Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/o4CBm7Z8T5narPIkfi43fkyfxSM.roa
File: o4CBm7Z8T5narPIkfi43fkyfxSM.roa (raw, json)
Hash identifier: B6VyI/vC7McL0hYh94IklpKAqs9mukMsI3L/8MPmzrI=
Subject key identifier: A3:80:81:9B:B6:7C:4F:99:DA:AC:F2:24:7E:2E:37:7E:4C:9F:C5:23
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 018E39663BA7C61B260A7FBD2E9C8EEDDCCB
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/o4CBm7Z8T5narPIkfi43fkyfxSM.roa
Signing time: Wed 13 Mar 2024 19:59:45 +0000
ROA not before: Wed 13 Mar 2024 19:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8070
IP address blocks: 62.10.0.0/15 maxlen: 15
194.41.16.0/24 maxlen: 24
194.41.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 23:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:66:3b:a7:c6:1b:26:0a:7f:bd:2e:9c:8e:ed:dc:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Mar 13 19:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a380819bb67c4f99daacf2247e2e377e4c9fc523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:b6:a4:06:83:ab:b8:42:e2:eb:b4:1a:f5:
a2:a6:ae:fe:43:72:b8:66:af:39:20:d3:55:de:cb:
5f:9c:7c:57:c9:59:91:80:ba:c9:e6:a5:b4:fb:fe:
36:c6:d2:8e:9b:dc:6f:23:5b:4f:e8:b1:51:30:20:
90:cb:a2:e2:34:cf:b6:6c:7c:c2:f3:fe:f1:da:b3:
67:af:6d:a5:51:79:17:60:51:09:32:a6:5b:91:40:
49:8e:b7:f5:65:6c:04:23:30:e7:c5:67:54:79:cb:
d7:9c:64:ba:b5:69:9b:07:b6:fc:87:d3:a9:7e:22:
7b:61:5f:cf:4f:6d:14:6e:c9:9b:b0:ef:09:d9:3e:
e9:dd:15:6e:6a:15:1c:2c:4a:cb:71:2f:37:a0:84:
d0:5d:e9:8e:fe:c9:fc:21:7c:f9:6c:5d:b8:1c:00:
a5:24:d7:92:59:cd:8e:6d:b5:15:0d:a5:4a:1d:4f:
32:5c:6b:b8:54:0b:9e:fa:3e:c5:d6:f1:b7:68:aa:
63:43:29:d9:a4:27:cc:5e:ce:95:7c:93:9e:b3:ad:
72:da:c0:1c:13:1d:2e:24:41:0f:14:6a:d2:73:0a:
ed:d2:1b:76:d2:06:68:7e:b0:87:70:89:d5:33:94:
c9:8f:28:45:a4:cd:c9:57:e2:9c:71:52:c6:b9:99:
90:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:80:81:9B:B6:7C:4F:99:DA:AC:F2:24:7E:2E:37:7E:4C:9F:C5:23
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/o4CBm7Z8T5narPIkfi43fkyfxSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.10.0.0/15
194.41.16.0/23
Signature Algorithm: sha256WithRSAEncryption
80:05:fc:8f:a5:c3:9a:0b:e6:92:ee:b6:de:93:5d:fa:1e:b4:
33:33:da:2b:74:7b:a2:5d:26:09:88:d2:39:94:af:94:a9:c7:
50:dd:88:31:bc:83:24:07:6a:c9:61:e5:43:77:62:29:7e:5d:
42:04:17:17:48:d6:5a:21:4d:ef:06:0a:da:73:0d:3f:40:11:
1b:32:a7:0e:f8:2b:6a:ef:6f:54:34:7d:11:52:a2:0f:e4:a1:
a4:40:b8:53:dd:82:0f:e5:6b:c7:f5:22:90:4b:fc:c2:0b:18:
23:83:b2:bc:69:1d:7f:1b:ea:92:79:77:7c:d1:39:92:37:46:
09:29:f0:e6:96:76:7c:88:2b:c0:d6:e6:1f:8a:41:fb:4a:15:
23:dd:7f:22:26:bc:7c:fd:48:07:29:9f:bc:12:8d:72:de:8f:
8e:78:1e:45:cb:ad:46:a3:0b:10:0d:4e:28:b7:d2:a0:99:c9:
78:33:63:29:90:6c:1f:52:62:9d:d7:e7:bc:00:1d:9d:f9:88:
23:85:c4:0f:0f:96:c2:57:d5:87:28:a7:cd:19:2b:ee:44:e8:
24:dd:5e:54:b2:0e:c8:f6:4b:30:fd:4c:30:6a:1f:61:3e:2b:
ff:88:e5:11:99:60:50:f8:5a:12:9b:7a:09:b1:59:88:29:73:
e4:08:f8:0b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAY45ZjunxhsmCn+9LpyO7dzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjQwMzEzMTk1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgwODE5YmI2N2M0Zjk5ZGFhY2YyMjQ3ZTJlMzc3ZTRjOWZjNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/+2pAaDq7hC4uu0GvWipq7+Q3K4
Zq85INNV3stfnHxXyVmRgLrJ5qW0+/42xtKOm9xvI1tP6LFRMCCQy6LiNM+2bHzC
8/7x2rNnr22lUXkXYFEJMqZbkUBJjrf1ZWwEIzDnxWdUecvXnGS6tWmbB7b8h9Op
fiJ7YV/PT20UbsmbsO8J2T7p3RVuahUcLErLcS83oITQXemO/sn8IXz5bF24HACl
JNeSWc2ObbUVDaVKHU8yXGu4VAue+j7F1vG3aKpjQynZpCfMXs6VfJOes61y2sAc
Ex0uJEEPFGrScwrt0ht20gZofrCHcInVM5TJjyhFpM3JV+KccVLGuZmQqwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKOAgZu2fE+Z2qzyJH4uN35Mn8UjMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvbzRDQm03WjhUNW5hclBJa2ZpNDNma3lmeFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBPgoDBAHC
KRAwDQYJKoZIhvcNAQELBQADggEBAIAF/I+lw5oL5pLutt6TXfoetDMz2it0e6Jd
JgmI0jmUr5Spx1DdiDG8gyQHaslh5UN3Yil+XUIEFxdI1lohTe8GCtpzDT9AERsy
pw74K2rvb1Q0fRFSog/koaRAuFPdgg/la8f1IpBL/MILGCODsrxpHX8b6pJ5d3zR
OZI3Rgkp8OaWdnyIK8DW5h+KQftKFSPdfyImvHz9SAcpn7wSjXLej454HkXLrUaj
CxANTii30qCZyXgzYymQbB9SYp3X57wAHZ35iCOFxA8PlsJX1Ycop80ZK+5E6CTd
XlSyDsj2SzD9TDBqH2E+K/+I5RGZYFD4WhKbegmxWYgpc+QI+As=
-----END CERTIFICATE-----
Generated at Thu Oct 3 02:21:56 2024 by rpki-client on console-fra.rpki-client.org