Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/U6zBWr3j4LLNu7cAuQuTtOyxVHY.roa
File: U6zBWr3j4LLNu7cAuQuTtOyxVHY.roa (raw, json)
Hash identifier: 6lNYfYIOb0Hem3ZvWmfCFR7PQg8Iv30vOAOPPy9G8X8=
Subject key identifier: 53:AC:C1:5A:BD:E3:E0:B2:CD:BB:B7:00:B9:0B:93:B4:EC:B1:54:76
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01914C5B56471A66200FA2BC65A4FCDD5F5B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/U6zBWr3j4LLNu7cAuQuTtOyxVHY.roa
Signing time: Tue 13 Aug 2024 15:28:59 +0000
ROA not before: Tue 13 Aug 2024 15:28:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64458
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
213.176.112.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 06:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:5b:56:47:1a:66:20:0f:a2:bc:65:a4:fc:dd:5f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 13 15:28:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53acc15abde3e0b2cdbbb700b90b93b4ecb15476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:30:5c:bf:92:72:dd:2f:01:85:73:68:92:18:
64:d6:74:b1:1f:25:2c:b6:4c:1e:45:f5:22:c8:a8:
cd:37:83:78:9b:f1:d3:be:5c:17:ec:4c:33:bd:9b:
ee:0d:68:0e:e6:30:d8:ab:0f:f8:6d:9b:3d:e9:45:
0b:17:ba:e5:79:07:c9:c8:c4:9c:16:ec:05:8c:34:
02:3b:de:41:02:14:40:15:4f:19:39:ca:66:89:e3:
9f:29:ca:54:de:aa:63:47:0a:a7:5f:2b:ef:ad:48:
3b:87:a9:ed:db:9b:70:46:a7:d6:64:0c:61:bd:cb:
67:e8:fa:e3:07:1b:b7:16:39:eb:02:f2:b4:86:5a:
a2:7f:fa:2e:10:ea:83:5d:94:bf:3a:e6:6a:b7:d6:
d6:37:31:ba:b0:92:f7:31:7a:13:d8:92:41:87:36:
af:44:9f:36:d9:2c:6f:08:0e:3d:66:ce:4d:c2:3f:
bf:d9:23:b3:08:6e:5c:93:e7:1e:d8:ad:3e:b7:3d:
b6:67:bf:a7:49:67:9d:cb:d9:f0:47:4c:c6:78:29:
82:72:da:1b:de:d4:a9:05:99:dc:d5:a9:54:ef:a5:
0f:86:65:d1:79:82:39:a9:49:b8:b5:f1:ff:ab:cb:
7e:1c:51:f1:c0:fd:4b:64:f1:44:1a:25:d9:a0:58:
eb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AC:C1:5A:BD:E3:E0:B2:CD:BB:B7:00:B9:0B:93:B4:EC:B1:54:76
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/U6zBWr3j4LLNu7cAuQuTtOyxVHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0/22
62.60.180.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
50:f8:f7:98:5e:e3:23:24:49:95:7b:dd:ce:c6:12:7f:df:3f:
86:b6:24:b9:05:c4:a3:6a:aa:bc:d3:e7:f5:3e:2c:c1:97:d7:
7f:86:dd:63:61:9a:53:d1:a0:38:ef:2e:fb:77:e4:81:ef:5b:
d4:cb:bd:5f:9e:ba:23:c1:af:c3:27:57:e3:2c:f8:95:34:1d:
04:4d:99:60:c5:7a:e7:d1:37:81:4e:0c:dd:c1:04:75:43:46:
0b:1d:ba:d7:82:18:57:8d:c3:b8:0b:b9:d0:b4:f8:7f:b9:82:
73:87:f9:45:23:2c:b1:04:1a:72:ab:c2:6e:f3:8a:10:ad:a9:
99:0c:87:4e:c7:95:cb:db:ec:11:ec:26:b3:13:a1:00:8a:9f:
76:5c:b1:d9:f3:46:b6:0a:5f:22:da:af:d5:d6:0b:93:29:97:
5a:ed:bd:06:5e:ba:f1:37:0e:7d:d0:ac:2e:8d:f0:4e:1b:35:
00:92:25:ea:b9:e5:89:5d:d1:58:7e:46:e5:d8:12:5d:cc:cf:
07:4e:5b:50:2f:7d:89:0a:21:05:1b:2d:42:ac:0c:0a:ea:23:
c8:76:00:60:b5:c6:7b:10:fe:13:58:fd:90:ca:11:01:c9:ac:
be:c6:66:df:88:fc:30:25:2e:7e:fe:df:39:90:c6:5b:9e:7a:
bb:a6:32:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFMW1ZHGmYgD6K8ZaT83V9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwODEzMTUyODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FjYzE1YWJkZTNlMGIyY2RiYmI3MDBiOTBiOTNiNGVjYjE1NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszBcv5Jy3S8BhXNokhhk1nSxHyUs
tkweRfUiyKjNN4N4m/HTvlwX7EwzvZvuDWgO5jDYqw/4bZs96UULF7rleQfJyMSc
FuwFjDQCO95BAhRAFU8ZOcpmieOfKcpU3qpjRwqnXyvvrUg7h6nt25twRqfWZAxh
vctn6PrjBxu3FjnrAvK0hlqif/ouEOqDXZS/OuZqt9bWNzG6sJL3MXoT2JJBhzav
RJ822SxvCA49Zs5Nwj+/2SOzCG5ck+ce2K0+tz22Z7+nSWedy9nwR0zGeCmCctob
3tSpBZnc1alU76UPhmXReYI5qUm4tfH/q8t+HFHxwP1LZPFEGiXZoFjrVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFOswVq94+Cyzbu3ALkLk7TssVR2MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVTZ6QldyM2o0TExOdTdjQXVRdVR0T3l4VkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPjyUAwQC
Pjy0AwQD1bBwMA0GCSqGSIb3DQEBCwUAA4IBAQBQ+PeYXuMjJEmVe93OxhJ/3z+G
tiS5BcSjaqq80+f1PizBl9d/ht1jYZpT0aA47y77d+SB71vUy71fnrojwa/DJ1fj
LPiVNB0ETZlgxXrn0TeBTgzdwQR1Q0YLHbrXghhXjcO4C7nQtPh/uYJzh/lFIyyx
BBpyq8Ju84oQramZDIdOx5XL2+wR7CazE6EAip92XLHZ80a2Cl8i2q/V1guTKZda
7b0GXrrxNw590KwujfBOGzUAkiXqueWJXdFYfkbl2BJdzM8HTltQL32JCiEFGy1C
rAwK6iPIdgBgtcZ7EP4TWP2QyhEByay+xmbfiPwwJS5+/t85kMZbnnq7pjKv
-----END CERTIFICATE-----
Generated at Sat Aug 17 09:09:22 2024 by rpki-client on console-fra.rpki-client.org