Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS62068.roa
File: AS62068.roa (raw, json)
Hash identifier: 3R0q5tgSWRl5J6vnjCfspVYUeU3ZSm+GedEIu+XC8T0=
Subject key identifier: D3:E2:5D:C7:74:43:2F:37:2B:6A:4C:C4:EB:6F:85:8A:1C:A7:4F:94
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: AC537002930C5F97DB822DD7C4B2C9A9E75412
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS62068.roa
Signing time: Wed 13 Sep 2023 00:00:09 +0000
ROA not before: Tue 12 Sep 2023 23:55:09 +0000
ROA not after: Wed 11 Sep 2024 00:00:09 +0000
asID: 62068
IP address blocks: 191.96.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 00:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ac:53:70:02:93:0c:5f:97:db:82:2d:d7:c4:b2:c9:a9:e7:54:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 12 23:55:09 2023 GMT
Not After : Sep 11 00:00:09 2024 GMT
Subject: CN=D3E25DC774432F372B6A4CC4EB6F858A1CA74F94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:52:d3:9b:3a:7d:5e:9a:99:84:4a:c5:14:b5:
a3:7c:3c:a2:1d:d2:e7:df:92:86:f3:bc:f1:cc:35:
69:99:83:fd:36:a9:ae:56:4f:14:14:af:a0:6c:12:
e2:df:d6:c8:45:ca:b2:09:d0:eb:12:a3:e6:73:84:
f4:c9:57:c5:f2:5d:cc:c5:47:6c:50:54:3a:bc:21:
0f:13:b9:0c:03:13:74:9f:75:e2:d5:84:be:5b:67:
92:07:58:66:1d:0b:c8:a0:00:02:a8:e3:b4:3e:b2:
b2:46:40:0c:bb:89:f2:05:2d:94:be:fb:89:d0:c5:
44:d3:65:2f:25:d1:71:5e:f5:e4:f2:bf:04:af:a2:
27:e9:4b:71:79:83:97:7e:da:ea:2e:ec:1d:78:be:
c3:ca:0b:c9:03:e6:74:03:12:bb:46:32:e7:40:d0:
89:29:ab:02:0c:a2:45:45:ba:de:d7:93:96:61:66:
9e:bf:e0:89:3a:6e:99:8a:65:f9:4d:3d:4a:10:c7:
e3:29:bc:41:cd:bf:a4:16:94:70:0f:3e:cc:af:a3:
a8:e7:b3:9d:f3:71:4a:85:08:3a:f3:ec:79:1b:09:
94:8e:30:6a:74:5a:07:58:ce:ad:6e:98:07:bd:fb:
4b:13:03:ef:da:b4:f9:e3:27:4b:50:2a:03:6d:2e:
3d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E2:5D:C7:74:43:2F:37:2B:6A:4C:C4:EB:6F:85:8A:1C:A7:4F:94
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS62068.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.66.0/24
Signature Algorithm: sha256WithRSAEncryption
98:71:6a:50:7c:d5:56:3d:bb:87:01:cf:30:e7:c4:6d:fe:cf:
99:9c:9f:c0:d3:f2:cb:e0:d9:2e:16:18:14:cf:36:e5:b0:10:
ea:0b:1d:aa:19:2a:b5:57:97:7a:5e:a5:37:b6:aa:ed:93:da:
66:63:32:8b:35:64:9a:ad:a5:0a:5e:ea:4d:6b:dd:3a:b4:d9:
dd:ff:3e:fb:f1:0b:a3:dd:96:bf:b2:77:0f:9a:69:6a:1c:e6:
bb:49:4b:02:ba:7c:80:9b:d2:3e:50:74:83:ae:b4:09:32:b4:
0a:91:61:af:c8:23:d8:05:33:80:21:15:2e:6e:c1:a5:bf:c0:
0e:13:b6:3b:45:41:45:5b:63:73:88:ff:26:a9:b9:b9:7e:d2:
48:08:a8:21:fb:58:97:20:ab:7e:4a:b3:71:a8:1d:24:35:51:
56:04:b2:7b:c6:65:6b:5d:75:96:fa:f8:4e:ef:7f:09:f7:1c:
af:24:15:b1:4e:c7:ee:aa:bd:12:87:be:7c:c7:16:a7:a7:15:
db:4e:47:c3:49:e4:7f:85:88:58:d2:23:25:f9:76:dc:49:ce:
f3:77:a1:56:2d:87:b8:ce:a8:ad:6d:7f:e7:96:53:3e:e9:34:
a8:60:bc:0e:3f:d1:b6:60:a2:76:c4:03:82:ae:ce:32:ae:fb:
01:6c:a9:17
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUAKxTcAKTDF+X24It18SyyannVBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA5MTIyMzU1MDlaFw0yNDA5MTEwMDAwMDlaMDMxMTAvBgNV
BAMTKEQzRTI1REM3NzQ0MzJGMzcyQjZBNENDNEVCNkY4NThBMUNBNzRGOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHUtObOn1empmESsUUtaN8PKId
0uffkobzvPHMNWmZg/02qa5WTxQUr6BsEuLf1shFyrIJ0OsSo+ZzhPTJV8XyXczF
R2xQVDq8IQ8TuQwDE3SfdeLVhL5bZ5IHWGYdC8igAAKo47Q+srJGQAy7ifIFLZS+
+4nQxUTTZS8l0XFe9eTyvwSvoifpS3F5g5d+2uou7B14vsPKC8kD5nQDErtGMudA
0IkpqwIMokVFut7Xk5ZhZp6/4Ik6bpmKZflNPUoQx+MpvEHNv6QWlHAPPsyvo6jn
s53zcUqFCDrz7HkbCZSOMGp0WgdYzq1umAe9+0sTA+/atPnjJ0tQKgNtLj31AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU0+Jdx3RDLzcrakzE62+FihynT5QwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjIwNjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YEIw
DQYJKoZIhvcNAQELBQADggEBAJhxalB81VY9u4cBzzDnxG3+z5mcn8DT8svg2S4W
GBTPNuWwEOoLHaoZKrVXl3pepTe2qu2T2mZjMos1ZJqtpQpe6k1r3Tq02d3/Pvvx
C6Pdlr+ydw+aaWoc5rtJSwK6fICb0j5QdIOutAkytAqRYa/II9gFM4AhFS5uwaW/
wA4TtjtFQUVbY3OI/yapubl+0kgIqCH7WJcgq35Ks3GoHSQ1UVYEsnvGZWtddZb6
+E7vfwn3HK8kFbFOx+6qvRKHvnzHFqenFdtOR8NJ5H+FiFjSIyX5dtxJzvN3oVYt
h7jOqK1tf+eWUz7pNKhgvA4/0bZgonbEA4KuzjKu+wFsqRc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:05 2024 by rpki-client on console-ams.rpki-client.org