Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3Oim1YoMdLojrCz298Hh3fe-UJA.roa
File: 3Oim1YoMdLojrCz298Hh3fe-UJA.roa (raw, json)
Hash identifier: n3j2auBrVeb7uqV+bwMwMS1xip7QYzExm4FROl//+N8=
Subject key identifier: DC:E8:A6:D5:8A:0C:74:BA:23:AC:2C:F6:F7:C1:E1:DD:F7:BE:50:90
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019310D87632F958D97C636CD34CDB1AE39C
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3Oim1YoMdLojrCz298Hh3fe-UJA.roa
Signing time: Sat 09 Nov 2024 12:14:01 +0000
ROA not before: Sat 09 Nov 2024 12:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 05:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:d8:76:32:f9:58:d9:7c:63:6c:d3:4c:db:1a:e3:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Nov 9 12:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dce8a6d58a0c74ba23ac2cf6f7c1e1ddf7be5090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:53:9d:8f:2a:61:b2:2d:88:2c:63:88:25:9c:
17:bd:b4:ff:b3:be:de:dc:1b:83:0e:56:e9:c9:e1:
75:b1:a5:ba:16:9a:c9:07:35:d6:90:14:b2:ce:be:
48:4c:34:0c:51:ab:5d:05:07:5c:dd:30:5b:d5:84:
8b:79:e1:c5:b9:76:f6:40:2d:46:78:78:59:78:84:
04:43:c3:e4:ab:af:9e:10:94:9a:bc:e3:d1:8d:cc:
73:05:c1:8a:82:bb:b7:a8:4f:b9:4f:e6:d8:06:63:
b1:40:00:5e:88:fe:b0:49:e8:08:fd:2d:7c:f0:4e:
bf:15:01:d8:bb:b5:4e:53:0e:a6:18:68:ee:c0:53:
ba:3c:b0:7d:e5:34:40:d2:5b:97:78:19:67:0d:44:
2c:42:57:28:fd:19:92:45:48:e9:10:aa:21:04:5e:
57:d2:10:fe:a5:a5:19:70:95:cc:a1:b4:91:8a:ee:
80:05:be:5f:fb:cd:05:ad:7a:f1:8a:78:f0:ff:71:
95:f3:85:cb:c5:7d:ea:e0:a9:e7:6c:e1:50:92:96:
23:16:c3:41:f1:d9:40:c1:6d:0f:eb:ec:3b:1e:b2:
2c:f4:d1:ac:fa:ae:88:24:30:e4:ba:e1:88:d5:20:
c5:8b:c9:2a:75:0e:b5:1d:54:d2:19:91:b7:ef:24:
da:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E8:A6:D5:8A:0C:74:BA:23:AC:2C:F6:F7:C1:E1:DD:F7:BE:50:90
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3Oim1YoMdLojrCz298Hh3fe-UJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.154.0-62.60.159.255
62.60.216.0/23
62.60.236.0/22
62.60.244.0-62.60.251.255
Signature Algorithm: sha256WithRSAEncryption
0a:30:e3:82:0b:1b:13:58:c3:0e:ef:ab:ad:cc:f9:7a:9e:79:
c3:ec:c0:9c:70:d5:6d:3a:ae:e5:b3:26:4b:ab:4d:1b:97:2d:
01:3a:8c:84:2e:60:87:2f:cd:8e:a8:28:c1:29:65:df:91:d2:
4f:b5:b5:67:24:28:1b:1a:9a:e2:d9:af:4f:4a:58:45:12:33:
aa:4f:9b:76:42:a9:19:46:fd:6b:78:25:2a:22:9f:02:bc:47:
b2:ec:93:1a:84:da:0a:af:20:29:22:50:b4:39:64:f3:46:d9:
52:bf:14:46:c9:81:9c:f8:1d:ea:be:0f:de:b0:fb:0f:e5:7c:
91:f4:70:b1:47:bd:1a:58:95:2c:c1:58:66:a1:56:4b:19:cb:
f4:23:d2:3c:c4:62:9a:66:9a:55:a3:0a:5c:ea:41:fd:03:b4:
b8:ba:d3:cd:b0:9a:5a:55:5d:b4:91:37:4b:a9:19:9a:3c:06:
15:28:35:ce:dc:ad:f7:52:c3:d9:cb:bd:40:59:d6:95:c9:33:
16:51:5b:5f:77:d1:67:f1:d4:3a:91:77:1a:e0:bd:c1:0c:84:
a8:a3:7c:84:4f:33:03:40:7c:02:36:cc:b5:07:d0:9d:44:81:
41:80:29:ff:31:e7:a5:5e:1c:86:a1:54:79:57:64:cc:27:d4:
2a:a1:a1:6d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZMQ2HYy+VjZfGNs00zbGuOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQxMTA5MTIxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U4YTZkNThhMGM3NGJhMjNhYzJjZjZmN2MxZTFkZGY3YmU1MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVOdjyphsi2ILGOIJZwXvbT/s77e
3BuDDlbpyeF1saW6FprJBzXWkBSyzr5ITDQMUatdBQdc3TBb1YSLeeHFuXb2QC1G
eHhZeIQEQ8Pkq6+eEJSavOPRjcxzBcGKgru3qE+5T+bYBmOxQABeiP6wSegI/S18
8E6/FQHYu7VOUw6mGGjuwFO6PLB95TRA0luXeBlnDUQsQlco/RmSRUjpEKohBF5X
0hD+paUZcJXMobSRiu6ABb5f+80FrXrxinjw/3GV84XLxX3q4KnnbOFQkpYjFsNB
8dlAwW0P6+w7HrIs9NGs+q6IJDDkuuGI1SDFi8kqdQ61HVTSGZG37yTa1QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNzoptWKDHS6I6ws9vfB4d33vlCQMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvM09pbTFZb01kTG9qckN6Mjk4SGgzZmUtVUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAE+PJoD
BAU+PIADBAE+PNgDBAI+POwwDAMEAj489AMEAj48+DANBgkqhkiG9w0BAQsFAAOC
AQEACjDjggsbE1jDDu+rrcz5ep55w+zAnHDVbTqu5bMmS6tNG5ctATqMhC5ghy/N
jqgowSll35HST7W1ZyQoGxqa4tmvT0pYRRIzqk+bdkKpGUb9a3glKiKfArxHsuyT
GoTaCq8gKSJQtDlk80bZUr8URsmBnPgd6r4P3rD7D+V8kfRwsUe9GliVLMFYZqFW
SxnL9CPSPMRimmaaVaMKXOpB/QO0uLrTzbCaWlVdtJE3S6kZmjwGFSg1ztyt91LD
2cu9QFnWlckzFlFbX3fRZ/HUOpF3GuC9wQyEqKN8hE8zA0B8AjbMtQfQnUSBQYAp
/zHnpV4chqFUeVdkzCfUKqGhbQ==
-----END CERTIFICATE-----
Generated at Tue Nov 12 08:27:09 2024 by rpki-client on console-ams.rpki-client.org