Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/vG67KDUzSPe6fCSDBFYcaXS-y74.roa
File: vG67KDUzSPe6fCSDBFYcaXS-y74.roa (raw, json)
Hash identifier: zFszMBehrrBSPOCh4fIf6Hu1HqTHDhGNO0VbxpsZvdw=
Subject key identifier: BC:6E:BB:28:35:33:48:F7:BA:7C:24:83:04:56:1C:69:74:BE:CB:BE
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 0191E1DBDFD360D7A2CB3E7C631C19C0CBD4
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/vG67KDUzSPe6fCSDBFYcaXS-y74.roa
Signing time: Wed 11 Sep 2024 16:12:48 +0000
ROA not before: Wed 11 Sep 2024 16:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41171
IP address blocks: 62.106.83.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
185.253.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 17:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:db:df:d3:60:d7:a2:cb:3e:7c:63:1c:19:c0:cb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Sep 11 16:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc6ebb28353348f7ba7c248304561c6974becbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:e6:52:7c:e1:ce:6b:62:91:0d:71:71:41:
7c:06:0a:8b:af:72:eb:45:96:5d:dc:a4:a8:09:97:
22:05:d5:dc:70:5d:68:46:7e:9f:9e:62:b6:82:47:
70:04:72:86:92:8b:7f:c4:3b:1e:c1:0c:59:a7:f8:
c5:fe:f4:7f:4c:cb:96:b1:46:08:7b:97:d7:a3:d5:
7a:ee:df:71:13:ef:33:50:04:12:40:41:ee:b1:c4:
2d:31:59:1e:3c:a7:1f:9e:b7:cc:be:07:81:5a:cb:
19:96:34:84:fa:89:5f:25:3b:ac:71:3d:11:37:4a:
41:0b:e3:ec:8b:b5:a9:c7:4c:ba:9b:27:f7:88:89:
fc:fc:94:cc:fe:52:eb:bd:df:99:d8:c1:17:dd:0a:
c1:59:99:f1:9e:ae:23:46:78:ec:15:79:b5:41:84:
54:60:c2:4b:a4:b6:d4:9f:41:27:f2:e9:2f:3c:0b:
32:9a:a0:74:ca:78:04:d8:73:a8:ce:46:eb:ca:05:
8e:97:68:84:3b:dc:72:70:28:fc:c6:6f:03:8b:1b:
25:55:87:50:f7:88:80:1f:7c:16:3a:f7:b1:1d:fc:
49:28:c9:b8:b3:8b:bc:60:42:e3:b2:95:88:62:d2:
95:c0:d2:d3:dd:94:05:8c:dd:1e:3c:f9:03:aa:94:
70:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6E:BB:28:35:33:48:F7:BA:7C:24:83:04:56:1C:69:74:BE:CB:BE
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/vG67KDUzSPe6fCSDBFYcaXS-y74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.83.0/24
146.19.228.0/24
185.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a9:49:4e:53:59:2e:8d:0f:bd:e6:22:ba:01:98:14:47:b2:
6c:41:c5:ff:f2:e7:b6:c9:1e:01:9d:59:2d:55:9c:86:d3:52:
74:8e:35:3a:46:16:9c:38:6e:01:42:ba:98:9f:0c:2e:22:89:
3a:b5:74:cd:fb:28:51:68:aa:2b:24:51:9c:64:6e:9e:ee:cf:
cf:47:6b:66:23:95:ab:62:89:a3:5e:66:0b:44:08:a8:a9:db:
53:8e:c8:b5:b1:7d:09:fe:84:e7:6a:b9:fd:60:73:10:47:0c:
7b:dd:e7:e5:f3:72:cd:06:0b:05:00:74:82:26:39:26:a9:a0:
39:80:39:a6:17:23:5f:7e:4d:2f:31:47:7e:68:89:07:ca:b6:
8c:61:1b:1b:cc:09:80:92:64:28:79:35:d0:00:33:54:26:a2:
bf:b1:fd:82:29:60:89:a5:d1:be:be:4b:bf:dd:b5:ce:e3:47:
5b:00:d3:32:1d:a0:d6:4d:61:36:6d:3a:c7:c9:46:96:ea:5b:
3a:9e:e9:58:0d:0e:d1:e4:ee:5c:ae:44:b4:92:83:46:ba:79:
bd:c5:51:83:f3:d2:6c:70:5a:f9:5d:cb:0b:5d:f0:54:4a:3c:
0b:5f:bf:82:3d:aa:d7:f9:92:c5:cf:fd:a3:a3:86:ad:3f:cc:
36:56:6d:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHh29/TYNeiyz58YxwZwMvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwOTExMTYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzZlYmIyODM1MzM0OGY3YmE3YzI0ODMwNDU2MWM2OTc0YmVjYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvzmUnzhzmtikQ1xcUF8BgqLr3Lr
RZZd3KSoCZciBdXccF1oRn6fnmK2gkdwBHKGkot/xDsewQxZp/jF/vR/TMuWsUYI
e5fXo9V67t9xE+8zUAQSQEHuscQtMVkePKcfnrfMvgeBWssZljSE+olfJTuscT0R
N0pBC+Psi7Wpx0y6myf3iIn8/JTM/lLrvd+Z2MEX3QrBWZnxnq4jRnjsFXm1QYRU
YMJLpLbUn0En8ukvPAsymqB0yngE2HOozkbrygWOl2iEO9xycCj8xm8DixslVYdQ
94iAH3wWOvexHfxJKMm4s4u8YELjspWIYtKVwNLT3ZQFjN0ePPkDqpRw7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLxuuyg1M0j3unwkgwRWHGl0vsu+MB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvdkc2N0tEVXpTUGU2ZkNTREJGWWNhWFMteTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPmpTAwQA
khPkAwQAuf0DMA0GCSqGSIb3DQEBCwUAA4IBAQBdqUlOU1kujQ+95iK6AZgUR7Js
QcX/8ue2yR4BnVktVZyG01J0jjU6RhacOG4BQrqYnwwuIok6tXTN+yhRaKorJFGc
ZG6e7s/PR2tmI5WrYomjXmYLRAioqdtTjsi1sX0J/oTnarn9YHMQRwx73efl83LN
BgsFAHSCJjkmqaA5gDmmFyNffk0vMUd+aIkHyraMYRsbzAmAkmQoeTXQADNUJqK/
sf2CKWCJpdG+vku/3bXO40dbANMyHaDWTWE2bTrHyUaW6ls6nulYDQ7R5O5crkS0
koNGunm9xVGD89JscFr5XcsLXfBUSjwLX7+CParX+ZLFz/2jo4atP8w2Vm3r
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:49 2024 by rpki-client on console-ams.rpki-client.org