Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/VXtSm1UPkR33ukKqRM2Hsaqu2PQ.roa
File: VXtSm1UPkR33ukKqRM2Hsaqu2PQ.roa (raw, json)
Hash identifier: OUOMsbp9dxy0VmJm3ldmsqcrTOnHN11gpI9wl1lCU2U=
Subject key identifier: 55:7B:52:9B:55:0F:91:1D:F7:BA:42:AA:44:CD:87:B1:AA:AE:D8:F4
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 018CC7958F0D4DAB7D0285B4BA3C8749DA5B
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/VXtSm1UPkR33ukKqRM2Hsaqu2PQ.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8070
IP address blocks: 194.41.16.0/24 maxlen: 24
194.41.17.0/24 maxlen: 24
62.10.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Wed 13 Mar 2024 19:05:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8f:0d:4d:ab:7d:02:85:b4:ba:3c:87:49:da:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=557b529b550f911df7ba42aa44cd87b1aaaed8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:87:78:b2:a8:e8:86:e4:fb:95:22:8e:68:bf:
09:83:40:70:fe:f1:31:b6:00:7e:08:4d:36:ba:e5:
9b:b4:32:58:4d:c4:d7:c5:70:5d:c9:45:dd:f4:9f:
e8:bb:3b:17:4e:1e:a7:60:27:8c:f2:26:4c:05:59:
45:51:75:28:49:f1:03:1b:26:91:05:cc:31:2a:7c:
82:cb:37:0a:d7:3d:24:aa:bd:74:11:fd:a4:29:ed:
82:f9:1a:e9:eb:25:a8:68:5c:69:b5:e9:6b:5c:7b:
37:d4:f7:9e:9a:ec:13:74:77:50:ef:32:c3:fa:90:
ca:e7:12:56:d2:0d:6c:8a:8d:36:6d:7a:0d:0d:8d:
99:8c:75:9a:79:19:62:ef:82:dc:03:75:c1:e7:2c:
0d:f3:41:fe:ea:6b:b6:09:6d:39:ff:d2:64:96:34:
5d:57:29:f4:58:6c:26:78:35:35:a3:cb:ce:53:bd:
73:8a:d1:ef:0e:81:a3:39:70:5e:0f:3b:ac:28:80:
9e:42:0a:b7:68:5d:62:02:f7:59:a6:bd:b6:70:89:
60:b6:3a:b9:39:0e:80:32:06:95:fe:3d:26:87:18:
78:42:40:c8:9b:a6:dc:fe:45:57:6f:8b:fb:71:98:
c4:ec:ab:0b:14:96:6d:9c:29:51:7e:c7:65:2f:91:
4d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7B:52:9B:55:0F:91:1D:F7:BA:42:AA:44:CD:87:B1:AA:AE:D8:F4
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/VXtSm1UPkR33ukKqRM2Hsaqu2PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.10.0.0/15
194.41.16.0/23
Signature Algorithm: sha256WithRSAEncryption
36:2f:62:59:23:2a:74:47:e2:42:de:e7:07:34:18:84:f3:ae:
67:b6:11:09:15:b6:f6:02:14:39:d1:e6:41:f1:5c:ff:33:37:
30:59:7a:a6:ba:a7:d1:82:4d:28:f9:8d:0d:40:44:99:dd:1b:
79:8f:f3:40:aa:00:f1:98:5b:90:0b:e0:cb:a8:91:9b:42:56:
79:12:21:6d:d3:80:b4:35:7a:3b:f7:17:e2:ab:a7:ae:77:6d:
01:39:38:71:8c:1b:f1:1a:fa:f6:3b:61:1c:ee:c1:34:96:e9:
ea:f9:10:4c:de:f3:ae:50:fe:2a:80:22:de:fc:22:e3:dc:5b:
b2:d4:3f:73:0d:8e:b4:cb:94:e8:ae:d8:9f:35:6b:00:ba:e7:
56:ec:72:08:62:03:ec:cd:be:b2:48:4a:9e:7b:d4:8e:bd:59:
75:f9:7c:18:e1:24:ec:88:f6:1b:42:a6:69:13:ca:56:96:1d:
9b:c1:9b:66:7c:65:a1:6d:f3:57:19:20:b1:2e:6e:0c:0e:08:
46:8b:e7:f3:70:6c:40:f9:41:80:10:7a:e1:97:50:f5:c8:22:
3d:df:21:0b:1a:29:ff:53:20:36:49:30:72:44:ff:bd:4b:07:
cd:5d:ef:6a:86:d7:6e:a5:78:5a:20:a4:15:c6:43:68:10:8d:
4d:10:44:07
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzHlY8NTat9AoW0ujyHSdpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdiNTI5YjU1MGY5MTFkZjdiYTQyYWE0NGNkODdiMWFhYWVkOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Yd4sqjohuT7lSKOaL8Jg0Bw/vEx
tgB+CE02uuWbtDJYTcTXxXBdyUXd9J/ouzsXTh6nYCeM8iZMBVlFUXUoSfEDGyaR
BcwxKnyCyzcK1z0kqr10Ef2kKe2C+Rrp6yWoaFxptelrXHs31PeemuwTdHdQ7zLD
+pDK5xJW0g1sio02bXoNDY2ZjHWaeRli74LcA3XB5ywN80H+6mu2CW05/9JkljRd
Vyn0WGwmeDU1o8vOU71zitHvDoGjOXBeDzusKICeQgq3aF1iAvdZpr22cIlgtjq5
OQ6AMgaV/j0mhxh4QkDIm6bc/kVXb4v7cZjE7KsLFJZtnClRfsdlL5FNxQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFFV7UptVD5Ed97pCqkTNh7Gqrtj0MB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvVlh0U20xVVBrUjMzdWtLcVJNMkhzYXF1MlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBPgoDBAHC
KRAwDQYJKoZIhvcNAQELBQADggEBADYvYlkjKnRH4kLe5wc0GITzrme2EQkVtvYC
FDnR5kHxXP8zNzBZeqa6p9GCTSj5jQ1ARJndG3mP80CqAPGYW5AL4MuokZtCVnkS
IW3TgLQ1ejv3F+Krp653bQE5OHGMG/Ea+vY7YRzuwTSW6er5EEze865Q/iqAIt78
IuPcW7LUP3MNjrTLlOiu2J81awC651bscghiA+zNvrJISp571I69WXX5fBjhJOyI
9htCpmkTylaWHZvBm2Z8ZaFt81cZILEubgwOCEaL5/NwbED5QYAQeuGXUPXIIj3f
IQsaKf9TIDZJMHJE/71LB81d72qG126leFogpBXGQ2gQjU0QRAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org