Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/6LJmxtB-BeDwPTBXrh4MnDsAoE8.roa
File: 6LJmxtB-BeDwPTBXrh4MnDsAoE8.roa (raw, json)
Hash identifier: KWLigluPmKw/XD1u32+J7umRNOL9BsaRwEU4kXRqms4=
Subject key identifier: E8:B2:66:C6:D0:7E:05:E0:F0:3D:30:57:AE:1E:0C:9C:3B:00:A0:4F
Certificate issuer: /CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Certificate serial: 01856EEFD22C76F494F9553B8F2AB1B0CCD1
Authority key identifier: DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/6LJmxtB-BeDwPTBXrh4MnDsAoE8.roa
Signing time: Sun 01 Jan 2023 20:04:48 +0000
ROA not before: Sun 01 Jan 2023 20:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 62.201.32.0/21 maxlen: 21
62.201.40.0/24 maxlen: 24
62.201.43.0/24 maxlen: 24
62.201.44.0/22 maxlen: 22
62.201.41.0/24 maxlen: 24
62.201.48.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:d2:2c:76:f4:94:f9:55:3b:8f:2a:b1:b0:cc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Validity
Not Before: Jan 1 20:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8b266c6d07e05e0f03d3057ae1e0c9c3b00a04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:55:e5:1b:2c:2f:a3:a7:f4:5c:66:23:13:7e:
8f:ee:34:1e:70:bf:68:66:28:54:59:c7:f0:29:a7:
e5:6e:c5:88:47:f3:86:76:f2:c5:df:1b:0e:c2:cc:
a9:5b:c6:bb:c5:45:05:99:d5:24:d1:ca:0c:c7:41:
82:3e:6e:1a:98:2d:8f:87:be:57:6c:3f:98:05:c5:
0a:11:11:0b:a3:2d:c1:5a:7e:c5:5d:8f:1a:82:d0:
f0:61:f7:27:f3:18:79:99:60:8e:12:9f:52:d8:76:
8f:02:92:52:5b:91:ee:e1:58:19:ed:2d:92:c2:1c:
a2:98:cc:e7:a1:ed:a5:52:98:45:80:29:15:ee:59:
77:ee:36:04:50:bf:d3:b9:a6:8a:7a:e2:df:81:ee:
1f:73:36:b0:89:3e:e9:76:a6:f1:8a:cc:80:ce:d2:
27:9e:d2:b1:3d:b0:7b:bd:fa:47:45:89:e3:8f:a1:
dc:c7:1d:19:10:85:92:7d:82:e9:b8:a1:84:47:96:
f9:5d:02:75:13:73:c9:53:59:b7:40:32:3f:b3:ad:
47:9e:b6:ca:43:af:10:64:07:bb:52:61:92:9a:76:
d8:f8:61:9d:b4:2c:c0:d7:8d:1a:d3:56:f9:62:ea:
66:1a:49:d1:43:5b:dd:f3:10:9e:e5:f5:68:95:a0:
d9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B2:66:C6:D0:7E:05:E0:F0:3D:30:57:AE:1E:0C:9C:3B:00:A0:4F
X509v3 Authority Key Identifier:
keyid:DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/6LJmxtB-BeDwPTBXrh4MnDsAoE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/35xk4XC38lXXyjADXWUyyJV-sWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.32.0-62.201.41.255
62.201.43.0-62.201.63.255
Signature Algorithm: sha256WithRSAEncryption
92:fd:87:26:2a:25:90:3a:25:f7:2a:55:29:19:2f:31:89:d2:
39:d4:11:1c:63:9c:83:13:5e:40:c2:b6:a2:a6:31:f7:ed:4b:
6a:54:7b:cc:e4:77:6c:6b:b1:a2:49:ee:b8:4b:3a:b1:67:4a:
b8:81:27:59:38:f8:04:a7:8b:c7:d4:68:d5:4c:9b:61:50:d2:
5e:11:45:51:34:9c:60:39:35:5e:a4:6d:c4:a7:21:9c:ed:8a:
e7:19:9b:ef:50:79:e7:67:ae:04:54:72:76:ee:14:8b:75:81:
ff:03:05:2d:d2:2c:c6:0f:96:dc:04:b7:52:43:ec:9b:92:f4:
3d:ad:d3:ce:94:9a:72:2d:62:8b:ff:b2:96:a2:59:5b:32:96:
ad:d6:53:6e:9d:35:3d:e5:d0:d6:e1:8b:94:06:ce:1d:f0:64:
e0:5d:76:37:18:1e:1f:c7:67:a2:e0:70:69:a3:eb:05:30:0a:
20:5c:53:f3:bc:9a:8b:11:71:28:95:fc:53:ce:4c:fd:09:e4:
3a:3b:25:b3:83:ab:4e:05:92:0a:b7:12:6c:95:92:35:2b:e0:
14:e7:0c:42:60:e5:f0:aa:54:c2:dc:03:20:4d:b7:e8:96:3a:
81:58:3b:86:af:c8:d8:7a:e4:a9:f6:0c:8a:be:6d:4a:a3:49:
d7:e9:d3:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVu79IsdvSU+VU7jyqxsMzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWM2NGUxNzBiN2YyNTVkN2NhMzAwMzVkNjUzMmM4OTU3
ZWIxNjkwHhcNMjMwMTAxMjAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGIyNjZjNmQwN2UwNWUwZjAzZDMwNTdhZTFlMGM5YzNiMDBhMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1XlGywvo6f0XGYjE36P7jQecL9o
ZihUWcfwKaflbsWIR/OGdvLF3xsOwsypW8a7xUUFmdUk0coMx0GCPm4amC2Ph75X
bD+YBcUKERELoy3BWn7FXY8agtDwYfcn8xh5mWCOEp9S2HaPApJSW5Hu4VgZ7S2S
whyimMznoe2lUphFgCkV7ll37jYEUL/TuaaKeuLfge4fczawiT7pdqbxisyAztIn
ntKxPbB7vfpHRYnjj6Hcxx0ZEIWSfYLpuKGER5b5XQJ1E3PJU1m3QDI/s61HnrbK
Q68QZAe7UmGSmnbY+GGdtCzA140a01b5YupmGknRQ1vd8xCe5fVolaDZswIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOiyZsbQfgXg8D0wV64eDJw7AKBPMB8GA1UdIwQY
MBaAFN+cZOFwt/JV18owA11lMsiVfrFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzV4azRYQzM4bFhYeWpBRFhXVXl5SlYtc1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYmQxMmYtMWQ2Ni00MTJmLTliZTIt
MjhjYjNiYmYwNWFlLzEvNkxKbXh0Qi1CZUR3UFRCWHJoNE1uRHNBb0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYmQxMmYtMWQ2Ni00MTJmLTliZTItMjhjYjNiYmYwNWFl
LzEvMzV4azRYQzM4bFhYeWpBRFhXVXl5SlYtc1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAU+ySAD
BAE+ySgwDAMEAD7JKwMEBj7JADANBgkqhkiG9w0BAQsFAAOCAQEAkv2HJiolkDol
9ypVKRkvMYnSOdQRHGOcgxNeQMK2oqYx9+1LalR7zOR3bGuxoknuuEs6sWdKuIEn
WTj4BKeLx9Ro1UybYVDSXhFFUTScYDk1XqRtxKchnO2K5xmb71B552euBFRydu4U
i3WB/wMFLdIsxg+W3AS3UkPsm5L0Pa3TzpSaci1ii/+ylqJZWzKWrdZTbp01PeXQ
1uGLlAbOHfBk4F12NxgeH8dnouBwaaPrBTAKIFxT87yaixFxKJX8U85M/QnkOjsl
s4OrTgWSCrcSbJWSNSvgFOcMQmDl8KpUwtwDIE236JY6gVg7hq/I2HrkqfYMir5t
SqNJ1+nTeA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:28 2024 by rpki-client on console-ams.rpki-client.org