Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3TvaLOoiA8TCCLGaXlfKzstM2A4.roa
File: 3TvaLOoiA8TCCLGaXlfKzstM2A4.roa (raw, json)
Hash identifier: eli+AMnSHVDyJDfMqWtVVmHuYBV3/6tGUNdRtWdOjwQ=
Subject key identifier: DD:3B:DA:2C:EA:22:03:C4:C2:08:B1:9A:5E:57:CA:CE:CB:4C:D8:0E
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018F5C66DED6B04DBACFA32FDBDA104BC26E
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3TvaLOoiA8TCCLGaXlfKzstM2A4.roa
Signing time: Thu 09 May 2024 08:09:56 +0000
ROA not before: Thu 09 May 2024 08:09:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.216.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 05:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:66:de:d6:b0:4d:ba:cf:a3:2f:db:da:10:4b:c2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 9 08:09:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3bda2cea2203c4c208b19a5e57cacecb4cd80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1f:9c:1f:3e:17:b9:1d:a0:76:a7:83:22:bd:
ac:25:21:af:49:d1:fb:a5:7f:cf:a9:19:e0:9d:30:
62:83:20:2b:d7:4d:1a:95:82:c3:b9:c3:3f:c7:6f:
2b:c8:51:bb:f9:20:8f:78:0a:c9:f9:e5:0d:1d:61:
f0:6b:46:bb:9e:9b:31:99:a7:4f:ca:03:be:87:07:
51:52:c7:ef:ec:41:1f:6c:07:19:43:6d:87:41:cf:
15:0e:60:29:d5:bf:91:5c:ba:52:29:37:1c:65:7d:
46:3f:f7:22:62:68:c2:cf:94:5f:45:e3:58:dc:9a:
d0:58:30:99:3b:11:5f:48:55:2f:85:8f:6f:e2:2b:
50:88:8a:d2:0f:fc:ec:6f:73:df:91:5f:30:ac:b1:
12:50:ab:2a:43:51:14:e5:ae:c9:ee:66:41:ea:7a:
e1:ae:ee:02:d3:9f:20:1c:02:a2:8d:4b:76:96:40:
45:ca:5c:01:57:21:88:9b:0a:96:ca:fa:e3:79:29:
bb:01:c6:d6:b7:17:5a:d0:77:90:3a:5c:c0:0c:bf:
d5:f6:01:d6:af:9a:0c:2f:2d:cb:01:95:8e:98:5a:
49:ba:1a:d1:93:11:69:8d:23:82:3e:a6:37:ce:07:
01:53:41:2a:f8:fe:2b:ce:27:86:b6:1f:6a:07:20:
85:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3B:DA:2C:EA:22:03:C4:C2:08:B1:9A:5E:57:CA:CE:CB:4C:D8:0E
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3TvaLOoiA8TCCLGaXlfKzstM2A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.216.0/22
213.176.64.0/22
213.176.127.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:58:9e:30:72:4b:2c:5a:d6:4d:1a:1e:43:32:52:ac:5e:54:
7a:a9:df:2b:dc:c0:2e:a8:de:bf:ae:ba:23:6d:42:72:0f:70:
b0:9c:f8:bf:12:8f:a6:48:be:8a:69:e7:dc:79:d8:98:fd:54:
4a:21:94:37:cd:06:c8:85:69:2c:77:34:ae:f5:ff:fc:d7:3b:
3a:72:28:27:24:8f:48:5e:06:9e:ea:66:f4:34:25:7c:66:52:
e4:63:83:f2:4e:63:b2:de:01:a5:38:f5:4e:fd:97:4a:70:f5:
16:e7:0b:2e:f7:b2:c6:ac:bd:0b:9d:f4:7e:03:bc:db:37:17:
b0:73:82:61:9b:fc:fc:bc:dc:fe:cf:9a:71:ad:64:58:70:43:
f7:26:d4:ac:f9:1d:4f:4f:4d:97:f7:43:dd:4e:5b:e4:cf:1b:
a8:39:bf:9a:f3:34:ba:8e:06:2f:0b:d5:29:fa:07:16:b2:e1:
b0:45:7f:34:01:86:c5:5f:61:00:1e:e2:43:7a:fd:7d:1c:87:
d6:95:3a:22:13:f8:f3:e5:39:d7:0c:a9:b2:df:d2:7e:c6:3e:
6e:09:2e:f3:5d:f4:f5:ed:40:71:32:2d:65:ea:fe:af:7a:35:
3c:04:a2:11:81:fc:9a:35:91:ad:96:89:25:f0:b1:ac:66:57:
d7:f0:37:8d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY9cZt7WsE26z6Mv29oQS8JuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNTA5MDgwOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNiZGEyY2VhMjIwM2M0YzIwOGIxOWE1ZTU3Y2FjZWNiNGNkODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB+cHz4XuR2gdqeDIr2sJSGvSdH7
pX/PqRngnTBigyAr100alYLDucM/x28ryFG7+SCPeArJ+eUNHWHwa0a7npsxmadP
ygO+hwdRUsfv7EEfbAcZQ22HQc8VDmAp1b+RXLpSKTccZX1GP/ciYmjCz5RfReNY
3JrQWDCZOxFfSFUvhY9v4itQiIrSD/zsb3PfkV8wrLESUKsqQ1EU5a7J7mZB6nrh
ru4C058gHAKijUt2lkBFylwBVyGImwqWyvrjeSm7AcbWtxda0HeQOlzADL/V9gHW
r5oMLy3LAZWOmFpJuhrRkxFpjSOCPqY3zgcBU0Eq+P4rzieGth9qByCFGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN072izqIgPEwgixml5Xys7LTNgOMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvM1R2YUxPb2lBOFRDQ0xHYVhsZkt6c3RNMkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDPjyYAwQC
Pjy4AwQCPjzAAwQCPjzYAwQC1bBAAwQA1bB/MA0GCSqGSIb3DQEBCwUAA4IBAQDA
WJ4wckssWtZNGh5DMlKsXlR6qd8r3MAuqN6/rrojbUJyD3CwnPi/Eo+mSL6Kaefc
ediY/VRKIZQ3zQbIhWksdzSu9f/81zs6cignJI9IXgae6mb0NCV8ZlLkY4PyTmOy
3gGlOPVO/ZdKcPUW5wsu97LGrL0LnfR+A7zbNxewc4Jhm/z8vNz+z5pxrWRYcEP3
JtSs+R1PT02X90PdTlvkzxuoOb+a8zS6jgYvC9Up+gcWsuGwRX80AYbFX2EAHuJD
ev19HIfWlToiE/jz5TnXDKmy39J+xj5uCS7zXfT17UBxMi1l6v6vejU8BKIRgfya
NZGtlokl8LGsZlfX8DeN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org