Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/5sJp3FmUdLhmMXMCp8TQwW1fY1w.roa
File: 5sJp3FmUdLhmMXMCp8TQwW1fY1w.roa (raw, json)
Hash identifier: KXKfT0r4mmExWBOminQgVThyshwS6DH2XiuA/7M5tlE=
Subject key identifier: E6:C2:69:DC:59:94:74:B8:66:31:73:02:A7:C4:D0:C1:6D:5F:63:5C
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018B08FFCE1B4AAA901730C7C850B6066346
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/5sJp3FmUdLhmMXMCp8TQwW1fY1w.roa
Signing time: Sat 07 Oct 2023 07:17:44 +0000
ROA not before: Sat 07 Oct 2023 07:17:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.216.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.152.0/21 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 06:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:08:ff:ce:1b:4a:aa:90:17:30:c7:c8:50:b6:06:63:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Oct 7 07:17:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6c269dc599474b866317302a7c4d0c16d5f635c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d0:e1:bc:23:69:86:6a:f8:23:c1:08:05:d4:
12:cc:9c:d4:a0:18:4b:83:c3:58:6a:b4:2f:55:9d:
4d:21:45:a6:ba:d2:07:41:90:a8:c0:9d:a9:06:7e:
2c:ef:cc:d5:39:f8:b4:a7:02:bb:f9:a2:19:cc:38:
dc:50:30:6e:02:0e:00:2a:30:31:7f:f5:5e:95:a5:
35:26:44:c3:cb:16:68:5e:29:78:ac:e5:c1:36:8c:
8c:6b:cd:2b:d9:1f:67:e0:0e:27:24:30:c7:e4:39:
73:e7:00:52:22:57:bd:91:bf:d9:a2:84:93:a4:d3:
ca:5d:2d:d6:d6:c4:a8:41:7e:0a:05:93:11:7a:a9:
21:e2:a4:58:ab:0d:f1:72:e8:5a:f3:16:c5:b3:8a:
16:4d:8b:5a:c1:22:6d:69:4f:a0:5d:68:13:fc:60:
95:d5:21:69:b2:40:f5:04:b6:2b:5c:b4:ed:72:13:
e7:17:78:50:44:ec:e4:6b:eb:41:65:db:17:e4:a6:
6c:e4:92:c9:3c:70:22:c9:c3:c8:cc:57:9f:46:72:
38:fe:d0:cf:35:e4:ee:94:5b:a2:1a:5d:5a:71:db:
12:62:4e:66:db:96:a9:d4:1f:83:64:4c:f8:e5:5a:
ac:77:46:3a:66:a7:3f:8d:ee:c6:17:91:d5:3c:d0:
2c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C2:69:DC:59:94:74:B8:66:31:73:02:A7:C4:D0:C1:6D:5F:63:5C
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/5sJp3FmUdLhmMXMCp8TQwW1fY1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.180.0/22
62.60.188.0/22
62.60.216.0/21
Signature Algorithm: sha256WithRSAEncryption
54:20:1e:1c:c6:57:e5:8a:3f:18:11:1a:52:b0:17:8d:76:60:
4f:e5:87:20:3e:5e:24:15:82:f3:67:6e:fc:a7:83:70:51:bc:
10:78:d9:47:42:95:fb:3f:14:bf:ef:21:82:c1:5d:7f:2e:29:
3a:54:5a:c6:bc:c3:a5:6b:16:b0:ce:36:37:a2:34:78:0d:a6:
3c:6b:e8:a8:96:ed:a0:6a:1f:4e:8a:03:45:77:c6:ba:f5:18:
3f:53:40:b1:fe:59:ab:af:fd:06:56:b8:60:36:35:ed:03:03:
87:75:80:61:38:7b:f9:1a:e8:95:5c:2d:29:ad:dd:e0:73:54:
f5:5a:fe:27:ab:11:e2:fd:8e:d8:b5:22:2f:a1:a1:df:8a:29:
31:b4:9f:44:05:4f:f8:d5:6a:d6:c7:1b:bd:d3:80:a5:6d:a8:
22:3b:79:5d:d0:96:2d:a2:49:00:cc:71:98:b1:1f:ad:91:a7:
d0:b8:a9:79:66:43:9b:78:5f:dc:ff:31:8c:ac:a4:85:c4:cf:
45:cf:9f:da:e2:7d:61:0b:f6:3d:71:ca:e2:cb:52:22:e0:16:
65:4a:ff:e0:99:8d:44:f1:09:e8:37:a3:e9:1c:2c:49:a0:79:
1b:76:6c:01:da:e5:22:3f:54:c9:6f:86:80:bc:97:d8:5b:48:
7e:9f:90:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsI/84bSqqQFzDHyFC2BmNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMDA3MDcxNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmMyNjlkYzU5OTQ3NGI4NjYzMTczMDJhN2M0ZDBjMTZkNWY2MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdDhvCNphmr4I8EIBdQSzJzUoBhL
g8NYarQvVZ1NIUWmutIHQZCowJ2pBn4s78zVOfi0pwK7+aIZzDjcUDBuAg4AKjAx
f/VelaU1JkTDyxZoXil4rOXBNoyMa80r2R9n4A4nJDDH5Dlz5wBSIle9kb/ZooST
pNPKXS3W1sSoQX4KBZMReqkh4qRYqw3xcuha8xbFs4oWTYtawSJtaU+gXWgT/GCV
1SFpskD1BLYrXLTtchPnF3hQROzka+tBZdsX5KZs5JLJPHAiycPIzFefRnI4/tDP
NeTulFuiGl1acdsSYk5m25ap1B+DZEz45Vqsd0Y6Zqc/je7GF5HVPNAsTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFObCadxZlHS4ZjFzAqfE0MFtX2NcMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvNXNKcDNGbVVkTGhtTVhNQ3A4VFF3VzFmWTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPjyYAwQC
Pjy0AwQCPjy8AwQDPjzYMA0GCSqGSIb3DQEBCwUAA4IBAQBUIB4cxlflij8YERpS
sBeNdmBP5YcgPl4kFYLzZ278p4NwUbwQeNlHQpX7PxS/7yGCwV1/Lik6VFrGvMOl
axawzjY3ojR4DaY8a+iolu2gah9OigNFd8a69Rg/U0Cx/lmrr/0GVrhgNjXtAwOH
dYBhOHv5GuiVXC0prd3gc1T1Wv4nqxHi/Y7YtSIvoaHfiikxtJ9EBU/41WrWxxu9
04ClbagiO3ld0JYtokkAzHGYsR+tkafQuKl5ZkObeF/c/zGMrKSFxM9Fz5/a4n1h
C/Y9ccriy1Ii4BZlSv/gmY1E8QnoN6PpHCxJoHkbdmwB2uUiP1TJb4aAvJfYW0h+
n5Dw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org