Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0_tdtKTX73PubSH2nOVPHGJuQho.roa
File: 0_tdtKTX73PubSH2nOVPHGJuQho.roa (raw, json)
Hash identifier: fUh49yG+J/lyqX25sQ2HGxyGCB8387T/Pjthc+LOzBo=
Subject key identifier: D3:FB:5D:B4:A4:D7:EF:73:EE:6D:21:F6:9C:E5:4F:1C:62:6E:42:1A
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018570B070E31AAC85756CF15C29AB777736
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0_tdtKTX73PubSH2nOVPHGJuQho.roa
Signing time: Mon 02 Jan 2023 04:14:49 +0000
ROA not before: Mon 02 Jan 2023 04:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 62.60.220.0/22 maxlen: 24
213.176.68.0/22 maxlen: 24
62.60.164.0/22 maxlen: 24
62.60.168.0/21 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 07:19:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:70:e3:1a:ac:85:75:6c:f1:5c:29:ab:77:77:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 04:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3fb5db4a4d7ef73ee6d21f69ce54f1c626e421a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:74:44:17:5b:bf:4e:48:db:58:14:11:4c:3e:
8f:64:d3:10:4c:48:6a:69:14:38:87:92:d5:5d:46:
e0:45:34:6a:92:1a:ce:ae:d4:29:ed:c9:b3:72:0b:
d6:98:6b:a2:49:d6:dc:48:86:b5:f6:3c:2f:8e:b9:
95:e3:39:cd:b3:f9:b7:0e:31:32:20:a3:d7:37:4e:
9c:29:48:fa:b6:b3:7a:1a:cf:56:7c:75:63:5c:96:
f8:41:09:73:fa:74:99:61:84:2e:ad:52:b3:34:60:
5b:e4:0d:59:0e:6c:87:17:39:51:40:0d:12:10:3d:
c2:d3:64:c1:f3:36:33:68:d9:53:06:08:6f:66:b9:
b0:8d:58:62:b3:6d:c6:2a:72:73:a7:c7:25:bd:e0:
a8:cf:83:92:d0:cd:aa:63:78:73:77:4d:cc:fc:09:
ba:94:73:1c:26:a1:f4:82:23:63:de:6d:4d:a4:f0:
49:97:f1:96:3d:be:05:39:2e:17:4f:68:85:15:be:
16:a6:53:62:1d:bc:ea:52:ab:09:93:63:8f:7a:67:
f1:37:68:35:10:04:b8:1c:21:c4:04:db:fe:f6:fc:
98:ea:e3:e3:3c:3a:cf:cb:fc:8a:71:2b:b4:c0:67:
15:55:0b:ba:91:ff:ad:98:4d:40:a7:f7:00:01:0a:
10:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:FB:5D:B4:A4:D7:EF:73:EE:6D:21:F6:9C:E5:4F:1C:62:6E:42:1A
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0_tdtKTX73PubSH2nOVPHGJuQho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.164.0-62.60.195.255
62.60.212.0/22
62.60.220.0/22
213.176.68.0/22
Signature Algorithm: sha256WithRSAEncryption
51:a2:ed:4a:ed:b2:f9:a8:95:5d:38:b6:09:f5:33:13:57:3f:
51:5c:53:3d:44:51:b4:99:5a:09:20:f4:42:64:df:40:78:4a:
d6:90:6f:d2:2d:39:c1:1d:06:9b:15:d7:f7:c9:2f:71:2f:4f:
3c:bc:a5:b6:4d:78:df:89:6d:25:e2:6d:7b:43:ed:ca:d6:44:
db:d3:f6:83:fd:e5:e5:79:3e:28:c3:a6:39:91:98:00:9b:1b:
53:5f:68:ab:b2:f4:15:82:72:27:66:a4:02:8c:73:59:ee:cb:
6c:c1:aa:4e:d2:7a:a7:eb:5c:8e:e5:78:8d:13:a7:13:94:d9:
a5:f1:14:31:98:62:57:a5:c8:51:3c:82:f0:fa:6b:f6:73:b4:
8a:80:a0:a3:1f:8d:00:97:a5:da:2a:1c:40:62:e5:e0:cf:01:
35:f7:7b:d0:58:82:2c:9f:5f:2f:15:09:5d:c7:c1:ca:a8:bd:
e3:30:64:11:25:31:5a:66:5e:eb:09:7c:7f:4e:e6:4c:87:1b:
62:8b:20:1c:7e:40:86:78:8f:8f:bd:5d:10:1e:67:28:fe:43:
d2:76:76:45:ff:49:4a:10:25:b3:4a:3d:df:15:fb:6e:57:d9:
de:c6:89:59:09:01:d9:f6:f0:cb:a3:fa:b0:05:fe:0e:8a:a5:
27:cd:0d:7f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwsHDjGqyFdWzxXCmrd3c2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTAyMDQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZiNWRiNGE0ZDdlZjczZWU2ZDIxZjY5Y2U1NGYxYzYyNmU0MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3REF1u/TkjbWBQRTD6PZNMQTEhq
aRQ4h5LVXUbgRTRqkhrOrtQp7cmzcgvWmGuiSdbcSIa19jwvjrmV4znNs/m3DjEy
IKPXN06cKUj6trN6Gs9WfHVjXJb4QQlz+nSZYYQurVKzNGBb5A1ZDmyHFzlRQA0S
ED3C02TB8zYzaNlTBghvZrmwjVhis23GKnJzp8clveCoz4OS0M2qY3hzd03M/Am6
lHMcJqH0giNj3m1NpPBJl/GWPb4FOS4XT2iFFb4WplNiHbzqUqsJk2OPemfxN2g1
EAS4HCHEBNv+9vyY6uPjPDrPy/yKcSu0wGcVVQu6kf+tmE1Ap/cAAQoQ1wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNP7XbSk1+9z7m0h9pzlTxxibkIaMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMF90ZHRLVFg3M1B1YlNIMm5PVlBIR0p1UWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAI+PKQD
BAI+PMADBAI+PNQDBAI+PNwDBALVsEQwDQYJKoZIhvcNAQELBQADggEBAFGi7Urt
svmolV04tgn1MxNXP1FcUz1EUbSZWgkg9EJk30B4StaQb9ItOcEdBpsV1/fJL3Ev
Tzy8pbZNeN+JbSXibXtD7crWRNvT9oP95eV5PijDpjmRmACbG1NfaKuy9BWCcidm
pAKMc1nuy2zBqk7SeqfrXI7leI0TpxOU2aXxFDGYYlelyFE8gvD6a/ZztIqAoKMf
jQCXpdoqHEBi5eDPATX3e9BYgiyfXy8VCV3HwcqoveMwZBElMVpmXusJfH9O5kyH
G2KLIBx+QIZ4j4+9XRAeZyj+Q9J2dkX/SUoQJbNKPd8V+25X2d7GiVkJAdn28Muj
+rAF/g6KpSfNDX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:28 2024 by rpki-client on console-ams.rpki-client.org