Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/HEwc7s2__AfshnhBFiMCH4wFnKo.roa
File: HEwc7s2__AfshnhBFiMCH4wFnKo.roa (raw, json)
Hash identifier: gZD1S9bZjtAQdTh+7VcYO05KE5Pu66CJwDTnxDxqerM=
Subject key identifier: 1C:4C:1C:EE:CD:BF:FC:07:EC:86:78:41:16:23:02:1F:8C:05:9C:AA
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018570B072252329A7CBCA96CB818604C0E0
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/HEwc7s2__AfshnhBFiMCH4wFnKo.roa
Signing time: Mon 02 Jan 2023 04:14:49 +0000
ROA not before: Mon 02 Jan 2023 04:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.132.0/22 maxlen: 24
62.60.148.0/22 maxlen: 24
213.176.20.0/22 maxlen: 24
213.176.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 07:19:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:72:25:23:29:a7:cb:ca:96:cb:81:86:04:c0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 04:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c4c1ceecdbffc07ec8678411623021f8c059caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:91:5f:e3:7d:73:c5:ce:57:e7:53:18:13:97:
35:d3:d9:8e:23:90:10:f4:8a:f9:bb:79:99:9c:40:
0f:88:57:9c:44:ea:91:aa:eb:ec:6f:90:18:10:e1:
25:b6:66:97:30:f9:af:a8:5c:fd:12:d6:fe:7f:b9:
59:92:88:ff:58:b1:87:f3:e7:d7:98:21:18:2d:50:
af:61:fc:73:af:29:65:ed:7a:d2:62:30:64:df:39:
22:6e:86:9b:c1:69:b0:98:57:f5:d2:5a:94:4d:03:
d8:7b:cd:91:b8:a2:f5:29:f6:a8:9f:5a:bc:0a:1e:
43:37:6e:f1:aa:66:7c:3b:d0:dd:6e:ce:e4:0f:bd:
f8:eb:b3:c0:54:14:da:a0:47:75:ff:ba:98:a2:4b:
00:83:f4:b6:23:c5:2b:76:39:05:f4:a1:66:b1:a0:
8d:03:ed:c2:5e:ae:79:cb:da:f0:c6:2a:39:d5:b1:
0a:86:83:41:32:b3:b3:9a:da:46:66:4f:d0:02:c6:
98:87:c4:91:59:56:2a:a8:c5:bc:d2:a2:4f:ac:22:
58:ac:16:81:b0:32:83:f8:9a:85:5d:2a:c1:4f:96:
94:ef:84:81:f8:6a:12:40:12:07:ba:b2:cf:15:cb:
dc:62:4e:8a:70:9a:9d:35:06:0d:3b:34:99:c4:0f:
44:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4C:1C:EE:CD:BF:FC:07:EC:86:78:41:16:23:02:1F:8C:05:9C:AA
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/HEwc7s2__AfshnhBFiMCH4wFnKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.132.0/22
62.60.148.0/22
213.176.20.0-213.176.27.255
Signature Algorithm: sha256WithRSAEncryption
15:d9:58:19:3c:72:1f:e0:f4:be:29:72:b9:dd:f7:37:45:da:
5a:f2:35:66:07:bd:b5:cf:1d:a8:3c:00:06:40:76:bf:b2:91:
e3:34:38:ae:07:d9:67:f4:fd:92:6a:6b:40:23:7f:a7:fe:48:
2c:00:18:cb:de:53:2a:c2:46:97:0a:10:16:e9:ac:75:7c:bf:
d2:8e:d8:bf:ec:e4:55:dd:d2:dd:25:64:26:4d:b1:4b:10:e0:
df:6f:49:2d:78:fe:d2:45:d4:a9:0b:28:24:34:19:67:d0:d6:
d4:32:bc:c6:d8:ef:c6:e6:51:8f:ea:57:51:12:fd:1b:2f:3f:
6d:07:bc:a2:18:45:96:b8:81:98:58:7d:77:d3:92:4d:61:66:
3b:32:b9:31:50:7f:53:a7:d7:7e:e2:c1:0e:7c:9c:6e:a4:a8:
57:b0:ca:27:7e:b7:3b:1f:9d:d8:14:f5:e9:ff:47:35:94:88:
ed:0f:7a:09:c3:ff:0d:37:e5:e7:b7:75:43:67:44:8c:59:af:
f4:05:3f:6a:76:b1:c6:76:ee:f4:46:bf:5f:dd:62:47:8c:de:
82:92:f8:87:0e:8c:e3:05:f3:b8:73:7d:3d:d4:88:05:29:40:
30:89:9f:07:5e:8a:a3:a9:e0:cd:75:e9:59:50:d6:84:4b:c7:
18:cf:e8:5d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwsHIlIymny8qWy4GGBMDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTAyMDQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzRjMWNlZWNkYmZmYzA3ZWM4Njc4NDExNjIzMDIxZjhjMDU5Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJFf431zxc5X51MYE5c109mOI5AQ
9Ir5u3mZnEAPiFecROqRquvsb5AYEOEltmaXMPmvqFz9Etb+f7lZkoj/WLGH8+fX
mCEYLVCvYfxzryll7XrSYjBk3zkiboabwWmwmFf10lqUTQPYe82RuKL1Kfaon1q8
Ch5DN27xqmZ8O9Ddbs7kD73467PAVBTaoEd1/7qYoksAg/S2I8UrdjkF9KFmsaCN
A+3CXq55y9rwxio51bEKhoNBMrOzmtpGZk/QAsaYh8SRWVYqqMW80qJPrCJYrBaB
sDKD+JqFXSrBT5aU74SB+GoSQBIHurLPFcvcYk6KcJqdNQYNOzSZxA9ENwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBxMHO7Nv/wH7IZ4QRYjAh+MBZyqMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSEV3YzdzMl9fQWZzaG5oQkZpTUNINHdGbktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCPjyEAwQC
PjyUMAwDBALVsBQDBALVsBgwDQYJKoZIhvcNAQELBQADggEBABXZWBk8ch/g9L4p
crnd9zdF2lryNWYHvbXPHag8AAZAdr+ykeM0OK4H2Wf0/ZJqa0Ajf6f+SCwAGMve
UyrCRpcKEBbprHV8v9KO2L/s5FXd0t0lZCZNsUsQ4N9vSS14/tJF1KkLKCQ0GWfQ
1tQyvMbY78bmUY/qV1ES/RsvP20HvKIYRZa4gZhYfXfTkk1hZjsyuTFQf1On137i
wQ58nG6kqFewyid+tzsfndgU9en/RzWUiO0PegnD/w035ee3dUNnRIxZr/QFP2p2
scZ27vRGv1/dYkeM3oKS+IcOjOMF87hzfT3UiAUpQDCJnwdeiqOp4M116VlQ1oRL
xxjP6F0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org