Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/hdKwoz5_hzrIWuBqlPRF9uMvUAM.roa
File: hdKwoz5_hzrIWuBqlPRF9uMvUAM.roa (raw, json)
Hash identifier: onwsjAOigN0zzix6dkr0Ci9qA4Rxs5L/XT9RQuS103E=
Subject key identifier: 85:D2:B0:A3:3E:7F:87:3A:C8:5A:E0:6A:94:F4:45:F6:E3:2F:50:03
Certificate issuer: /CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Certificate serial: 01870E708283DA6BD5BEA2819A5B1A4BA9B5
Authority key identifier: 40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/hdKwoz5_hzrIWuBqlPRF9uMvUAM.roa
Signing time: Thu 23 Mar 2023 12:27:46 +0000
ROA not before: Thu 23 Mar 2023 12:27:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206175
IP address blocks: 62.148.99.0/24 maxlen: 24
62.148.101.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:70:82:83:da:6b:d5:be:a2:81:9a:5b:1a:4b:a9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Validity
Not Before: Mar 23 12:27:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85d2b0a33e7f873ac85ae06a94f445f6e32f5003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:f8:a6:38:89:b0:e3:da:af:f1:b8:1f:a3:
c4:27:87:22:75:b3:f8:97:48:55:4c:9e:54:6f:9b:
d1:d4:b7:16:7b:ff:16:79:2d:4e:c7:70:3a:cd:91:
b2:c9:dd:ee:fe:f5:56:04:0d:c8:fa:26:cd:d8:b8:
0f:9b:f1:03:6c:44:dd:59:2e:96:88:fe:c4:7f:3d:
ff:5f:c1:db:1f:c9:41:a8:31:37:ae:fa:93:c4:b3:
29:6d:a4:b2:68:d3:38:1b:ae:e8:9d:c2:95:b5:cb:
97:59:99:31:fb:79:d2:21:23:19:f3:f7:d6:74:5b:
fc:33:f3:6d:8b:60:57:49:eb:2b:21:cd:82:9b:09:
ae:ab:49:3f:8c:9b:60:97:1f:f9:00:d4:cb:c4:37:
0b:f5:dd:c9:16:d1:2f:f3:ab:2c:6d:e2:99:ae:bb:
05:8f:2c:eb:d5:50:8c:e9:70:9c:3a:b5:cf:ba:32:
fa:eb:57:dc:07:8a:3b:ce:b5:d1:4d:41:64:10:e4:
f5:3c:f5:ab:e4:b6:c6:22:01:90:6d:dc:42:2d:e3:
de:52:9d:4f:d1:36:d4:39:30:a8:f5:41:4d:93:07:
f3:54:ad:2a:c3:4a:cd:48:05:8e:17:05:b8:f7:ab:
4d:e5:3d:00:e9:c5:6d:60:31:eb:23:ea:43:17:69:
bd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D2:B0:A3:3E:7F:87:3A:C8:5A:E0:6A:94:F4:45:F6:E3:2F:50:03
X509v3 Authority Key Identifier:
keyid:40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/hdKwoz5_hzrIWuBqlPRF9uMvUAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.99.0/24
62.148.101.0/24
Signature Algorithm: sha256WithRSAEncryption
22:d2:ec:c6:49:04:c1:63:21:f5:b6:62:81:bf:b8:4e:dd:5c:
cc:71:84:aa:6d:b1:9e:3a:cc:f7:da:3a:1e:bf:b1:4b:3f:03:
cc:b0:10:ab:2e:28:5f:3f:fa:80:c0:09:05:d9:f4:38:38:93:
f6:2b:cc:24:d1:f5:07:86:79:1b:a4:6d:10:d1:4c:a4:0d:65:
56:5a:47:50:e7:00:95:11:c5:87:3b:70:59:37:fc:f7:4b:b0:
fa:52:9e:9b:06:16:29:0f:70:0c:01:ba:3a:6b:dc:31:f6:7d:
54:62:6a:e8:00:09:94:8d:bb:d5:c1:38:44:b3:35:f3:08:97:
ea:46:db:07:ca:42:7a:0c:29:6f:c8:2d:82:6c:cf:42:6b:ba:
b7:16:a6:e8:53:2e:5f:0e:6f:2d:0a:b6:15:3b:d3:ec:2c:88:
94:a8:44:91:2f:5d:ff:d9:7a:95:7a:99:cb:0e:50:ec:ef:e5:
ed:ef:c7:15:46:e2:b3:ff:2e:39:0a:a9:f2:06:25:0d:02:06:
a5:db:e9:3c:4f:66:e5:43:e9:e6:b3:8c:7b:3d:83:80:17:47:
b1:1b:65:13:f3:23:5d:75:96:da:83:29:28:37:fd:d6:5c:c8:
18:f3:24:f8:3e:8b:2c:4f:c2:84:d5:41:53:a3:f9:bc:43:f7:
87:a1:3d:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcOcIKD2mvVvqKBmlsaS6m1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZWRmYWE5Mzk5YWQzZDU1MzFmYTQ3MWExMmIzYmZl
MzdlMTIwHhcNMjMwMzIzMTIyNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQyYjBhMzNlN2Y4NzNhYzg1YWUwNmE5NGY0NDVmNmUzMmY1MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfL4pjiJsOPar/G4H6PEJ4cidbP4
l0hVTJ5Ub5vR1LcWe/8WeS1Ox3A6zZGyyd3u/vVWBA3I+ibN2LgPm/EDbETdWS6W
iP7Efz3/X8HbH8lBqDE3rvqTxLMpbaSyaNM4G67oncKVtcuXWZkx+3nSISMZ8/fW
dFv8M/Nti2BXSesrIc2Cmwmuq0k/jJtglx/5ANTLxDcL9d3JFtEv86ssbeKZrrsF
jyzr1VCM6XCcOrXPujL661fcB4o7zrXRTUFkEOT1PPWr5LbGIgGQbdxCLePeUp1P
0TbUOTCo9UFNkwfzVK0qw0rNSAWOFwW496tN5T0A6cVtYDHrI+pDF2m9pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIXSsKM+f4c6yFrgapT0RfbjL1ADMB8GA1UdIwQY
MBaAFEC/3t+qk5mtPVUx+kcaErO/434SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYt
OGU5ODUxYjdmODExLzEvaGRLd296NV9oenJJV3VCcWxQUkY5dU12VUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYtOGU5ODUxYjdmODEx
LzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPpRjAwQA
PpRlMA0GCSqGSIb3DQEBCwUAA4IBAQAi0uzGSQTBYyH1tmKBv7hO3VzMcYSqbbGe
Osz32joev7FLPwPMsBCrLihfP/qAwAkF2fQ4OJP2K8wk0fUHhnkbpG0Q0UykDWVW
WkdQ5wCVEcWHO3BZN/z3S7D6Up6bBhYpD3AMAbo6a9wx9n1UYmroAAmUjbvVwThE
szXzCJfqRtsHykJ6DClvyC2CbM9Ca7q3FqboUy5fDm8tCrYVO9PsLIiUqESRL13/
2XqVepnLDlDs7+Xt78cVRuKz/y45CqnyBiUNAgal2+k8T2blQ+nms4x7PYOAF0ex
G2UT8yNddZbagykoN/3WXMgY8yT4PossT8KE1UFTo/m8Q/eHoT32
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:20 2023 by rpki-client on console.sobornost.net