Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Rk9lj5mfgpnKUqUJ8Uh7a623Gy8.roa
File: Rk9lj5mfgpnKUqUJ8Uh7a623Gy8.roa (raw, json)
Hash identifier: GMlL70F3+8+V1u0pIksDfiifgny9pKTYU7RGYWZErD4=
Subject key identifier: 46:4F:65:8F:99:9F:82:99:CA:52:A5:09:F1:48:7B:6B:AD:B7:1B:2F
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018585F32363AD3699E4456137FB84F7DBCE
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Rk9lj5mfgpnKUqUJ8Uh7a623Gy8.roa
Signing time: Fri 06 Jan 2023 07:19:42 +0000
ROA not before: Fri 06 Jan 2023 07:19:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 213.176.68.0/22 maxlen: 24
62.60.164.0/22 maxlen: 24
62.60.168.0/21 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 13:28:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:85:f3:23:63:ad:36:99:e4:45:61:37:fb:84:f7:db:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 6 07:19:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=464f658f999f8299ca52a509f1487b6badb71b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:96:b9:0d:88:44:3c:7f:0d:58:17:b0:c8:34:
52:f4:a2:dc:c0:67:f2:7b:e1:39:7c:3e:0d:4c:65:
52:c8:db:25:28:e7:03:e8:b9:fd:78:33:92:29:4f:
a8:d6:ec:12:bf:46:a7:8b:8a:8c:8a:7d:eb:30:21:
1d:83:8a:e9:fd:08:39:21:a8:7d:3d:04:a4:e2:94:
a6:51:61:62:f1:a6:ab:e7:22:b9:60:a5:13:e1:bc:
9a:48:40:04:bc:43:11:8e:7f:7d:19:54:25:07:ea:
e3:3e:3b:55:81:54:e5:0f:7b:1e:c5:44:25:80:af:
5c:90:f6:b9:eb:d3:13:1f:10:b6:f8:51:ef:e8:57:
3b:bb:dc:aa:40:f9:e6:09:c4:2d:15:df:14:ff:60:
60:ad:01:17:99:7e:7c:d8:01:10:f9:c7:38:7c:60:
b7:f4:5a:8e:20:39:60:60:3b:ad:a1:fc:b7:1b:85:
b1:fd:dd:13:e3:64:99:a4:b2:b1:16:8c:3d:1a:dd:
94:23:e2:14:d8:41:68:60:32:d4:27:21:2b:6c:9d:
de:9f:12:ad:24:7d:ed:66:fd:e8:b4:f1:6f:9e:46:
e0:2d:79:5d:b0:ca:95:cd:e9:62:b3:88:d3:3b:41:
fb:95:d1:57:4c:9b:3a:9c:db:7e:bc:91:18:1c:55:
d8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4F:65:8F:99:9F:82:99:CA:52:A5:09:F1:48:7B:6B:AD:B7:1B:2F
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Rk9lj5mfgpnKUqUJ8Uh7a623Gy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.164.0-62.60.195.255
62.60.212.0/22
213.176.68.0/22
Signature Algorithm: sha256WithRSAEncryption
57:32:3f:34:a5:48:32:aa:ce:49:25:cb:31:10:ee:2d:b2:2b:
1b:a9:93:12:8d:74:a0:c3:99:0f:7f:e6:c4:b0:7c:d6:91:a3:
29:39:e3:3d:40:7c:ba:16:76:ee:f4:a5:b5:e0:77:62:b5:00:
61:67:f8:c0:4d:0b:92:29:5e:41:54:1f:6f:e5:3b:20:68:05:
24:79:f8:98:a9:7e:8d:d3:ce:e6:fe:53:07:27:f7:2e:21:12:
31:32:26:57:57:45:d9:f0:91:a6:a4:4f:10:fb:9f:ed:87:c3:
64:e8:be:18:0a:3b:02:13:50:fb:84:d7:ef:ad:46:fe:64:da:
a8:a1:14:7e:e1:47:17:ac:e0:4f:43:15:fc:b2:93:a2:04:8b:
81:af:67:a4:7d:8f:85:23:5c:9a:66:4c:f7:50:a6:f8:df:5e:
4c:c1:c1:fa:90:55:22:8c:72:63:b7:c9:03:9c:4a:57:9a:f5:
87:87:b1:3f:89:f2:92:1c:25:92:e8:de:16:f0:36:b7:ea:dd:
59:57:aa:bf:f1:7b:c0:60:ed:0b:9d:8e:f4:bb:18:61:a8:47:
3c:7f:0d:9b:10:c1:b8:a9:b8:35:ed:e6:f8:c1:03:d7:6a:bc:
e7:58:97:07:c4:4b:3b:17:71:15:32:f1:b0:40:a7:a8:28:1a:
af:f1:0f:3a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYWF8yNjrTaZ5EVhN/uE99vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTA2MDcxOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRmNjU4Zjk5OWY4Mjk5Y2E1MmE1MDlmMTQ4N2I2YmFkYjcxYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpa5DYhEPH8NWBewyDRS9KLcwGfy
e+E5fD4NTGVSyNslKOcD6Ln9eDOSKU+o1uwSv0ani4qMin3rMCEdg4rp/Qg5Iah9
PQSk4pSmUWFi8aar5yK5YKUT4byaSEAEvEMRjn99GVQlB+rjPjtVgVTlD3sexUQl
gK9ckPa569MTHxC2+FHv6Fc7u9yqQPnmCcQtFd8U/2BgrQEXmX582AEQ+cc4fGC3
9FqOIDlgYDutofy3G4Wx/d0T42SZpLKxFow9Gt2UI+IU2EFoYDLUJyErbJ3enxKt
JH3tZv3otPFvnkbgLXldsMqVzelis4jTO0H7ldFXTJs6nNt+vJEYHFXYhwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEZPZY+Zn4KZylKlCfFIe2uttxsvMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvUms5bGo1bWZncG5LVXFVSjhVaDdhNjIzR3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAI+PKQD
BAI+PMADBAI+PNQDBALVsEQwDQYJKoZIhvcNAQELBQADggEBAFcyPzSlSDKqzkkl
yzEQ7i2yKxupkxKNdKDDmQ9/5sSwfNaRoyk54z1AfLoWdu70pbXgd2K1AGFn+MBN
C5IpXkFUH2/lOyBoBSR5+Jipfo3Tzub+Uwcn9y4hEjEyJldXRdnwkaakTxD7n+2H
w2TovhgKOwITUPuE1++tRv5k2qihFH7hRxes4E9DFfyyk6IEi4GvZ6R9j4UjXJpm
TPdQpvjfXkzBwfqQVSKMcmO3yQOcSlea9YeHsT+J8pIcJZLo3hbwNrfq3VlXqr/x
e8Bg7QudjvS7GGGoRzx/DZsQwbipuDXt5vjBA9dqvOdYlwfESzsXcRUy8bBAp6go
Gq/xDzo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org