Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/HY_d1NHBuDy4k4IpWZQMLMoZnio.roa
File: HY_d1NHBuDy4k4IpWZQMLMoZnio.roa (raw, json)
Hash identifier: lbm/q0OhV6xLUI3fDhRv2PM8hetkU19ClbZhbZT0EYo=
Subject key identifier: 1D:8F:DD:D4:D1:C1:B8:3C:B8:93:82:29:59:94:0C:2C:CA:19:9E:2A
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018FE85914691943B82728B202AD720090C5
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/HY_d1NHBuDy4k4IpWZQMLMoZnio.roa
Signing time: Wed 05 Jun 2024 12:21:42 +0000
ROA not before: Wed 05 Jun 2024 12:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.216.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.224.0/19 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.72.0/22 maxlen: 24
213.176.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 11:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:59:14:69:19:43:b8:27:28:b2:02:ad:72:00:90:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 5 12:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d8fddd4d1c1b83cb893822959940c2cca199e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:34:d2:a3:73:1d:ea:04:cf:fd:86:9e:42:da:
4d:92:8b:1c:1f:4b:04:66:6e:bc:0f:02:5a:14:ce:
a1:b4:79:53:f9:fb:4f:b3:60:31:da:bb:4f:13:d4:
f3:28:06:3b:54:18:a8:40:dd:cc:2a:01:bf:37:28:
6d:58:7f:21:aa:9e:bd:2b:86:9e:1d:4a:09:e3:48:
ed:15:c5:f1:61:22:81:ba:4c:95:d7:75:5f:2b:54:
01:be:8d:1c:cf:ed:64:c1:8a:3b:1e:fd:01:71:50:
68:3e:9e:4d:79:a1:61:75:92:55:5b:42:b3:59:bc:
fa:dc:e8:49:85:33:74:9d:bc:4b:8d:cc:1b:8a:95:
bf:df:d4:8e:2d:24:0f:21:05:53:ce:d8:17:77:4a:
2d:b8:6d:3c:ce:3e:3c:5b:d7:30:d2:5a:42:29:f8:
11:b3:a7:c8:20:bd:48:99:99:4e:fa:6e:f4:c1:16:
bc:50:d9:0c:24:3c:90:22:a6:a6:b5:05:6c:60:2e:
a2:9b:7f:73:12:33:8d:c1:1c:21:5f:54:62:e7:e8:
c6:22:fa:8a:ef:d7:d4:1a:ac:46:55:3d:5d:b5:7f:
12:83:6a:86:e6:e2:0b:37:de:0e:13:7c:b3:06:2c:
d9:a3:af:5f:6e:c8:cb:7d:7b:2d:d9:b8:5a:80:67:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8F:DD:D4:D1:C1:B8:3C:B8:93:82:29:59:94:0C:2C:CA:19:9E:2A
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/HY_d1NHBuDy4k4IpWZQMLMoZnio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.216.0-62.60.255.255
213.176.64.0/22
213.176.72.0/22
213.176.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:e5:4d:aa:84:0f:5b:bd:6c:b9:68:72:da:c7:f4:f0:81:c0:
57:b3:bd:46:1b:65:0e:99:62:23:28:e7:12:1a:b9:83:94:7a:
51:b8:8f:73:4e:4f:61:a5:b3:aa:6f:79:3e:73:88:b5:9a:05:
1e:94:01:62:d4:56:f1:a3:5a:c3:ba:56:18:9e:5b:94:5f:d5:
57:6b:86:62:ec:4a:a2:94:0b:af:63:7a:41:12:d4:e0:4f:7b:
6f:20:f6:f6:d7:6b:ed:32:e4:62:99:28:fe:84:e1:85:a8:99:
8d:36:2d:ca:17:8f:cb:7d:10:72:94:dc:3d:19:1c:d2:01:ce:
04:30:4a:09:fa:59:19:9e:fd:23:30:28:ae:8b:63:cf:98:c3:
30:63:b4:45:7a:f1:a7:6b:fc:02:31:2d:d6:ba:f1:50:8f:12:
16:c4:ba:08:e9:64:ff:32:7f:3e:e7:99:d6:30:90:ce:60:62:
cb:f0:83:c0:64:a1:1a:b5:e0:b3:f8:77:42:88:f6:7e:6f:91:
33:91:f7:44:b2:21:dd:d6:7c:4b:36:f3:f5:54:2c:4b:f4:58:
20:3c:e2:e9:1a:8f:bd:98:19:96:17:1a:ae:61:f1:9f:dc:b7:
36:20:1f:7c:29:d3:fd:cf:cc:25:74:3b:cf:39:e9:b0:75:40:
fa:b1:1d:cd
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY/oWRRpGUO4JyiyAq1yAJDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNjA1MTIyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhmZGRkNGQxYzFiODNjYjg5MzgyMjk1OTk0MGMyY2NhMTk5ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzTSo3Md6gTP/YaeQtpNkoscH0sE
Zm68DwJaFM6htHlT+ftPs2Ax2rtPE9TzKAY7VBioQN3MKgG/NyhtWH8hqp69K4ae
HUoJ40jtFcXxYSKBukyV13VfK1QBvo0cz+1kwYo7Hv0BcVBoPp5NeaFhdZJVW0Kz
Wbz63OhJhTN0nbxLjcwbipW/39SOLSQPIQVTztgXd0otuG08zj48W9cw0lpCKfgR
s6fIIL1ImZlO+m70wRa8UNkMJDyQIqamtQVsYC6im39zEjONwRwhX1Ri5+jGIvqK
79fUGqxGVT1dtX8Sg2qG5uILN94OE3yzBizZo69fbsjLfXst2bhagGdJLwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFB2P3dTRwbg8uJOCKVmUDCzKGZ4qMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSFlfZDFOSEJ1RHk0azRJcFdaUU1MTW9abmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAATAxAwQDPjyYAwQC
Pjy4AwQCPjzAMAsDBAM+PNgDAwA+PAMEAtWwQAMEAtWwSAMEAtWwXDANBgkqhkiG
9w0BAQsFAAOCAQEAjOVNqoQPW71suWhy2sf08IHAV7O9RhtlDpliIyjnEhq5g5R6
UbiPc05PYaWzqm95PnOItZoFHpQBYtRW8aNaw7pWGJ5blF/VV2uGYuxKopQLr2N6
QRLU4E97byD29tdr7TLkYpko/oThhaiZjTYtyhePy30QcpTcPRkc0gHOBDBKCfpZ
GZ79IzAorotjz5jDMGO0RXrxp2v8AjEt1rrxUI8SFsS6COlk/zJ/PueZ1jCQzmBi
y/CDwGShGrXgs/h3Qoj2fm+RM5H3RLIh3dZ8Szbz9VQsS/RYIDzi6RqPvZgZlhca
rmHxn9y3NiAffCnT/c/MJXQ7zznpsHVA+rEdzQ==
-----END CERTIFICATE-----
Generated at Tue Jun 11 13:12:48 2024 by rpki-client on console-fra.rpki-client.org