Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Ma2e7re7nF2NvuEPvIIz6v2PhHs.roa
File: Ma2e7re7nF2NvuEPvIIz6v2PhHs.roa (raw, json)
Hash identifier: IrCzD2Ysz3504UAiq9BcDMAVLVnnuRTkYg75y12cD1o=
Subject key identifier: 31:AD:9E:EE:B7:BB:9C:5D:8D:BE:E1:0F:BC:82:33:EA:FD:8F:84:7B
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0189BA39820DFFA16B63781A5D0EEEDA3A24
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Ma2e7re7nF2NvuEPvIIz6v2PhHs.roa
Signing time: Thu 03 Aug 2023 07:07:58 +0000
ROA not before: Thu 03 Aug 2023 07:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.220.0/22 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.148.0/22 maxlen: 24
213.176.121.0/24 maxlen: 24
213.176.127.0/24 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 20:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:39:82:0d:ff:a1:6b:63:78:1a:5d:0e:ee:da:3a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 3 07:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31ad9eeeb7bb9c5d8dbee10fbc8233eafd8f847b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b6:31:62:68:8d:e2:fb:49:28:0c:7f:3c:ef:
aa:59:77:22:99:b4:e0:10:de:fc:ed:b1:50:75:6f:
c7:b4:c7:00:fb:aa:7b:12:41:33:bb:c5:55:96:64:
96:45:2e:96:2e:b1:a3:18:28:3e:71:6f:7d:48:c8:
73:64:c3:0d:ce:a5:f9:42:48:23:87:6c:00:76:e8:
49:ba:b5:63:14:77:e0:08:bf:34:cd:e4:54:71:f7:
e1:10:c7:51:41:45:b8:02:1d:af:7c:10:58:08:15:
7b:1b:51:4d:4b:97:e5:f1:e0:7b:8a:9c:77:30:01:
27:53:26:56:e4:a3:fd:7b:59:dc:38:50:79:0a:3a:
fb:75:f3:e4:98:cf:13:0a:19:fb:a9:24:2e:66:e6:
03:6a:dd:f9:16:c2:ed:8c:40:90:8b:e9:5e:4c:d0:
08:9b:59:2d:23:86:3e:a8:70:30:47:2d:e1:da:f2:
90:00:e2:d0:35:f3:7e:1b:87:a7:48:bb:97:11:48:
35:fa:6d:55:11:33:40:0a:2c:6e:25:19:2d:e3:6f:
83:77:61:7b:88:e0:d3:8e:46:c8:48:10:92:f1:f8:
6e:ee:15:e8:ce:cd:32:b5:5f:0d:80:25:a4:34:2e:
f0:dd:23:55:ec:c3:94:a3:c4:6b:2c:72:2a:27:5e:
3e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AD:9E:EE:B7:BB:9C:5D:8D:BE:E1:0F:BC:82:33:EA:FD:8F:84:7B
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Ma2e7re7nF2NvuEPvIIz6v2PhHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.147.0-62.60.151.255
62.60.180.0/22
62.60.188.0/22
62.60.220.0/22
213.176.121.0/24
213.176.127.0/24
Signature Algorithm: sha256WithRSAEncryption
83:5d:ee:a4:c1:af:6e:58:fd:84:42:d0:24:9d:4d:42:02:6e:
b2:a3:50:9b:27:65:04:4e:b1:6f:47:58:56:5b:60:f3:ba:d6:
01:fe:a9:57:e1:e1:3a:99:10:a2:0c:e6:18:73:23:23:9a:4c:
92:63:7c:3b:40:c3:12:a7:e4:0f:4c:69:1b:ce:46:06:88:8e:
05:77:8b:65:f9:bc:63:47:f3:e6:65:5b:83:00:a5:46:90:59:
b0:e1:c0:5d:b6:64:d9:bc:a8:d2:be:d6:1a:be:a2:08:ce:32:
cf:7a:00:8c:90:05:43:83:8c:e5:c9:cc:c9:c8:ea:0e:4a:56:
27:6e:d7:d1:02:cc:77:ed:fd:d0:be:5d:b7:10:f2:ce:70:d3:
7b:f7:72:67:0f:19:ba:a2:92:58:b3:f8:cb:6e:08:83:a0:75:
09:f6:c4:d8:03:8e:0c:16:dd:9a:bf:e7:a0:52:3a:71:21:f9:
29:d9:97:cc:83:a2:7b:89:23:cf:37:10:0a:9a:88:d4:29:29:
aa:80:b4:96:8a:0f:58:4d:e9:4a:27:2d:f9:ad:2b:42:64:ab:
c5:f2:ef:c4:6c:6e:82:71:cb:43:d0:36:74:eb:b5:58:30:71:
37:0c:4f:99:74:45:b0:b1:28:e1:50:8b:ae:42:38:4b:1d:9b:
62:e3:af:0b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYm6OYIN/6FrY3gaXQ7u2jokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwODAzMDcwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFkOWVlZWI3YmI5YzVkOGRiZWUxMGZiYzgyMzNlYWZkOGY4NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbYxYmiN4vtJKAx/PO+qWXcimbTg
EN787bFQdW/HtMcA+6p7EkEzu8VVlmSWRS6WLrGjGCg+cW99SMhzZMMNzqX5Qkgj
h2wAduhJurVjFHfgCL80zeRUcffhEMdRQUW4Ah2vfBBYCBV7G1FNS5fl8eB7ipx3
MAEnUyZW5KP9e1ncOFB5Cjr7dfPkmM8TChn7qSQuZuYDat35FsLtjECQi+leTNAI
m1ktI4Y+qHAwRy3h2vKQAOLQNfN+G4enSLuXEUg1+m1VETNACixuJRkt42+Dd2F7
iODTjkbISBCS8fhu7hXozs0ytV8NgCWkNC7w3SNV7MOUo8RrLHIqJ14+ywIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDGtnu63u5xdjb7hD7yCM+r9j4R7MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTWEyZTdyZTduRjJOdnVFUHZJSXo2djJQaEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAA+PJMD
BAM+PJADBAI+PLQDBAI+PLwDBAI+PNwDBADVsHkDBADVsH8wDQYJKoZIhvcNAQEL
BQADggEBAINd7qTBr25Y/YRC0CSdTUICbrKjUJsnZQROsW9HWFZbYPO61gH+qVfh
4TqZEKIM5hhzIyOaTJJjfDtAwxKn5A9MaRvORgaIjgV3i2X5vGNH8+ZlW4MApUaQ
WbDhwF22ZNm8qNK+1hq+ogjOMs96AIyQBUODjOXJzMnI6g5KVidu19ECzHft/dC+
XbcQ8s5w03v3cmcPGbqikliz+MtuCIOgdQn2xNgDjgwW3Zq/56BSOnEh+SnZl8yD
onuJI883EAqaiNQpKaqAtJaKD1hN6UonLfmtK0Jkq8Xy78RsboJxy0PQNnTrtVgw
cTcMT5l0RbCxKOFQi65COEsdm2Ljrws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org