Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/qG2jGHWzDuJCic5dgOmx1RtMRog.roa
File: qG2jGHWzDuJCic5dgOmx1RtMRog.roa (raw, json)
Hash identifier: YmNQV0874911zaF4XK43s8Beuq5Y/0Ph2c98JikeoW8=
Subject key identifier: A8:6D:A3:18:75:B3:0E:E2:42:89:CE:5D:80:E9:B1:D5:1B:4C:46:88
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 018CD59210D12057CFD89CE1FC0B695C0C80
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/qG2jGHWzDuJCic5dgOmx1RtMRog.roa
Signing time: Thu 04 Jan 2024 17:42:48 +0000
ROA not before: Thu 04 Jan 2024 17:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41171
IP address blocks: 62.106.83.0/24 maxlen: 24
194.26.218.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
146.19.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 15:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:92:10:d1:20:57:cf:d8:9c:e1:fc:0b:69:5c:0c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Jan 4 17:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a86da31875b30ee24289ce5d80e9b1d51b4c4688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f5:cf:d9:f8:4f:f8:00:3c:b8:54:df:f9:25:
15:fd:b6:6a:05:88:dd:b2:a6:6c:cb:81:c7:9a:7f:
b9:4a:bf:a2:bd:e9:a5:f9:47:d9:16:cd:dd:0d:0d:
ec:b6:13:11:ba:69:c2:0e:5c:30:e6:14:75:0e:29:
21:b8:ff:15:45:51:e5:00:9b:d1:ff:2e:dc:98:b5:
73:4e:35:a2:e9:8d:3a:3a:86:dd:31:ad:ec:a8:9c:
b9:aa:82:f0:4d:a0:02:89:c2:75:23:56:dc:db:15:
ca:ba:62:7b:c2:9c:32:5d:f4:df:60:64:df:d0:9b:
16:53:8f:51:ac:20:ed:87:b2:72:be:d5:00:2d:ca:
ab:f3:68:c3:01:95:5a:da:c2:1e:83:9e:da:a0:7c:
59:f3:a4:32:e7:dc:d3:75:56:95:52:d3:ca:f0:c0:
7a:90:0b:c3:55:99:94:11:cb:69:57:63:e6:26:dc:
5d:15:b6:a3:33:c0:97:41:59:78:32:c6:cc:1f:7b:
db:85:bc:95:1e:c5:50:43:d5:cb:11:c2:ef:3a:08:
ba:e1:eb:df:6f:cf:d5:4b:ee:97:01:3f:8a:0f:b1:
61:0e:91:18:73:47:16:2b:d8:04:4e:15:c2:00:79:
56:2b:fc:b6:8a:76:d7:f6:05:ed:27:1a:4b:75:e6:
2d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6D:A3:18:75:B3:0E:E2:42:89:CE:5D:80:E9:B1:D5:1B:4C:46:88
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/qG2jGHWzDuJCic5dgOmx1RtMRog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.83.0/24
146.19.142.0/24
146.19.228.0/24
194.26.218.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:9e:c5:7f:1d:80:6b:a8:3f:ee:b0:f0:fd:96:a0:a7:32:bc:
f0:4b:2e:c2:ee:61:a1:f5:ca:cd:1c:b7:5d:87:7c:d2:21:73:
e3:ae:7b:5f:4a:70:4f:ab:2c:85:7e:d6:34:13:2f:d7:b1:54:
84:c1:4d:80:18:3c:db:10:35:46:31:c3:e1:32:9c:5e:d8:09:
7a:c8:0c:cb:61:53:cb:76:0a:05:d3:03:0c:0e:aa:e7:cf:de:
0d:06:1b:53:4a:86:73:72:62:c0:95:3c:d9:32:d1:87:00:20:
da:50:79:1a:63:35:ca:2f:0c:22:3f:c7:08:07:a5:62:9b:e8:
5f:25:d0:a7:df:a4:68:11:61:74:40:47:64:9c:a3:4b:3b:ca:
b1:59:29:ba:6b:5f:03:2d:dd:7c:40:9c:f1:9d:1a:4b:22:63:
37:b5:6a:55:f5:19:cb:ee:65:5c:fe:b8:d1:22:7a:f7:df:8c:
2a:01:4c:52:98:d1:31:28:c5:2b:49:69:10:8f:3a:e2:81:af:
aa:3e:d4:ea:6c:36:ec:9b:44:06:23:9c:5f:1d:82:fe:7b:cb:
2c:92:13:b3:7a:24:c3:ed:7d:93:0c:9f:41:11:aa:2c:d0:ab:
54:32:e4:21:f5:ec:54:9c:72:6f:3d:03:31:06:2c:c7:80:69:
eb:4f:f8:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzVkhDRIFfP2Jzh/AtpXAyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwMTA0MTc0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZkYTMxODc1YjMwZWUyNDI4OWNlNWQ4MGU5YjFkNTFiNGM0Njg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvXP2fhP+AA8uFTf+SUV/bZqBYjd
sqZsy4HHmn+5Sr+iveml+UfZFs3dDQ3sthMRumnCDlww5hR1DikhuP8VRVHlAJvR
/y7cmLVzTjWi6Y06OobdMa3sqJy5qoLwTaACicJ1I1bc2xXKumJ7wpwyXfTfYGTf
0JsWU49RrCDth7JyvtUALcqr82jDAZVa2sIeg57aoHxZ86Qy59zTdVaVUtPK8MB6
kAvDVZmUEctpV2PmJtxdFbajM8CXQVl4MsbMH3vbhbyVHsVQQ9XLEcLvOgi64evf
b8/VS+6XAT+KD7FhDpEYc0cWK9gEThXCAHlWK/y2inbX9gXtJxpLdeYtnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKhtoxh1sw7iQonOXYDpsdUbTEaIMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvcUcyakdIV3pEdUpDaWM1ZGdPbXgxUnRNUm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPmpTAwQA
khOOAwQAkhPkAwQAwhraMA0GCSqGSIb3DQEBCwUAA4IBAQB7nsV/HYBrqD/usPD9
lqCnMrzwSy7C7mGh9crNHLddh3zSIXPjrntfSnBPqyyFftY0Ey/XsVSEwU2AGDzb
EDVGMcPhMpxe2Al6yAzLYVPLdgoF0wMMDqrnz94NBhtTSoZzcmLAlTzZMtGHACDa
UHkaYzXKLwwiP8cIB6Vim+hfJdCn36RoEWF0QEdknKNLO8qxWSm6a18DLd18QJzx
nRpLImM3tWpV9RnL7mVc/rjRInr334wqAUxSmNExKMUrSWkQjzriga+qPtTqbDbs
m0QGI5xfHYL+e8sskhOzeiTD7X2TDJ9BEaos0KtUMuQh9exUnHJvPQMxBizHgGnr
T/jK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:19 2024 by rpki-client on console-fra.rpki-client.org