpumuG0lh3G4
Xs3Lc/JttPICxOmEk/QijvkZrog9
-----END CERTIFICATE-----
Generated at Tue Jul 9 21:07:17 2024 by rpki-client on console-ams.rpki-client.org