Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/CHFgHOfXhsM_czKQK9hFls7uCzc.roa
File: CHFgHOfXhsM_czKQK9hFls7uCzc.roa (raw, json)
Hash identifier: kDyFnGASIAiqXvwYWL8IghxUzbg5EV16OTg1TW1AeMY=
Subject key identifier: 08:71:60:1C:E7:D7:86:C3:3F:73:32:90:2B:D8:45:96:CE:EE:0B:37
Certificate issuer: /CN=d2e6ddda40d782559ee65e50f908e1689a65a800
Certificate serial: 01856BAEB33BFC8AA6A2A041561CC30D5C63
Authority key identifier: D2:E6:DD:DA:40:D7:82:55:9E:E6:5E:50:F9:08:E1:68:9A:65:A8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ubd2kDXglWe5l5Q-QjhaJplqAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/CHFgHOfXhsM_czKQK9hFls7uCzc.roa
Signing time: Sun 01 Jan 2023 04:54:49 +0000
ROA not before: Sun 01 Jan 2023 04:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211856
IP address blocks: 62.192.164.0/22 maxlen: 24
2a09:18c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:b3:3b:fc:8a:a6:a2:a0:41:56:1c:c3:0d:5c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2e6ddda40d782559ee65e50f908e1689a65a800
Validity
Not Before: Jan 1 04:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0871601ce7d786c33f7332902bd84596ceee0b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dc:b9:e9:1e:d8:a3:a2:7d:85:2b:24:0d:06:
5f:dd:7e:78:89:22:2f:03:b2:fe:59:9b:a2:f6:36:
06:1c:59:9f:8c:e6:3b:4f:df:50:5f:ac:eb:de:4a:
17:94:81:c6:d0:84:99:1e:7b:f6:2b:9d:f2:b4:c6:
e9:2b:fe:d2:7f:31:e6:89:27:b2:49:9e:f4:88:5e:
63:4d:bb:09:fa:6f:f5:26:a3:50:2f:98:d9:91:8a:
97:00:ac:b6:fe:f6:7b:b7:ae:c4:75:91:c1:56:e1:
ff:86:5e:bb:cc:10:17:38:fc:4e:5f:cb:3f:c3:30:
2f:46:1a:3b:cb:85:ff:94:52:30:f5:cc:f1:3f:a1:
08:82:32:c8:3e:cf:5d:41:ee:80:20:3a:36:11:3b:
56:85:d6:20:5d:68:ae:3c:a0:b2:c0:1a:5e:83:56:
c7:9b:18:1f:6c:4e:28:34:48:b1:36:c5:f4:d3:3b:
27:17:00:87:b4:a3:29:59:82:2e:33:9b:10:a3:4e:
b6:a3:f8:1d:b7:b7:65:85:85:0b:af:ad:53:85:f4:
d4:e3:c5:40:64:7d:6e:3e:ab:1d:b8:96:8d:2c:30:
ba:49:a1:97:6f:6b:fb:02:07:e7:a1:aa:60:e6:c5:
97:3c:58:41:db:e4:bc:f9:5b:c0:8f:d8:96:4e:23:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:71:60:1C:E7:D7:86:C3:3F:73:32:90:2B:D8:45:96:CE:EE:0B:37
X509v3 Authority Key Identifier:
keyid:D2:E6:DD:DA:40:D7:82:55:9E:E6:5E:50:F9:08:E1:68:9A:65:A8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ubd2kDXglWe5l5Q-QjhaJplqAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/CHFgHOfXhsM_czKQK9hFls7uCzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/0ubd2kDXglWe5l5Q-QjhaJplqAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.164.0/22
IPv6:
2a09:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
53:06:2f:07:36:af:8e:89:e0:de:0c:e8:ec:7f:26:de:cf:7d:
01:71:5b:b5:41:74:f4:40:88:6c:c9:91:b8:5d:28:2b:c7:ad:
de:36:9e:06:41:06:b3:90:e7:fc:5d:e2:83:c4:b7:6a:4f:00:
0c:82:1e:d7:ed:6a:d7:3d:4f:e8:05:7a:87:1d:f3:ff:a2:eb:
95:c6:ae:77:53:a4:da:49:b9:8c:e2:eb:e8:70:27:2b:1a:63:
fc:ff:e6:2f:d6:7d:45:23:36:5e:76:9e:11:03:69:fa:a5:95:
98:a9:bd:d7:86:8f:3c:16:c4:05:d4:26:c9:a9:a2:25:25:17:
90:0d:2c:13:c2:35:bd:f9:b6:fe:1c:e9:79:2e:5f:33:8d:50:
fe:43:03:aa:9e:4c:c7:d5:2f:85:fd:ac:b7:58:5f:f0:52:c3:
95:e6:73:cb:64:a5:9a:65:40:f8:79:ec:fd:a6:3f:75:5e:c6:
36:68:1d:41:35:04:b9:1c:a0:bd:b8:5b:51:93:eb:95:bc:ef:
db:e5:ec:9f:af:f8:ac:0b:06:d8:88:93:9e:c7:f3:43:44:f6:
67:1b:35:e6:29:ac:5e:e4:d7:60:de:a8:e6:c4:f1:78:bf:07:
04:ca:c7:a5:a5:99:69:c7:27:82:b1:78:ee:ff:d9:c2:36:27:
6f:6b:d6:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrrrM7/IqmoqBBVhzDDVxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZTZkZGRhNDBkNzgyNTU5ZWU2NWU1MGY5MDhlMTY4OWE2
NWE4MDAwHhcNMjMwMTAxMDQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODcxNjAxY2U3ZDc4NmMzM2Y3MzMyOTAyYmQ4NDU5NmNlZWUwYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9y56R7Yo6J9hSskDQZf3X54iSIv
A7L+WZui9jYGHFmfjOY7T99QX6zr3koXlIHG0ISZHnv2K53ytMbpK/7SfzHmiSey
SZ70iF5jTbsJ+m/1JqNQL5jZkYqXAKy2/vZ7t67EdZHBVuH/hl67zBAXOPxOX8s/
wzAvRho7y4X/lFIw9czxP6EIgjLIPs9dQe6AIDo2ETtWhdYgXWiuPKCywBpeg1bH
mxgfbE4oNEixNsX00zsnFwCHtKMpWYIuM5sQo062o/gdt7dlhYULr61ThfTU48VA
ZH1uPqsduJaNLDC6SaGXb2v7Agfnoapg5sWXPFhB2+S8+VvAj9iWTiNbSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhxYBzn14bDP3MykCvYRZbO7gs3MB8GA1UdIwQY
MBaAFNLm3dpA14JVnuZeUPkI4WiaZagAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHViZDJrRFhnbFdlNWw1US1RamhhSnBscUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83MzM1ZDItM2MzZi00ZmNhLTgwMDAt
Y2NmOWI4OWUyMmUyLzEvQ0hGZ0hPZlhoc01fY3pLUUs5aEZsczd1Q3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83MzM1ZDItM2MzZi00ZmNhLTgwMDAtY2NmOWI4OWUyMmUy
LzEvMHViZDJrRFhnbFdlNWw1US1RamhhSnBscUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCPsCkMA0E
AgACMAcDBQAqCRjAMA0GCSqGSIb3DQEBCwUAA4IBAQBTBi8HNq+OieDeDOjsfybe
z30BcVu1QXT0QIhsyZG4XSgrx63eNp4GQQazkOf8XeKDxLdqTwAMgh7X7WrXPU/o
BXqHHfP/ouuVxq53U6TaSbmM4uvocCcrGmP8/+Yv1n1FIzZedp4RA2n6pZWYqb3X
ho88FsQF1CbJqaIlJReQDSwTwjW9+bb+HOl5Ll8zjVD+QwOqnkzH1S+F/ay3WF/w
UsOV5nPLZKWaZUD4eez9pj91XsY2aB1BNQS5HKC9uFtRk+uVvO/b5eyfr/isCwbY
iJOex/NDRPZnGzXmKaxe5Ndg3qjmxPF4vwcEyselpZlpxyeCsXju/9nCNidva9bH
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:55 2024 by rpki-client on console.sobornost.net