Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0h6a2VciKR5QE9n0Nfxj6NF5bx0.roa
File: 0h6a2VciKR5QE9n0Nfxj6NF5bx0.roa (raw, json)
Hash identifier: Yj+XgDNvmRfzseY0aTDsbS4+nFByWEuVJ4wpg3BDbyI=
Subject key identifier: D2:1E:9A:D9:57:22:29:1E:50:13:D9:F4:35:FC:63:E8:D1:79:6F:1D
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018F32859F34F44A8EBD48155B9FA7F852EB
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0h6a2VciKR5QE9n0Nfxj6NF5bx0.roa
Signing time: Wed 01 May 2024 04:59:28 +0000
ROA not before: Wed 01 May 2024 04:59:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.216.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.224.0/19 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 May 2024 18:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:32:85:9f:34:f4:4a:8e:bd:48:15:5b:9f:a7:f8:52:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 1 04:59:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d21e9ad95722291e5013d9f435fc63e8d1796f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:69:42:2a:ff:7f:8c:42:2f:16:3d:4b:bd:15:
63:13:eb:7c:1d:a3:13:55:1a:74:02:b7:29:9c:af:
76:22:88:35:a4:bf:78:d9:d2:19:55:91:c7:b5:7c:
d3:01:8a:2c:35:db:79:35:f9:cf:7b:be:ee:80:a5:
33:fc:47:0f:86:85:ed:14:51:6f:97:83:3c:ab:07:
a5:7c:c8:70:0e:5d:b0:a7:fd:12:d9:af:8a:47:d8:
e8:9d:ee:72:ec:d0:82:7a:90:16:d1:55:66:5b:50:
69:0b:3a:9e:bf:26:0c:ad:a0:d7:ba:00:3a:d6:77:
a3:b5:58:4f:7a:c4:d0:a4:8b:19:b6:e1:22:f4:29:
8f:ac:3c:d3:be:87:34:54:36:a4:30:28:7e:b4:ce:
b6:a9:56:b5:9a:30:96:04:5d:67:0a:96:ae:9b:a4:
dc:4c:62:8c:05:6e:11:73:5e:65:22:78:e6:6f:d8:
c9:1c:af:32:29:36:2d:d0:e6:d6:7d:4c:c2:e3:cf:
18:96:55:73:e9:aa:11:e4:48:3e:f9:35:24:c5:ec:
21:69:8d:48:7d:37:ef:97:cb:5d:08:2b:cd:60:1d:
be:56:b4:44:80:22:9f:e1:3e:0d:4f:11:c9:ef:74:
27:82:f0:be:55:b6:6e:a3:b1:3c:d2:c7:9b:a0:a1:
5e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1E:9A:D9:57:22:29:1E:50:13:D9:F4:35:FC:63:E8:D1:79:6F:1D
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0h6a2VciKR5QE9n0Nfxj6NF5bx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.216.0-62.60.255.255
213.176.64.0/22
213.176.127.0/24
Signature Algorithm: sha256WithRSAEncryption
60:21:87:0e:ac:b2:b7:3d:cf:8d:0d:27:74:77:2a:a7:82:48:
ad:7b:23:ab:9b:ee:a1:e3:e7:e7:60:81:1c:e0:d9:f5:0b:97:
5c:8b:ea:f4:b0:fd:a4:f9:cf:d5:4b:44:2b:af:0a:30:b0:f4:
98:86:1d:ee:ad:fd:04:d0:84:fa:36:97:13:e0:35:2b:a1:70:
4c:67:76:a5:0c:ef:5f:09:65:7c:81:c3:02:ab:1e:4a:eb:be:
fa:35:ef:d0:c8:7b:d4:14:1d:e3:eb:72:5f:e5:a3:7e:66:22:
87:ec:ec:9c:61:72:95:4c:c6:24:98:52:6d:33:4c:1c:bc:b7:
33:3e:36:15:9d:e0:85:07:fc:9d:a1:eb:61:96:11:ef:7f:9e:
9d:b4:fd:61:2b:bb:dd:33:23:bd:74:c7:da:65:10:8d:e1:d3:
86:e7:41:3e:64:fc:90:0d:1f:4a:4f:5e:12:6e:5d:7c:ab:bb:
38:dd:4d:03:60:4e:7c:1b:e1:57:47:58:7a:5d:30:f1:2a:15:
04:6a:62:33:8d:bb:ae:c4:51:05:05:25:73:e9:16:81:34:19:
85:5d:83:69:a4:da:81:f7:41:65:97:dc:af:3b:6e:13:c5:0e:
83:c8:33:fb:bc:de:5f:02:e4:2f:ab:8b:e7:36:60:cd:1d:f8:
4a:72:6b:7a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY8yhZ809EqOvUgVW5+n+FLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNTAxMDQ1OTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFlOWFkOTU3MjIyOTFlNTAxM2Q5ZjQzNWZjNjNlOGQxNzk2ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWlCKv9/jEIvFj1LvRVjE+t8HaMT
VRp0ArcpnK92Iog1pL942dIZVZHHtXzTAYosNdt5NfnPe77ugKUz/EcPhoXtFFFv
l4M8qwelfMhwDl2wp/0S2a+KR9jone5y7NCCepAW0VVmW1BpCzqevyYMraDXugA6
1nejtVhPesTQpIsZtuEi9CmPrDzTvoc0VDakMCh+tM62qVa1mjCWBF1nCpaum6Tc
TGKMBW4Rc15lInjmb9jJHK8yKTYt0ObWfUzC488YllVz6aoR5Eg++TUkxewhaY1I
fTfvl8tdCCvNYB2+VrREgCKf4T4NTxHJ73QngvC+VbZuo7E80seboKFeNQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFNIemtlXIikeUBPZ9DX8Y+jReW8dMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMGg2YTJWY2lLUjVRRTluME5meGo2TkY1YngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQDPjyYAwQC
Pjy4AwQCPjzAMAsDBAM+PNgDAwA+PAMEAtWwQAMEANWwfzANBgkqhkiG9w0BAQsF
AAOCAQEAYCGHDqyytz3PjQ0ndHcqp4JIrXsjq5vuoePn52CBHODZ9QuXXIvq9LD9
pPnP1UtEK68KMLD0mIYd7q39BNCE+jaXE+A1K6FwTGd2pQzvXwllfIHDAqseSuu+
+jXv0Mh71BQd4+tyX+WjfmYih+zsnGFylUzGJJhSbTNMHLy3Mz42FZ3ghQf8naHr
YZYR73+enbT9YSu73TMjvXTH2mUQjeHThudBPmT8kA0fSk9eEm5dfKu7ON1NA2BO
fBvhV0dYel0w8SoVBGpiM427rsRRBQUlc+kWgTQZhV2DaaTagfdBZZfcrztuE8UO
g8gz+7zeXwLkL6uL5zZgzR34SnJreg==
-----END CERTIFICATE-----
Generated at Sat May 4 20:10:08 2024 by rpki-client on console-ams.rpki-client.org