Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/PR0o_7vvjmyba7FNQkJubA3P7l4.roa
File: PR0o_7vvjmyba7FNQkJubA3P7l4.roa (raw, json)
Hash identifier: rpqZGTx77VAbiu18nmlSe+5bXDpl8eoTswxEkmZVDSI=
Subject key identifier: 3D:1D:28:FF:BB:EF:8E:6C:9B:6B:B1:4D:42:42:6E:6C:0D:CF:EE:5E
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 01926B68531B2AA04DD255D786C7A03515B3
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/PR0o_7vvjmyba7FNQkJubA3P7l4.roa
Signing time: Tue 08 Oct 2024 09:14:11 +0000
ROA not before: Tue 08 Oct 2024 09:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 114.69.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 10:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:68:53:1b:2a:a0:4d:d2:55:d7:86:c7:a0:35:15:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Oct 8 09:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d1d28ffbbef8e6c9b6bb14d42426e6c0dcfee5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:57:8e:3a:96:1e:97:da:3e:6c:d8:88:a0:00:
e8:c1:d6:d3:fc:50:e1:c3:70:d5:d0:3e:ff:45:17:
c7:9d:e4:f6:44:5c:6f:5c:0f:14:f1:1a:fb:59:c3:
d8:83:c8:dc:72:c1:01:a7:e9:d8:11:bd:43:19:fc:
51:c3:26:79:69:7e:ad:eb:9c:45:e2:83:5b:40:e6:
3f:7c:7d:12:4c:e7:b3:e4:00:a3:65:8f:bd:37:c7:
a8:67:ce:2e:50:5a:38:7a:79:9d:51:6f:ab:e4:1b:
0a:96:e9:c7:50:2e:8e:40:cd:2a:23:0d:05:c5:52:
ad:09:7a:c3:13:ae:80:a0:46:56:fd:1c:58:a0:e3:
24:58:99:5e:22:af:f0:2e:ca:2f:0c:df:e1:dc:42:
2a:9e:32:20:db:ca:7d:a5:0d:90:61:2c:88:4a:00:
13:33:9e:ea:6b:9a:c1:74:df:76:07:40:e6:17:2a:
a1:24:95:e9:e5:ae:ec:3a:7f:03:6a:f3:2a:0b:be:
cc:4e:1d:7b:ed:f2:cd:26:12:ea:a2:bc:56:52:90:
91:39:c6:73:80:df:dd:cd:54:68:9e:80:8f:17:58:
6f:25:23:93:07:d0:28:a5:7e:41:0e:b8:41:9b:05:
16:87:0f:ed:4b:ac:eb:36:b0:ad:83:10:da:f6:84:
cc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1D:28:FF:BB:EF:8E:6C:9B:6B:B1:4D:42:42:6E:6C:0D:CF:EE:5E
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/PR0o_7vvjmyba7FNQkJubA3P7l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.69.245.0/24
Signature Algorithm: sha256WithRSAEncryption
62:51:9c:d2:4a:5e:d3:c9:cd:80:1a:60:77:ee:8d:8c:a8:f6:
0e:68:34:07:ce:15:ee:fd:cf:cf:b2:a2:1e:c8:36:4b:d0:48:
2a:97:b0:e6:18:bc:f4:6e:6c:85:64:7a:e7:24:dc:4a:00:94:
db:10:bc:0c:9f:95:8f:b0:18:55:4b:45:5c:c5:67:14:cc:8b:
a1:8b:79:ee:6a:d1:b6:d2:4c:7c:e3:da:98:c9:b1:29:f8:6a:
0d:0d:5b:af:24:12:61:b6:e4:f5:f1:a2:d6:6b:b0:47:d2:2a:
25:a7:58:ed:a3:ea:ca:c8:6e:9d:46:0d:04:46:a9:a3:25:c9:
2f:11:83:0d:96:4a:39:78:5e:a4:17:e1:8a:24:5b:42:03:09:
e8:9d:82:e8:77:46:0c:3e:e9:39:51:7c:a6:69:52:3b:2c:4e:
a3:6a:b2:5b:9c:7c:ed:75:8e:54:33:09:e8:fd:69:6f:fe:c2:
22:1a:de:0f:47:7c:49:43:ab:fd:52:9b:2b:7f:9c:cd:5f:61:
57:fa:78:ac:fb:d0:b2:8e:e5:ba:dd:2d:cb:9e:83:1a:9a:4d:
1a:1a:e4:31:2a:a3:50:74:3a:ba:e6:47:42:2c:16:e6:c2:02:
95:5a:a7:fb:67:9b:3b:47:7d:6a:87:18:e5:76:a9:3f:db:3d:
94:27:b5:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJraFMbKqBN0lXXhsegNRWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjQxMDA4MDkxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFkMjhmZmJiZWY4ZTZjOWI2YmIxNGQ0MjQyNmU2YzBkY2ZlZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVeOOpYel9o+bNiIoADowdbT/FDh
w3DV0D7/RRfHneT2RFxvXA8U8Rr7WcPYg8jccsEBp+nYEb1DGfxRwyZ5aX6t65xF
4oNbQOY/fH0STOez5ACjZY+9N8eoZ84uUFo4enmdUW+r5BsKlunHUC6OQM0qIw0F
xVKtCXrDE66AoEZW/RxYoOMkWJleIq/wLsovDN/h3EIqnjIg28p9pQ2QYSyISgAT
M57qa5rBdN92B0DmFyqhJJXp5a7sOn8DavMqC77MTh177fLNJhLqorxWUpCROcZz
gN/dzVRonoCPF1hvJSOTB9AopX5BDrhBmwUWhw/tS6zrNrCtgxDa9oTMlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0dKP+7745sm2uxTUJCbmwNz+5eMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvUFIwb183dnZqbXliYTdGTlFrSnViQTNQN2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAckX1MA0G
CSqGSIb3DQEBCwUAA4IBAQBiUZzSSl7Tyc2AGmB37o2MqPYOaDQHzhXu/c/PsqIe
yDZL0Egql7DmGLz0bmyFZHrnJNxKAJTbELwMn5WPsBhVS0VcxWcUzIuhi3nuatG2
0kx849qYybEp+GoNDVuvJBJhtuT18aLWa7BH0iolp1jto+rKyG6dRg0ERqmjJckv
EYMNlko5eF6kF+GKJFtCAwnonYLod0YMPuk5UXymaVI7LE6jarJbnHztdY5UMwno
/Wlv/sIiGt4PR3xJQ6v9Upsrf5zNX2FX+nis+9CyjuW63S3LnoMamk0aGuQxKqNQ
dDq65kdCLBbmwgKVWqf7Z5s7R31qhxjldqk/2z2UJ7UL
-----END CERTIFICATE-----
Generated at Wed Oct 9 13:27:02 2024 by rpki-client on console-fra.rpki-client.org