Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IRdBGGAe_vp7AaZmglCtOCkyQFY.roa
File: IRdBGGAe_vp7AaZmglCtOCkyQFY.roa (raw, json)
Hash identifier: yxaoi4dqYNN180xPCZoWGkhA1dKVOlLLv8S82Mza1YQ=
Subject key identifier: 21:17:41:18:60:1E:FE:FA:7B:01:A6:66:82:50:AD:38:29:32:40:56
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018DEF55B76CED24D7903DAAB9A552D71D8F
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IRdBGGAe_vp7AaZmglCtOCkyQFY.roa
Signing time: Wed 28 Feb 2024 10:49:48 +0000
ROA not before: Wed 28 Feb 2024 10:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.156.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 12:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:55:b7:6c:ed:24:d7:90:3d:aa:b9:a5:52:d7:1d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 28 10:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21174118601efefa7b01a6668250ad3829324056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:33:e8:7f:7a:7a:5f:3c:62:80:c1:30:3d:5a:
16:81:15:4c:0a:0e:0b:ef:45:ec:79:00:78:ce:e7:
b6:8a:a2:4a:a5:b4:30:a7:41:c5:3d:d5:ba:02:44:
41:8c:ef:47:9f:c8:62:fc:41:bc:f3:93:8f:15:b3:
ef:ca:eb:85:e5:ef:68:82:bd:5f:91:7a:eb:9c:a3:
42:25:18:65:ec:93:66:55:7d:57:13:53:73:ad:f8:
ea:87:8c:c1:62:aa:fe:61:0d:c7:a3:ec:9d:85:fa:
fe:a1:9c:93:cd:ba:22:e8:d5:bf:77:06:2a:b4:31:
1d:ba:2f:d2:ae:e6:d3:e1:3c:9b:e6:54:07:42:62:
20:bf:f4:96:d7:90:e8:d5:6c:c1:58:94:d9:ab:eb:
71:8c:45:87:df:95:6c:0b:24:ad:37:32:23:1c:e5:
71:12:8c:7e:8f:60:72:bf:7e:5f:7b:94:44:86:9c:
07:f7:e3:34:53:e5:a7:86:d4:19:30:54:f3:10:0d:
82:c2:3e:25:d0:cb:50:60:f4:08:aa:da:44:f1:35:
0f:01:ef:7c:80:dc:2c:45:06:87:65:f9:53:a1:4b:
43:c5:37:a8:27:19:ce:98:88:10:88:73:62:bb:52:
8f:a6:af:66:6a:df:39:a5:9d:82:df:c8:ce:35:94:
e2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:17:41:18:60:1E:FE:FA:7B:01:A6:66:82:50:AD:38:29:32:40:56
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IRdBGGAe_vp7AaZmglCtOCkyQFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.156.0/22
62.60.220.0/22
Signature Algorithm: sha256WithRSAEncryption
14:11:6e:15:d8:e6:da:e2:71:3c:c7:09:f8:13:9c:f2:3f:ba:
a8:5a:b5:98:57:43:20:f3:8d:fc:cb:d4:d0:57:86:c7:ac:de:
77:75:ac:93:b4:8c:5b:b5:b8:e6:0a:6c:2a:60:86:01:41:ab:
15:e2:ef:74:71:15:e8:32:c6:d2:32:a8:ce:e1:ff:7a:4b:c8:
26:26:4d:85:f9:c8:30:20:b3:05:7a:4e:c8:b9:e7:6c:bc:29:
ec:22:60:e8:d6:1c:57:b3:9f:03:1d:19:ce:d9:67:e6:27:7e:
b1:94:16:d9:31:b6:22:17:4a:25:5f:5a:06:08:bc:38:d0:82:
fe:c9:25:79:9c:76:aa:2f:42:55:66:34:a6:f6:a1:b6:d6:46:
32:ad:b4:c3:39:04:83:60:d7:d7:88:1d:cb:e2:ea:7c:06:b9:
66:c2:82:7f:c7:c8:ef:c7:5d:45:96:17:b0:1a:45:ce:77:bf:
93:73:9d:c7:aa:31:86:4d:e2:38:e9:5a:47:da:a3:5b:53:35:
92:53:02:5c:ab:4d:e8:a2:31:d5:b7:97:fd:6c:d8:e2:c4:f7:
da:ed:b4:70:7f:c6:5c:dd:a8:c7:4b:9a:f2:9b:1c:43:57:0c:
d5:13:b3:80:46:c6:98:31:07:cc:ec:68:b7:07:ba:a8:52:bb:
e7:5e:1d:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3vVbds7STXkD2quaVS1x2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjI4MTA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE3NDExODYwMWVmZWZhN2IwMWE2NjY4MjUwYWQzODI5MzI0MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjPof3p6XzxigMEwPVoWgRVMCg4L
70XseQB4zue2iqJKpbQwp0HFPdW6AkRBjO9Hn8hi/EG885OPFbPvyuuF5e9ogr1f
kXrrnKNCJRhl7JNmVX1XE1Nzrfjqh4zBYqr+YQ3Ho+ydhfr+oZyTzboi6NW/dwYq
tDEdui/SrubT4Tyb5lQHQmIgv/SW15Do1WzBWJTZq+txjEWH35VsCyStNzIjHOVx
Eox+j2Byv35fe5REhpwH9+M0U+WnhtQZMFTzEA2Cwj4l0MtQYPQIqtpE8TUPAe98
gNwsRQaHZflToUtDxTeoJxnOmIgQiHNiu1KPpq9mat85pZ2C38jONZTi/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCEXQRhgHv76ewGmZoJQrTgpMkBWMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSVJkQkdHQWVfdnA3QWFabWdsQ3RPQ2t5UUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPjycAwQC
PjzcMA0GCSqGSIb3DQEBCwUAA4IBAQAUEW4V2Oba4nE8xwn4E5zyP7qoWrWYV0Mg
8438y9TQV4bHrN53dayTtIxbtbjmCmwqYIYBQasV4u90cRXoMsbSMqjO4f96S8gm
Jk2F+cgwILMFek7IuedsvCnsImDo1hxXs58DHRnO2WfmJ36xlBbZMbYiF0olX1oG
CLw40IL+ySV5nHaqL0JVZjSm9qG21kYyrbTDOQSDYNfXiB3L4up8BrlmwoJ/x8jv
x11FlhewGkXOd7+Tc53HqjGGTeI46VpH2qNbUzWSUwJcq03oojHVt5f9bNjixPfa
7bRwf8Zc3ajHS5rymxxDVwzVE7OARsaYMQfM7Gi3B7qoUrvnXh3Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org