Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/KRRSn6HFNpneCrnNH_0LBZqsTXk.roa
File: KRRSn6HFNpneCrnNH_0LBZqsTXk.roa (raw, json)
Hash identifier: KxjGG9SjhkqvJrf32W0v1sVEwpHFx8nXbL96R7ISVUM=
Subject key identifier: 29:14:52:9F:A1:C5:36:99:DE:0A:B9:CD:1F:FD:0B:05:9A:AC:4D:79
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019310D875E1BF1EC4A0E6D55F502F3BE4AB
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/KRRSn6HFNpneCrnNH_0LBZqsTXk.roa
Signing time: Sat 09 Nov 2024 12:14:01 +0000
ROA not before: Sat 09 Nov 2024 12:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.152.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 08:08:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:d8:75:e1:bf:1e:c4:a0:e6:d5:5f:50:2f:3b:e4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Nov 9 12:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2914529fa1c53699de0ab9cd1ffd0b059aac4d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ed:f9:2b:70:0e:e0:27:57:f2:83:30:2d:fe:
08:77:fe:d0:d6:62:9b:c1:40:ee:2a:13:6d:5f:da:
6b:a1:76:74:ae:e6:e7:94:8d:ec:06:51:8c:c0:05:
68:f9:01:06:1e:18:51:55:91:44:87:41:0b:16:50:
26:7b:5c:59:af:58:89:92:06:a4:3a:db:be:02:e1:
63:01:67:6f:ef:40:45:1e:49:11:69:ca:17:78:64:
5d:34:e0:11:b6:1b:c6:c5:24:7b:8d:e2:2c:74:41:
40:03:f9:b5:df:88:da:66:69:d6:eb:16:81:3a:8e:
e4:27:ed:8b:8c:ae:b7:55:0c:ad:1b:87:d2:f8:23:
92:2f:21:69:e2:b7:84:f6:50:eb:ab:3b:b6:82:f5:
0f:bd:ba:c7:c7:f2:9e:c6:a2:33:fc:c8:a2:97:6d:
4d:6f:05:d5:5a:df:5f:54:73:0a:ed:d4:ab:bd:84:
b9:a1:e2:9a:5f:d8:39:4b:81:a7:86:f4:03:0b:27:
ad:70:c2:58:aa:37:81:dc:97:67:fa:03:02:e3:a1:
2b:74:4e:4d:26:5e:60:bb:74:1f:a5:c6:c2:97:aa:
9f:8e:cb:ba:cd:ed:ec:5e:fe:73:eb:e2:5d:10:1d:
5a:6a:5b:40:d2:5d:32:64:3d:58:e2:25:a0:31:2f:
14:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:14:52:9F:A1:C5:36:99:DE:0A:B9:CD:1F:FD:0B:05:9A:AC:4D:79
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/KRRSn6HFNpneCrnNH_0LBZqsTXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:d3:bc:c7:61:ce:d8:36:71:db:d7:aa:a8:36:c3:e3:64:a8:
ab:4f:8e:61:fb:32:e0:d0:24:d6:fe:75:f2:e0:92:f0:26:54:
07:de:2b:b2:64:16:00:71:c2:fe:0d:6a:71:50:10:36:d5:c8:
c5:13:be:67:e1:fe:92:3d:52:a5:f3:c0:5b:e2:0c:53:ff:8d:
25:3d:67:10:2d:d2:99:7f:ae:86:de:ca:e2:cd:cb:84:52:b2:
91:90:c4:bc:99:91:c5:37:92:aa:45:f9:1e:76:18:f3:03:db:
47:c8:1d:ec:d2:8b:73:a8:1c:10:29:bc:1e:b5:ca:94:b2:f4:
16:36:5c:57:7c:ad:b4:bf:85:d6:5e:96:1c:1e:f4:6a:a4:ef:
04:41:48:2e:4a:eb:1a:10:eb:3d:56:12:da:63:f5:0c:c9:d7:
ab:f8:ea:44:1d:92:da:d5:0b:d3:2b:99:a0:ae:15:af:2d:fb:
2b:3d:80:7e:00:08:71:25:d8:bb:f6:71:bf:25:80:42:f6:4b:
95:8e:87:6f:51:4c:db:a8:81:48:eb:02:52:dc:8c:a7:6d:ae:
2f:39:62:8c:aa:bc:a9:34:b8:03:d6:d0:27:b3:b3:dc:d9:50:
18:49:48:14:ff:21:d9:3d:06:dd:14:de:1c:a2:0d:c1:38:ef:
9f:c6:b6:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMQ2HXhvx7EoObVX1AvO+SrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQxMTA5MTIxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTE0NTI5ZmExYzUzNjk5ZGUwYWI5Y2QxZmZkMGIwNTlhYWM0ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+35K3AO4CdX8oMwLf4Id/7Q1mKb
wUDuKhNtX9proXZ0rubnlI3sBlGMwAVo+QEGHhhRVZFEh0ELFlAme1xZr1iJkgak
Otu+AuFjAWdv70BFHkkRacoXeGRdNOARthvGxSR7jeIsdEFAA/m134jaZmnW6xaB
Oo7kJ+2LjK63VQytG4fS+COSLyFp4reE9lDrqzu2gvUPvbrHx/KexqIz/Miil21N
bwXVWt9fVHMK7dSrvYS5oeKaX9g5S4GnhvQDCyetcMJYqjeB3Jdn+gMC46ErdE5N
Jl5gu3QfpcbCl6qfjsu6ze3sXv5z6+JdEB1aaltA0l0yZD1Y4iWgMS8UxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkUUp+hxTaZ3gq5zR/9CwWarE15MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvS1JSU242SEZOcG5lQ3JuTkhfMExCWnFzVFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPjyYMA0G
CSqGSIb3DQEBCwUAA4IBAQB907zHYc7YNnHb16qoNsPjZKirT45h+zLg0CTW/nXy
4JLwJlQH3iuyZBYAccL+DWpxUBA21cjFE75n4f6SPVKl88Bb4gxT/40lPWcQLdKZ
f66G3srizcuEUrKRkMS8mZHFN5KqRfkedhjzA9tHyB3s0otzqBwQKbwetcqUsvQW
NlxXfK20v4XWXpYcHvRqpO8EQUguSusaEOs9VhLaY/UMyder+OpEHZLa1QvTK5mg
rhWvLfsrPYB+AAhxJdi79nG/JYBC9kuVjodvUUzbqIFI6wJS3Iynba4vOWKMqryp
NLgD1tAns7Pc2VAYSUgU/yHZPQbdFN4cog3BOO+fxraR
-----END CERTIFICATE-----
Generated at Sun Nov 10 14:00:34 2024 by rpki-client on console-ams.rpki-client.org