Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IKFM_jH0NA8A4ksnUt_3LqSLyrE.roa
File: IKFM_jH0NA8A4ksnUt_3LqSLyrE.roa (raw, json)
Hash identifier: /wjVk6LrLOt+mRj5cTINyX5102vuow+NQzrgg56zAhE=
Subject key identifier: 20:A1:4C:FE:31:F4:34:0F:00:E2:4B:27:52:DF:F7:2E:A4:8B:CA:B1
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01906D1E4D8DF1A9F2310ED23B95E5076067
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IKFM_jH0NA8A4ksnUt_3LqSLyrE.roa
Signing time: Mon 01 Jul 2024 07:07:00 +0000
ROA not before: Mon 01 Jul 2024 07:07:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 62.60.162.0/24 maxlen: 24
62.60.220.0/22 maxlen: 24
213.176.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 10:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:1e:4d:8d:f1:a9:f2:31:0e:d2:3b:95:e5:07:60:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jul 1 07:07:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20a14cfe31f4340f00e24b2752dff72ea48bcab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a5:aa:36:d4:e1:ab:7f:5a:08:c7:0f:58:a5:
d7:1e:47:50:a4:72:05:36:29:46:bd:f5:e7:2a:03:
41:50:8e:e6:14:39:18:40:51:fa:c7:e1:44:b0:a7:
f8:b6:f2:5f:82:ad:fe:3f:22:b4:e9:e1:b2:0e:f7:
18:9e:fb:e3:c0:42:c9:7e:86:be:e9:43:1e:9b:98:
10:bb:d2:2c:dc:e4:9f:a2:dc:8f:25:18:76:d9:1c:
28:f6:d8:38:c4:4a:d4:8e:c5:a3:7c:d7:14:da:dd:
93:1e:34:c6:e3:95:2a:80:e3:51:5e:11:c6:42:d5:
3e:5b:91:55:68:17:24:17:1f:48:7e:ff:1d:14:b4:
36:37:e4:ea:c4:61:cc:29:fb:cb:31:0d:54:9e:12:
17:bf:71:1e:60:e1:2c:ff:a2:0a:6e:19:cf:b9:cb:
c6:1c:e8:d9:16:b3:71:ae:73:9c:70:b8:c9:63:b6:
2a:87:c7:ea:19:53:15:38:d0:2e:1f:04:c8:5b:f8:
fc:8a:e0:17:52:86:7a:ab:40:3e:56:f4:67:ae:8f:
25:54:b9:9d:3a:a9:b9:6d:c6:f5:52:b4:05:5f:86:
23:34:3b:95:f4:4b:21:7a:53:0f:6a:d9:29:17:96:
6a:91:65:2f:7e:f9:34:f0:bb:4f:24:f3:dc:56:2f:
28:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A1:4C:FE:31:F4:34:0F:00:E2:4B:27:52:DF:F7:2E:A4:8B:CA:B1
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IKFM_jH0NA8A4ksnUt_3LqSLyrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.162.0/24
62.60.220.0/22
213.176.1.0/24
Signature Algorithm: sha256WithRSAEncryption
26:6d:a4:5a:a0:fa:15:2c:52:ed:7c:0c:4f:0e:b1:27:14:38:
34:0d:cc:48:12:25:db:94:33:90:7f:d9:d8:5a:7c:ef:3d:ae:
20:b9:c7:b1:77:bd:45:b1:2b:78:4d:6d:5f:80:a3:cf:b8:d5:
77:17:34:37:0c:9a:41:aa:9d:fb:f8:79:b0:26:53:2a:32:19:
be:8d:ed:f9:2f:9f:c9:ab:72:3f:3d:62:d5:20:04:10:28:de:
42:0b:b4:69:9e:c2:ef:c4:72:c8:b1:8a:5a:70:d9:a6:9d:39:
5b:76:35:d5:ac:d1:37:72:de:d6:f4:18:9a:04:57:dc:2b:c2:
64:98:d8:94:ad:61:28:74:b7:f2:5b:a6:ca:82:b5:b2:c6:08:
aa:e4:d4:02:19:9c:ab:d0:29:a9:7e:63:75:28:4b:f4:e0:fd:
04:7c:ca:cf:f6:d8:90:a8:07:a5:b5:99:88:2b:bc:1d:f1:39:
07:81:09:9a:8c:bd:37:c4:68:88:07:a1:fb:22:05:24:7e:25:
a5:f4:dd:ba:59:43:b9:2f:e1:da:d2:04:cb:0c:9c:fd:4b:3b:
04:47:2c:3c:01:40:cf:24:70:3d:91:78:9a:36:93:94:50:9f:
97:d2:db:5b:54:36:54:28:33:5f:cc:cf:76:48:5d:ab:40:41:
b9:44:64:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBtHk2N8anyMQ7SO5XlB2BnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNzAxMDcwNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGExNGNmZTMxZjQzNDBmMDBlMjRiMjc1MmRmZjcyZWE0OGJjYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKWqNtThq39aCMcPWKXXHkdQpHIF
NilGvfXnKgNBUI7mFDkYQFH6x+FEsKf4tvJfgq3+PyK06eGyDvcYnvvjwELJfoa+
6UMem5gQu9Is3OSfotyPJRh22Rwo9tg4xErUjsWjfNcU2t2THjTG45UqgONRXhHG
QtU+W5FVaBckFx9Ifv8dFLQ2N+TqxGHMKfvLMQ1UnhIXv3EeYOEs/6IKbhnPucvG
HOjZFrNxrnOccLjJY7Yqh8fqGVMVONAuHwTIW/j8iuAXUoZ6q0A+VvRnro8lVLmd
Oqm5bcb1UrQFX4YjNDuV9EshelMPatkpF5ZqkWUvfvk08LtPJPPcVi8oBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCChTP4x9DQPAOJLJ1Lf9y6ki8qxMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSUtGTV9qSDBOQThBNGtzblV0XzNMcVNMeXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPjyiAwQC
PjzcAwQA1bABMA0GCSqGSIb3DQEBCwUAA4IBAQAmbaRaoPoVLFLtfAxPDrEnFDg0
DcxIEiXblDOQf9nYWnzvPa4gucexd71FsSt4TW1fgKPPuNV3FzQ3DJpBqp37+Hmw
JlMqMhm+je35L5/Jq3I/PWLVIAQQKN5CC7RpnsLvxHLIsYpacNmmnTlbdjXVrNE3
ct7W9BiaBFfcK8JkmNiUrWEodLfyW6bKgrWyxgiq5NQCGZyr0CmpfmN1KEv04P0E
fMrP9tiQqAeltZmIK7wd8TkHgQmajL03xGiIB6H7IgUkfiWl9N26WUO5L+Ha0gTL
DJz9SzsERyw8AUDPJHA9kXiaNpOUUJ+X0ttbVDZUKDNfzM92SF2rQEG5RGQG
-----END CERTIFICATE-----
Generated at Thu Jul 25 12:39:08 2024 by rpki-client on console-fra.rpki-client.org