Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/AiEaqMxSHvmXKkhoRcX3jlESkj0.roa
File: AiEaqMxSHvmXKkhoRcX3jlESkj0.roa (raw, json)
Hash identifier: ql6HhTaqWLEP6csqlTSvXnnIj6gy9eEIL+YUEMNetB0=
Subject key identifier: 02:21:1A:A8:CC:52:1E:F9:97:2A:48:68:45:C5:F7:8E:51:12:92:3D
Certificate issuer: /CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
Certificate serial: 0189E4D0884E1443E509652F38887BBF6459
Authority key identifier: 3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/AiEaqMxSHvmXKkhoRcX3jlESkj0.roa
Signing time: Fri 11 Aug 2023 13:36:58 +0000
ROA not before: Fri 11 Aug 2023 13:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206469
IP address blocks: 62.106.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:d0:88:4e:14:43:e5:09:65:2f:38:88:7b:bf:64:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
Validity
Not Before: Aug 11 13:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02211aa8cc521ef9972a486845c5f78e5112923d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:69:04:01:c2:c2:55:15:12:92:da:e8:12:cf:
74:30:3b:d4:9c:b2:5a:a8:96:e9:2b:fa:6c:d8:3d:
45:b6:08:17:7a:ea:40:b6:c4:bf:da:ac:39:d1:7a:
63:00:61:1d:d5:f2:b8:7a:ec:02:8f:14:67:21:b6:
31:33:21:f0:14:1c:a0:e3:55:c8:e3:fe:eb:69:dc:
97:19:3d:8c:6b:aa:ed:02:81:e2:d7:fc:f1:9b:60:
e7:2a:ee:14:7f:01:59:18:d7:3e:ab:98:22:b1:43:
42:7c:50:be:b3:ef:3a:60:03:f5:50:37:6f:9c:77:
fa:58:f7:6d:b6:18:e3:31:de:b9:8a:a4:93:19:8e:
26:6e:6c:14:95:18:db:36:e1:65:47:a4:8d:2c:9a:
94:0f:5e:5c:7a:48:62:f0:87:3a:ed:ef:87:93:dc:
92:ce:10:d8:5b:eb:d6:72:eb:e7:f8:d7:58:5b:d7:
00:f6:41:13:fc:db:30:31:15:56:1c:54:ea:61:8f:
c9:2e:50:9e:69:c4:1b:ee:b8:15:64:82:7b:20:5e:
48:ac:ae:48:21:ac:39:16:cd:ca:cd:dc:35:5f:b2:
d6:5f:56:b0:ef:74:0e:c2:30:6f:5e:d7:39:00:12:
68:ca:b8:85:1f:b3:81:79:24:d3:de:4e:ab:fe:e6:
03:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:21:1A:A8:CC:52:1E:F9:97:2A:48:68:45:C5:F7:8E:51:12:92:3D
X509v3 Authority Key Identifier:
keyid:3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/AiEaqMxSHvmXKkhoRcX3jlESkj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/O1T6YLMnoIA9yF6XCpt2pFFM614.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
48:07:90:2e:de:df:61:49:44:38:b4:d5:73:c5:6b:18:1c:8a:
a5:52:05:39:b5:ab:dd:a6:f5:e7:22:30:c2:47:d7:d9:25:05:
2e:a1:9c:ba:bc:0b:e0:61:a7:a3:a4:ab:d3:9d:56:60:9e:66:
3c:4d:33:9a:fe:a9:3d:64:20:59:8d:ab:85:e8:62:05:0a:fa:
a0:c4:d7:be:84:71:83:58:e6:01:40:ef:24:cc:fe:6d:c4:ce:
27:3b:d5:03:74:8d:85:ff:f6:41:64:5c:98:8e:a9:38:32:12:
0a:4b:0b:5f:66:1a:a6:fb:b0:a5:d8:a3:66:39:a4:0a:e1:40:
04:da:5e:e3:e8:34:93:0e:9c:2b:e5:ba:f8:58:6a:ef:c6:ae:
70:4b:b8:7a:24:67:8a:7b:39:d3:8d:7f:e8:32:1b:5e:09:ed:
3f:eb:8e:ab:35:b1:35:3e:e4:c2:3d:c8:71:67:31:ce:ff:96:
c9:8f:db:e2:69:97:f8:75:29:34:0c:98:bf:18:82:4c:b4:a9:
53:2a:86:b0:f8:a6:d6:24:3a:e9:df:40:49:55:c7:af:52:7c:
7c:04:4b:02:3b:e3:f1:1b:cb:35:1f:04:2f:28:3f:72:99:0d:
86:19:c7:d6:b2:a1:85:f8:dc:a3:2c:f4:68:a7:be:5b:c4:9b:
2a:1d:87:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnk0IhOFEPlCWUvOIh7v2RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTRmYTYwYjMyN2EwODAzZGM4NWU5NzBhOWI3NmE0NTE0
Y2ViNWUwHhcNMjMwODExMTMzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjIxMWFhOGNjNTIxZWY5OTcyYTQ4Njg0NWM1Zjc4ZTUxMTI5MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWkEAcLCVRUSktroEs90MDvUnLJa
qJbpK/ps2D1FtggXeupAtsS/2qw50XpjAGEd1fK4euwCjxRnIbYxMyHwFByg41XI
4/7radyXGT2Ma6rtAoHi1/zxm2DnKu4UfwFZGNc+q5gisUNCfFC+s+86YAP1UDdv
nHf6WPdtthjjMd65iqSTGY4mbmwUlRjbNuFlR6SNLJqUD15cekhi8Ic67e+Hk9yS
zhDYW+vWcuvn+NdYW9cA9kET/NswMRVWHFTqYY/JLlCeacQb7rgVZIJ7IF5IrK5I
Iaw5Fs3Kzdw1X7LWX1aw73QOwjBvXtc5ABJoyriFH7OBeSTT3k6r/uYDRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIhGqjMUh75lypIaEXF945REpI9MB8GA1UdIwQY
MBaAFDtU+mCzJ6CAPchelwqbdqRRTOteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTct
NDQyNzZmNjA0MjMzLzEvQWlFYXFNeFNIdm1YS2tob1JjWDNqbEVTa2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTctNDQyNzZmNjA0MjMz
LzEvTzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmpHMA0G
CSqGSIb3DQEBCwUAA4IBAQBIB5Au3t9hSUQ4tNVzxWsYHIqlUgU5tavdpvXnIjDC
R9fZJQUuoZy6vAvgYaejpKvTnVZgnmY8TTOa/qk9ZCBZjauF6GIFCvqgxNe+hHGD
WOYBQO8kzP5txM4nO9UDdI2F//ZBZFyYjqk4MhIKSwtfZhqm+7Cl2KNmOaQK4UAE
2l7j6DSTDpwr5br4WGrvxq5wS7h6JGeKeznTjX/oMhteCe0/646rNbE1PuTCPchx
ZzHO/5bJj9viaZf4dSk0DJi/GIJMtKlTKoaw+KbWJDrp30BJVcevUnx8BEsCO+Px
G8s1HwQvKD9ymQ2GGcfWsqGF+NyjLPRop75bxJsqHYcu
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:30 2024 by rpki-client on console-fra.rpki-client.org