Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/S8FvtXd9ZK00UnzmcZ4m16J-QjM.roa
File: S8FvtXd9ZK00UnzmcZ4m16J-QjM.roa (raw, json)
Hash identifier: Y2K/S8CO3A2YbFEFXp+OrzZ7lK38DBlJFWUZ44jN3ak=
Subject key identifier: 4B:C1:6F:B5:77:7D:64:AD:34:52:7C:E6:71:9E:26:D7:A2:7E:42:33
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082AB797FC87C788B67AB35CBA17CFC
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/S8FvtXd9ZK00UnzmcZ4m16J-QjM.roa
Signing time: Mon 02 Jan 2023 03:24:49 +0000
ROA not before: Mon 02 Jan 2023 03:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 62.43.252.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:ab:79:7f:c8:7c:78:8b:67:ab:35:cb:a1:7c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bc16fb5777d64ad34527ce6719e26d7a27e4233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:20:b0:52:a1:20:67:f1:3c:e4:c9:57:2d:
20:1b:9e:7b:3f:08:26:38:b2:74:45:32:f2:c8:05:
51:2c:33:14:8d:d9:7b:9c:f9:9b:0f:9b:cc:a7:11:
54:d5:cf:26:eb:be:b2:84:1b:8b:70:d9:35:dc:0b:
f7:be:f7:d0:2e:7e:ec:eb:3f:fb:46:65:26:ed:a5:
8c:be:ed:a1:7a:d7:ab:12:71:f6:18:ff:b8:8f:75:
84:9d:11:b6:95:70:4b:1b:9e:3a:76:0d:80:3b:00:
63:3d:d9:40:b1:99:31:ed:60:20:f2:9f:41:78:02:
5f:f7:1e:5d:4e:76:8d:be:98:fa:d5:b6:78:84:b4:
b8:92:ce:28:a9:a8:c4:05:8b:48:d3:ea:e3:22:83:
f6:3c:58:c1:05:c3:fb:e2:aa:ef:86:b5:b1:dc:93:
44:44:45:b3:1a:0e:61:76:50:f9:b2:c3:e1:dc:d8:
1b:05:c7:e5:65:8e:22:35:5c:80:94:f6:3b:10:09:
39:b9:59:6f:da:a2:ed:e9:21:21:50:ca:59:75:34:
d9:07:51:4c:b9:d6:f7:52:e4:d6:cd:56:2b:45:24:
04:93:31:03:8c:db:63:0f:c4:f0:76:6b:bb:28:c0:
8f:ca:c9:f0:bf:a9:b2:33:4e:3a:60:47:2c:75:46:
b9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C1:6F:B5:77:7D:64:AD:34:52:7C:E6:71:9E:26:D7:A2:7E:42:33
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/S8FvtXd9ZK00UnzmcZ4m16J-QjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.43.252.0/23
Signature Algorithm: sha256WithRSAEncryption
16:48:7e:35:1b:db:35:41:22:2c:6b:68:be:ee:bf:2d:5a:c2:
24:e4:f8:30:24:56:be:b4:fe:64:1a:da:5c:ff:4e:57:b1:fa:
7b:c6:24:52:c2:78:30:92:e1:98:d2:c8:17:7a:01:7d:1b:1b:
58:52:56:f0:e9:6d:d9:85:83:2a:b6:ac:59:b7:71:1f:6f:29:
ca:87:c7:ef:b7:67:e9:bd:f2:d5:68:2d:0a:38:87:7f:d7:3a:
a8:69:ab:44:a9:c3:ac:00:63:c5:19:c7:36:a2:4e:f6:ae:b4:
43:a1:95:3e:c9:06:d9:d9:df:66:74:26:76:83:1c:55:c2:51:
76:aa:17:70:47:ed:a8:66:c6:26:9d:e1:8d:ec:17:a3:57:70:
2a:c4:0c:c5:6e:a6:24:0d:d5:e4:e2:6f:41:91:9a:4c:2b:6e:
0b:28:c5:a7:9e:47:90:f0:27:3c:43:43:29:bd:d0:89:cc:e7:
7c:5a:1a:d9:15:e5:6f:35:43:3b:db:cc:63:6d:de:86:f3:50:
27:bf:07:b7:66:a6:14:da:be:18:9a:5d:97:86:a9:8a:7d:04:
23:ce:40:f0:0e:bd:58:ec:59:ca:82:21:76:5a:24:54:5b:07:
f3:68:96:d5:21:34:38:e4:68:74:6d:3f:b1:91:8c:30:75:31:
e1:08:22:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgqt5f8h8eItnqzXLoXz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmMxNmZiNTc3N2Q2NGFkMzQ1MjdjZTY3MTllMjZkN2EyN2U0MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPogsFKhIGfxPOTJVy0gG557Pwgm
OLJ0RTLyyAVRLDMUjdl7nPmbD5vMpxFU1c8m676yhBuLcNk13Av3vvfQLn7s6z/7
RmUm7aWMvu2heterEnH2GP+4j3WEnRG2lXBLG546dg2AOwBjPdlAsZkx7WAg8p9B
eAJf9x5dTnaNvpj61bZ4hLS4ks4oqajEBYtI0+rjIoP2PFjBBcP74qrvhrWx3JNE
REWzGg5hdlD5ssPh3NgbBcflZY4iNVyAlPY7EAk5uVlv2qLt6SEhUMpZdTTZB1FM
udb3UuTWzVYrRSQEkzEDjNtjD8Twdmu7KMCPysnwv6myM046YEcsdUa5VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvBb7V3fWStNFJ85nGeJteifkIzMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvUzhGdnRYZDlaSzAwVW56bWNaNG0xNkotUWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPiv8MA0G
CSqGSIb3DQEBCwUAA4IBAQAWSH41G9s1QSIsa2i+7r8tWsIk5PgwJFa+tP5kGtpc
/05Xsfp7xiRSwngwkuGY0sgXegF9GxtYUlbw6W3ZhYMqtqxZt3EfbynKh8fvt2fp
vfLVaC0KOId/1zqoaatEqcOsAGPFGcc2ok72rrRDoZU+yQbZ2d9mdCZ2gxxVwlF2
qhdwR+2oZsYmneGN7BejV3AqxAzFbqYkDdXk4m9BkZpMK24LKMWnnkeQ8Cc8Q0Mp
vdCJzOd8WhrZFeVvNUM728xjbd6G81Anvwe3ZqYU2r4Yml2XhqmKfQQjzkDwDr1Y
7FnKgiF2WiRUWwfzaJbVITQ45Gh0bT+xkYwwdTHhCCKR
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org