Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/H1UtCzbK_o6cyql-jtzgYTdaFrM.roa
File: H1UtCzbK_o6cyql-jtzgYTdaFrM.roa (raw, json)
Hash identifier: AiwVmELMkujZNgCB39/0lBboBg16RD7D9qmXfZY0dqo=
Subject key identifier: 1F:55:2D:0B:36:CA:FE:8E:9C:CA:A9:7E:8E:DC:E0:61:37:5A:16:B3
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018F7ACE71E084B3E951186F8826D29F160A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/H1UtCzbK_o6cyql-jtzgYTdaFrM.roa
Signing time: Wed 15 May 2024 05:51:40 +0000
ROA not before: Wed 15 May 2024 05:51:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.216.0/22 maxlen: 24
62.60.224.0/19 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 07:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7a:ce:71:e0:84:b3:e9:51:18:6f:88:26:d2:9f:16:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 15 05:51:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f552d0b36cafe8e9ccaa97e8edce061375a16b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:95:b3:53:f4:aa:49:1d:ee:7e:0a:7c:78:
23:9a:94:ed:7e:3b:cd:e0:1c:c7:bc:08:af:63:69:
ff:b0:52:76:9c:57:6e:12:83:f5:c4:64:82:b3:c9:
4b:a4:84:6e:25:83:98:d1:3c:8c:d6:e5:9e:99:db:
96:55:37:28:fb:bd:ba:78:0e:20:08:2f:ba:30:07:
46:64:42:07:0c:53:5b:2c:ce:72:70:e2:9c:72:49:
9f:c7:44:04:98:4b:19:9a:7e:dd:f9:ff:db:aa:71:
fc:c5:99:17:f4:5f:74:39:14:d2:da:d3:2f:19:87:
76:11:c0:d6:84:02:44:9a:6d:ef:0c:7a:fe:e8:11:
45:3a:f1:f3:52:aa:ab:66:58:e8:ae:86:33:67:0d:
da:9e:54:79:85:04:d5:a0:24:d7:69:68:59:73:79:
14:d2:36:de:7b:8f:43:3b:37:46:ff:da:85:2d:ed:
8f:34:f0:95:14:26:2c:ac:5a:a3:0a:98:c3:7d:47:
64:1c:5b:e7:7e:cd:47:6e:80:ea:92:df:4a:41:a1:
05:1f:ab:45:db:6f:7b:77:51:a2:4d:5a:e1:5f:2f:
84:e1:54:a5:3d:00:ae:a5:8b:38:96:f2:aa:7c:e2:
58:b7:41:97:72:99:31:49:63:26:52:bf:2f:1c:b5:
5f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:55:2D:0B:36:CA:FE:8E:9C:CA:A9:7E:8E:DC:E0:61:37:5A:16:B3
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/H1UtCzbK_o6cyql-jtzgYTdaFrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.216.0/22
62.60.224.0/19
213.176.64.0/22
213.176.127.0/24
Signature Algorithm: sha256WithRSAEncryption
76:b9:37:1d:98:56:11:b9:5c:c7:d1:a9:06:58:8d:64:e0:57:
5f:87:55:f7:78:83:c5:73:db:e8:10:51:32:52:3d:e3:32:d2:
78:5a:83:e3:5b:7d:76:3a:c7:a6:58:50:fc:6a:7f:09:10:0c:
c0:15:95:94:74:10:b8:ea:5e:9b:09:29:89:6b:f9:62:c7:43:
a7:d9:cf:e1:73:24:46:66:19:0a:c7:7b:85:87:89:86:2f:23:
d3:d5:f9:1b:46:1b:88:fb:88:a8:c9:b7:bd:9f:cc:f3:6e:14:
5d:2a:e2:d2:32:7b:94:cd:bf:ea:ea:8c:ff:af:d1:50:0e:60:
c0:42:76:90:ea:50:16:4a:52:66:a2:ff:39:bc:95:f4:fb:88:
69:e2:e1:e4:cd:9c:88:f5:66:fa:18:f7:6a:64:d4:3c:62:4e:
4c:d5:80:a5:2e:47:6a:23:ec:35:53:67:da:76:32:59:2a:92:
fc:fd:50:fe:02:05:8a:00:c8:32:c2:3c:d1:80:cb:46:46:05:
73:4d:69:f9:3c:81:ad:4e:c0:5a:a5:47:04:f1:5f:1e:ea:8b:
90:4e:fe:0e:70:4a:4a:21:e5:5a:87:a2:5f:74:93:ee:26:60:
78:9d:44:94:19:d3:64:8c:7f:ea:39:0d:45:26:db:1a:89:74:
8e:14:d5:47
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY96znHghLPpURhviCbSnxYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNTE1MDU1MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU1MmQwYjM2Y2FmZThlOWNjYWE5N2U4ZWRjZTA2MTM3NWExNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu72Vs1P0qkkd7n4KfHgjmpTtfjvN
4BzHvAivY2n/sFJ2nFduEoP1xGSCs8lLpIRuJYOY0TyM1uWemduWVTco+726eA4g
CC+6MAdGZEIHDFNbLM5ycOKcckmfx0QEmEsZmn7d+f/bqnH8xZkX9F90ORTS2tMv
GYd2EcDWhAJEmm3vDHr+6BFFOvHzUqqrZljoroYzZw3anlR5hQTVoCTXaWhZc3kU
0jbee49DOzdG/9qFLe2PNPCVFCYsrFqjCpjDfUdkHFvnfs1HboDqkt9KQaEFH6tF
2297d1GiTVrhXy+E4VSlPQCupYs4lvKqfOJYt0GXcpkxSWMmUr8vHLVffQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB9VLQs2yv6OnMqpfo7c4GE3WhazMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSDFVdEN6YktfbzZjeXFsLWp0emdZVGRhRnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDPjyYAwQC
Pjy4AwQCPjzAAwQCPjzYAwQFPjzgAwQC1bBAAwQA1bB/MA0GCSqGSIb3DQEBCwUA
A4IBAQB2uTcdmFYRuVzH0akGWI1k4Fdfh1X3eIPFc9voEFEyUj3jMtJ4WoPjW312
OsemWFD8an8JEAzAFZWUdBC46l6bCSmJa/lix0On2c/hcyRGZhkKx3uFh4mGLyPT
1fkbRhuI+4ioybe9n8zzbhRdKuLSMnuUzb/q6oz/r9FQDmDAQnaQ6lAWSlJmov85
vJX0+4hp4uHkzZyI9Wb6GPdqZNQ8Yk5M1YClLkdqI+w1U2fadjJZKpL8/VD+AgWK
AMgywjzRgMtGRgVzTWn5PIGtTsBapUcE8V8e6ouQTv4OcEpKIeVah6JfdJPuJmB4
nUSUGdNkjH/qOQ1FJtsaiXSOFNVH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org