Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/G55XM_z13tEaqFxcnwVPlQFqOAE.roa
File: G55XM_z13tEaqFxcnwVPlQFqOAE.roa (raw, json)
Hash identifier: HdN5Z1vzPciPqactGdxcd5GaQZhD4dopBQGbZY0sZcs=
Subject key identifier: 1B:9E:57:33:FC:F5:DE:D1:1A:A8:5C:5C:9F:05:4F:95:01:6A:38:01
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0190E9631AC6989028FF2FA0056B00C0EAA5
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/G55XM_z13tEaqFxcnwVPlQFqOAE.roa
Signing time: Thu 25 Jul 2024 10:15:04 +0000
ROA not before: Thu 25 Jul 2024 10:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 62.60.162.0/24 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
213.176.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 06:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:63:1a:c6:98:90:28:ff:2f:a0:05:6b:00:c0:ea:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jul 25 10:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b9e5733fcf5ded11aa85c5c9f054f95016a3801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d8:8d:d6:ed:60:c7:28:7b:10:5c:72:46:b6:
03:20:6b:df:09:19:40:c1:87:30:32:64:1f:4e:8a:
92:18:19:6d:86:c0:96:86:f1:d5:f2:f1:42:b5:50:
c6:44:1c:34:a4:a3:b1:50:24:74:42:2c:8c:34:a5:
69:14:0d:cc:ed:f0:23:5f:61:ec:c5:ad:5c:19:c5:
22:ef:17:f6:ee:45:79:a8:23:04:49:c7:b0:23:20:
0a:96:97:4b:3c:0d:11:26:1c:c9:26:0a:48:43:cb:
49:9d:88:af:cb:a6:5c:c2:98:54:4c:ad:f1:17:67:
26:3e:40:ab:a0:bb:fd:0b:da:39:81:5e:e8:58:f8:
6e:e3:d3:83:9f:1d:e3:3d:88:7f:b6:31:f2:60:aa:
4f:da:43:a4:a9:e5:ea:6d:cc:2c:4e:ce:b0:6b:af:
79:c3:dd:38:28:2d:45:41:15:7e:80:5c:79:6a:21:
78:6d:00:f3:ba:5d:7e:61:46:b1:a8:c0:8a:90:f3:
b1:89:a4:03:fb:fe:20:c0:4f:ea:a5:73:01:a3:51:
75:b6:17:fe:a5:cb:64:39:e8:6d:05:50:4a:17:72:
40:62:77:a1:c1:0e:f6:8f:9b:d7:02:65:71:a1:e7:
de:f5:85:dc:9f:b3:6a:2e:1b:82:9f:7e:fa:88:3e:
9b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9E:57:33:FC:F5:DE:D1:1A:A8:5C:5C:9F:05:4F:95:01:6A:38:01
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/G55XM_z13tEaqFxcnwVPlQFqOAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.162.0/24
62.60.192.0/22
62.60.220.0/22
213.176.1.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:1e:90:0e:50:61:84:ba:d3:d0:14:22:aa:39:7c:35:3e:f2:
fa:05:6f:ef:65:79:24:f8:b9:e4:7d:c8:8a:37:29:32:b3:a9:
0a:4e:ce:71:ae:86:c4:12:42:aa:15:ae:fd:a6:ea:dd:bc:d8:
74:3e:ce:5c:c7:f5:2f:89:3f:b7:40:cb:c8:33:80:6c:33:cc:
47:35:3b:c1:64:c2:62:13:b5:36:be:57:85:4f:12:8a:43:64:
6b:73:bb:ef:01:b3:d8:16:1e:f4:3f:61:60:08:98:57:5a:94:
4e:94:89:4d:91:fe:1a:a3:0d:d0:99:da:b1:8e:60:dc:0e:ed:
a7:d8:fd:0e:ce:63:96:d6:df:6d:69:4e:c5:77:7d:bd:4d:34:
2d:33:57:39:65:a6:cc:97:b2:86:e2:24:de:15:28:4d:b3:ef:
9b:93:4a:d4:0a:f6:6b:b5:ec:e1:00:26:22:5e:03:8f:72:4d:
96:09:19:74:80:e8:f6:a4:ab:a6:55:2d:b9:9e:99:93:e5:90:
db:0e:58:3d:1c:3c:37:48:19:39:f3:57:6e:25:5b:d2:7e:cc:
75:99:47:3d:15:92:18:ac:24:71:56:d8:d0:d1:c9:be:ad:df:
51:48:9a:84:f3:1b:ac:57:27:86:0c:18:63:18:34:ba:d2:b3:
89:d1:3d:44
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDpYxrGmJAo/y+gBWsAwOqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNzI1MTAxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjllNTczM2ZjZjVkZWQxMWFhODVjNWM5ZjA1NGY5NTAxNmEzODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9tiN1u1gxyh7EFxyRrYDIGvfCRlA
wYcwMmQfToqSGBlthsCWhvHV8vFCtVDGRBw0pKOxUCR0QiyMNKVpFA3M7fAjX2Hs
xa1cGcUi7xf27kV5qCMEScewIyAKlpdLPA0RJhzJJgpIQ8tJnYivy6ZcwphUTK3x
F2cmPkCroLv9C9o5gV7oWPhu49ODnx3jPYh/tjHyYKpP2kOkqeXqbcwsTs6wa695
w904KC1FQRV+gFx5aiF4bQDzul1+YUaxqMCKkPOxiaQD+/4gwE/qpXMBo1F1thf+
pctkOehtBVBKF3JAYnehwQ72j5vXAmVxoefe9YXcn7NqLhuCn376iD6bIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBueVzP89d7RGqhcXJ8FT5UBajgBMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvRzU1WE1fejEzdEVhcUZ4Y253VlBsUUZxT0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPjyiAwQC
PjzAAwQCPjzcAwQA1bABMA0GCSqGSIb3DQEBCwUAA4IBAQBaHpAOUGGEutPQFCKq
OXw1PvL6BW/vZXkk+LnkfciKNykys6kKTs5xrobEEkKqFa79purdvNh0Ps5cx/Uv
iT+3QMvIM4BsM8xHNTvBZMJiE7U2vleFTxKKQ2Rrc7vvAbPYFh70P2FgCJhXWpRO
lIlNkf4aow3QmdqxjmDcDu2n2P0OzmOW1t9taU7Fd329TTQtM1c5ZabMl7KG4iTe
FShNs++bk0rUCvZrtezhACYiXgOPck2WCRl0gOj2pKumVS25npmT5ZDbDlg9HDw3
SBk581duJVvSfsx1mUc9FZIYrCRxVtjQ0cm+rd9RSJqE8xusVyeGDBhjGDS60rOJ
0T1E
-----END CERTIFICATE-----
Generated at Sun Aug 18 09:35:25 2024 by rpki-client on console-ams.rpki-client.org