Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3PBdfp69xgWjc1DHy-3XcH9B5z8.roa
File: 3PBdfp69xgWjc1DHy-3XcH9B5z8.roa (raw, json)
Hash identifier: Pu0yFnu4JCDN1rziBdI1nxi3z3uHlrgDez/O1CQZP/s=
Subject key identifier: DC:F0:5D:7E:9E:BD:C6:05:A3:73:50:C7:CB:ED:D7:70:7F:41:E7:3F
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018B05154D2D61505774C3F7775C0907F608
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3PBdfp69xgWjc1DHy-3XcH9B5z8.roa
Signing time: Fri 06 Oct 2023 13:02:43 +0000
ROA not before: Fri 06 Oct 2023 13:02:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15611
IP address blocks: 213.176.96.0/24 maxlen: 24
213.176.4.0/24 maxlen: 24
213.176.5.0/24 maxlen: 24
62.60.168.0/21 maxlen: 24
62.60.188.0/22 maxlen: 24
62.60.132.0/22 maxlen: 24
62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.141.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.148.0/22 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:15:4d:2d:61:50:57:74:c3:f7:77:5c:09:07:f6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Oct 6 13:02:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf05d7e9ebdc605a37350c7cbedd7707f41e73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f9:fe:c4:ea:08:29:73:42:1a:26:e5:a7:2a:
cd:66:29:7b:ad:35:98:9b:cf:b9:69:a8:9d:5d:d7:
4e:dd:e0:db:ae:81:c2:99:25:5a:7e:84:b3:3f:c9:
1b:7a:0f:47:53:15:50:c0:c4:38:bd:52:c8:b3:32:
22:6e:ff:d3:16:f4:9b:73:c6:54:f1:04:a0:f2:d2:
7b:ee:5b:83:d3:62:44:02:bb:63:51:5c:74:c8:03:
e8:25:c4:6e:b4:c0:70:cc:1d:c8:86:d4:64:77:35:
94:f0:20:8e:3c:0d:a8:86:89:06:7d:74:49:b4:01:
e6:56:fe:3a:c8:f6:4b:09:9d:ba:50:8e:33:71:74:
9a:77:b6:21:0b:78:7c:75:d7:2b:97:de:bf:58:83:
fb:e3:ce:f3:12:41:08:b2:51:1a:3c:6b:50:4a:f6:
71:11:4b:63:cf:ec:15:cd:fa:8d:5f:f3:f2:20:28:
b8:dd:3f:06:37:b1:9f:a1:3f:20:6e:31:c8:de:c0:
95:6e:14:c0:8b:21:03:5a:01:0f:9c:31:24:ff:2e:
a6:46:47:10:48:df:17:64:9f:7c:7f:0c:01:6a:80:
9b:d7:0b:c7:b7:1c:34:e7:04:eb:96:19:51:8d:6f:
39:68:80:50:26:95:a8:fc:a5:cc:ba:ec:cc:e3:95:
88:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F0:5D:7E:9E:BD:C6:05:A3:73:50:C7:CB:ED:D7:70:7F:41:E7:3F
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3PBdfp69xgWjc1DHy-3XcH9B5z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.132.0-62.60.137.255
62.60.139.0-62.60.142.255
62.60.145.0/24
62.60.147.0-62.60.151.255
62.60.168.0/21
62.60.188.0/22
213.176.4.0/23
213.176.96.0/24
213.176.122.0-213.176.125.255
Signature Algorithm: sha256WithRSAEncryption
21:5a:13:57:90:af:da:fc:0f:e8:9a:d2:27:87:1b:8c:a1:21:
a4:1e:dc:c6:0f:3b:09:a4:5b:c1:6d:c3:c1:16:8c:32:87:50:
ce:cc:ff:23:77:7d:a8:c8:5f:53:bc:ea:da:e9:d2:22:15:63:
32:f6:73:d7:3f:1d:b9:09:5d:3e:ec:49:7e:a2:2d:05:58:e0:
11:32:15:c6:49:ee:3d:a8:d5:e1:e6:a4:b1:42:c0:77:a9:41:
73:80:77:da:f3:a6:af:be:00:99:0f:05:7e:3e:62:e7:cd:b8:
e7:09:6d:ca:28:2a:0c:e9:fd:ba:73:c7:a0:58:b0:70:00:54:
ab:d0:f5:2a:fd:25:b5:20:19:66:d9:65:bf:16:04:b7:b3:2e:
66:a0:04:1f:d9:74:19:76:cb:9c:0d:4b:18:9d:c4:ca:7c:5d:
2e:81:85:b5:ad:9a:90:75:c6:ed:35:03:47:2b:7a:a0:57:24:
49:4e:eb:9b:d5:9b:25:1f:ee:10:17:bf:76:35:e9:db:dc:7c:
ac:be:cf:e1:55:c8:57:57:8c:20:ea:d7:ba:6a:8e:67:f8:9b:
81:b9:c6:da:dc:14:d3:d1:5b:d3:b3:ca:0c:31:a8:62:3d:c7:
0e:54:9b:79:29:3c:02:c6:91:ac:29:f9:44:c0:e6:51:a3:8d:
d0:f2:2f:fe
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYsFFU0tYVBXdMP3d1wJB/YIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMDA2MTMwMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YwNWQ3ZTllYmRjNjA1YTM3MzUwYzdjYmVkZDc3MDdmNDFlNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPn+xOoIKXNCGiblpyrNZil7rTWY
m8+5aaidXddO3eDbroHCmSVafoSzP8kbeg9HUxVQwMQ4vVLIszIibv/TFvSbc8ZU
8QSg8tJ77luD02JEArtjUVx0yAPoJcRutMBwzB3IhtRkdzWU8CCOPA2ohokGfXRJ
tAHmVv46yPZLCZ26UI4zcXSad7YhC3h8ddcrl96/WIP7487zEkEIslEaPGtQSvZx
EUtjz+wVzfqNX/PyICi43T8GN7GfoT8gbjHI3sCVbhTAiyEDWgEPnDEk/y6mRkcQ
SN8XZJ98fwwBaoCb1wvHtxw05wTrlhlRjW85aIBQJpWo/KXMuuzM45WIIQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFNzwXX6evcYFo3NQx8vt13B/Qec/MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvM1BCZGZwNjl4Z1dqYzFESHktM1hjSDlCNXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAI+PIQD
BAE+PIgwDAMEAD48iwMEAD48jgMEAD48kTAMAwQAPjyTAwQDPjyQAwQDPjyoAwQC
Pjy8AwQB1bAEAwQA1bBgMAwDBAHVsHoDBAHVsHwwDQYJKoZIhvcNAQELBQADggEB
ACFaE1eQr9r8D+ia0ieHG4yhIaQe3MYPOwmkW8Ftw8EWjDKHUM7M/yN3fajIX1O8
6trp0iIVYzL2c9c/HbkJXT7sSX6iLQVY4BEyFcZJ7j2o1eHmpLFCwHepQXOAd9rz
pq++AJkPBX4+YufNuOcJbcooKgzp/bpzx6BYsHAAVKvQ9Sr9JbUgGWbZZb8WBLez
LmagBB/ZdBl2y5wNSxidxMp8XS6BhbWtmpB1xu01A0creqBXJElO65vVmyUf7hAX
v3Y16dvcfKy+z+FVyFdXjCDq17pqjmf4m4G5xtrcFNPRW9OzygwxqGI9xw5Um3kp
PALGkawp+UTA5lGjjdDyL/4=
-----END CERTIFICATE-----
Generated at Sat Oct 7 07:52:56 2023 by rpki-client on console-ams.rpki-client.org