Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/20X2XJow7lLg3gYpGK2AWQnJ3rY.roa
File: 20X2XJow7lLg3gYpGK2AWQnJ3rY.roa (raw, json)
Hash identifier: P82dwZR1cvxB7sdjHY4CTrNJYMQKxGbFutEw40xj2m8=
Subject key identifier: DB:45:F6:5C:9A:30:EE:52:E0:DE:06:29:18:AD:80:59:09:C9:DE:B6
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018EF644C69B7077234C6E17C1C7AB7B3EE5
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/20X2XJow7lLg3gYpGK2AWQnJ3rY.roa
Signing time: Fri 19 Apr 2024 12:11:26 +0000
ROA not before: Fri 19 Apr 2024 12:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.216.0/22 maxlen: 24
213.176.126.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Apr 2024 08:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:44:c6:9b:70:77:23:4c:6e:17:c1:c7:ab:7b:3e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Apr 19 12:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db45f65c9a30ee52e0de062918ad805909c9deb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6d:dc:d8:46:04:42:11:49:f5:22:5a:dd:b4:
29:16:82:ad:29:79:4e:d5:47:2f:b9:cf:15:2e:43:
8f:6b:b9:77:d0:e8:c9:3e:27:8a:d5:79:5b:78:6f:
14:85:d3:c9:96:18:d7:ea:05:6d:d7:35:c3:2d:7b:
ca:35:7a:f3:50:5f:7e:db:d6:e4:e6:f2:34:d8:cb:
08:4f:bf:76:ab:f2:a0:25:41:e9:08:81:70:e3:6c:
f4:66:d7:76:fe:a5:85:d0:10:32:9f:10:7b:6f:7a:
99:06:c4:d7:1e:07:0f:86:14:c7:44:5d:a7:44:56:
7f:1f:9d:40:8a:95:6f:bd:e4:63:c8:fe:14:60:b2:
25:23:fb:41:ff:25:a4:5c:8d:d9:a9:02:e2:51:00:
76:6b:30:31:fe:49:28:18:c5:70:30:be:86:e1:84:
4e:5a:9f:3f:ed:82:c3:dd:37:7b:ab:a0:11:37:c8:
cf:65:03:1c:de:14:3a:89:8e:ba:48:43:ab:31:ec:
bc:81:b7:b6:c6:c6:7c:c7:e9:78:62:f2:2d:97:ef:
83:22:8f:62:71:98:0d:e2:46:3b:7f:90:d9:63:a4:
2d:cc:b2:74:fd:ff:04:23:9c:26:f0:fd:31:c0:b8:
d6:04:3e:6c:73:e9:a0:2f:16:e7:9f:3d:e7:bc:26:
d6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:45:F6:5C:9A:30:EE:52:E0:DE:06:29:18:AD:80:59:09:C9:DE:B6
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/20X2XJow7lLg3gYpGK2AWQnJ3rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.216.0/22
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:5b:42:0b:2a:47:42:64:77:d4:7a:6d:55:fb:77:2e:8d:84:
44:df:4f:35:90:1f:02:6f:51:14:75:f1:45:9c:93:60:d9:63:
1f:d5:5c:c9:24:0e:9b:5d:d0:c5:68:fc:d1:62:84:6d:b1:89:
4d:01:a1:fa:22:83:6d:8f:49:5c:64:f8:8e:e0:cd:78:7c:31:
b4:ec:81:9d:94:9a:18:bb:95:f3:34:c9:b2:fc:96:3f:ef:56:
45:83:d7:ee:fd:b1:10:a7:57:48:94:3a:68:95:70:04:ce:b1:
6a:32:15:69:4e:93:5c:11:c3:7a:23:42:ff:53:55:3f:ba:f9:
2b:d7:87:e2:ca:f6:24:08:28:ed:75:63:eb:b3:cc:1c:01:e9:
72:11:a2:67:5a:f8:5e:39:67:a9:6d:b6:34:ce:b3:8e:51:7f:
26:ac:f8:f2:9f:94:b2:69:6f:d1:d2:22:14:97:52:21:a8:8a:
8e:e5:1c:11:df:7f:e2:83:4f:40:fb:aa:45:9d:2f:59:07:7a:
ba:c1:fd:0f:df:37:57:8a:86:14:d8:f0:7b:ac:86:6e:fc:6c:
25:92:9c:7f:d3:8d:dc:4a:e7:e3:ea:d9:a5:58:99:c6:f1:2e:
eb:c7:9b:2c:d7:66:f2:a8:48:bd:6b:dd:3e:9a:18:43:a2:2b:
92:5a:50:26
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY72RMabcHcjTG4Xwcerez7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNDE5MTIxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ1ZjY1YzlhMzBlZTUyZTBkZTA2MjkxOGFkODA1OTA5YzlkZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm3c2EYEQhFJ9SJa3bQpFoKtKXlO
1Ucvuc8VLkOPa7l30OjJPieK1XlbeG8UhdPJlhjX6gVt1zXDLXvKNXrzUF9+29bk
5vI02MsIT792q/KgJUHpCIFw42z0Ztd2/qWF0BAynxB7b3qZBsTXHgcPhhTHRF2n
RFZ/H51AipVvveRjyP4UYLIlI/tB/yWkXI3ZqQLiUQB2azAx/kkoGMVwML6G4YRO
Wp8/7YLD3Td7q6ARN8jPZQMc3hQ6iY66SEOrMey8gbe2xsZ8x+l4YvItl++DIo9i
cZgN4kY7f5DZY6QtzLJ0/f8EI5wm8P0xwLjWBD5sc+mgLxbnnz3nvCbWEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNtF9lyaMO5S4N4GKRitgFkJyd62MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMjBYMlhKb3c3bExnM2dZcEdLMkFXUW5KM3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDPjyYAwQC
Pjy4AwQCPjzAAwQCPjzYAwQB1bB+MA0GCSqGSIb3DQEBCwUAA4IBAQBPW0ILKkdC
ZHfUem1V+3cujYRE3081kB8Cb1EUdfFFnJNg2WMf1VzJJA6bXdDFaPzRYoRtsYlN
AaH6IoNtj0lcZPiO4M14fDG07IGdlJoYu5XzNMmy/JY/71ZFg9fu/bEQp1dIlDpo
lXAEzrFqMhVpTpNcEcN6I0L/U1U/uvkr14fiyvYkCCjtdWPrs8wcAelyEaJnWvhe
OWepbbY0zrOOUX8mrPjyn5SyaW/R0iIUl1IhqIqO5RwR33/ig09A+6pFnS9ZB3q6
wf0P3zdXioYU2PB7rIZu/Gwlkpx/043cSufj6tmlWJnG8S7rx5ss12byqEi9a90+
mhhDoiuSWlAm
-----END CERTIFICATE-----
Generated at Sat Apr 20 09:11:55 2024 by rpki-client on console-ams.rpki-client.org