Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UXf9Il3Bjgn7f4sdMYnvv5zGDQc.roa
File: UXf9Il3Bjgn7f4sdMYnvv5zGDQc.roa (raw, json)
Hash identifier: 9rTT0k/bJjTRf8bfcPUSsRG6K8OWUGvD36qEkvxxwxU=
Subject key identifier: 51:77:FD:22:5D:C1:8E:09:FB:7F:8B:1D:31:89:EF:BF:9C:C6:0D:07
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018A8D21DDD49590818951A25FF1C153AF6A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UXf9Il3Bjgn7f4sdMYnvv5zGDQc.roa
Signing time: Wed 13 Sep 2023 06:02:01 +0000
ROA not before: Wed 13 Sep 2023 06:02:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 62.60.216.0/22 maxlen: 24
62.60.152.0/21 maxlen: 24
62.60.146.0/23 maxlen: 24
213.176.2.0/23 maxlen: 24
213.176.6.0/23 maxlen: 24
213.176.120.0/23 maxlen: 24
213.176.126.0/23 maxlen: 24
62.60.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Sep 2023 06:24:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:21:dd:d4:95:90:81:89:51:a2:5f:f1:c1:53:af:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 13 06:02:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5177fd225dc18e09fb7f8b1d3189efbf9cc60d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:85:c6:1f:7a:90:1e:c4:3d:52:08:3d:50:12:
07:d7:7c:3f:ed:7e:05:68:97:e1:83:92:3a:84:9d:
4c:9a:fd:ae:f2:d1:b5:3a:81:fc:3f:4a:1c:19:b3:
f8:07:e5:9c:1f:12:b6:f7:f1:19:83:8e:25:79:0f:
fe:25:12:6d:1e:cf:25:f7:d3:ad:f0:55:77:25:29:
e8:32:de:33:ad:b0:da:ca:a0:12:83:a2:92:54:bc:
93:25:d3:6d:59:60:e5:a4:04:ae:06:36:7d:c2:a6:
6f:74:ac:dc:19:2b:14:ed:b4:e6:eb:af:c2:30:3e:
3c:d6:af:71:90:5c:fa:a4:38:4f:31:b5:c3:54:55:
41:b9:2a:4e:38:bc:5e:e1:82:46:37:bf:6b:57:cb:
ff:13:ee:16:b6:66:30:7c:47:eb:35:37:f4:d7:8d:
6a:68:6b:16:80:e7:d2:ce:ab:3a:4d:97:18:a5:b0:
08:2b:b5:59:d2:1a:d5:38:a5:08:3c:a6:e3:ee:3d:
a3:3a:ee:73:b2:bf:a7:23:c4:6a:b4:92:56:34:29:
66:5c:60:70:ca:be:75:2d:81:d4:ae:c3:de:27:0b:
45:be:95:44:30:01:90:56:1f:9c:b4:50:a3:93:4a:
c8:1e:6f:16:9e:06:0f:19:cb:a3:31:65:d5:66:28:
c9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:77:FD:22:5D:C1:8E:09:FB:7F:8B:1D:31:89:EF:BF:9C:C6:0D:07
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UXf9Il3Bjgn7f4sdMYnvv5zGDQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.146.0/23
62.60.152.0/21
62.60.196.0/22
62.60.216.0/22
213.176.2.0/23
213.176.6.0/23
213.176.120.0/23
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:0f:82:bd:23:dc:c1:88:e5:d7:34:74:17:b5:52:d4:a1:2f:
19:4c:b5:c8:59:80:24:85:a0:e7:5c:08:c1:fd:2b:d4:12:d2:
fc:62:3b:46:b2:ee:5d:42:ea:eb:73:52:70:46:a2:e6:29:1e:
e7:5c:f8:1c:83:ba:0d:bc:2f:ae:46:c7:88:c5:bb:ea:fa:c0:
eb:89:e0:f6:c1:1c:13:f7:cd:f7:c6:47:b0:c9:9c:b4:52:0e:
db:b8:00:26:40:e1:65:73:3c:86:92:8a:75:2b:f4:cd:19:7a:
1e:78:a6:f1:c5:14:13:4e:70:ae:36:ff:d7:25:27:b2:0f:1e:
f1:77:37:56:c6:0f:43:59:9e:c2:ea:d3:93:f7:e9:07:a1:52:
99:42:4c:55:57:52:d2:cc:1d:3e:39:7e:ad:0d:dd:d6:c4:66:
f1:8c:23:47:8c:2b:c7:e3:33:b4:1d:da:53:67:37:6f:1b:ba:
a3:92:09:4e:67:69:bc:fb:15:78:e9:91:cb:e8:0a:b7:56:a2:
3a:ad:16:fb:d2:b2:24:a2:61:d1:09:46:b2:70:56:8d:71:ea:
dd:29:f2:d1:90:9a:78:aa:fc:30:8a:f3:34:5b:7d:9c:b3:e0:
0a:18:1d:d7:d9:0c:fb:ac:80:0b:b8:33:c3:29:41:39:7a:10:
c8:e9:31:de
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYqNId3UlZCBiVGiX/HBU69qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwOTEzMDYwMjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc3ZmQyMjVkYzE4ZTA5ZmI3ZjhiMWQzMTg5ZWZiZjljYzYwZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYXGH3qQHsQ9Ugg9UBIH13w/7X4F
aJfhg5I6hJ1Mmv2u8tG1OoH8P0ocGbP4B+WcHxK29/EZg44leQ/+JRJtHs8l99Ot
8FV3JSnoMt4zrbDayqASg6KSVLyTJdNtWWDlpASuBjZ9wqZvdKzcGSsU7bTm66/C
MD481q9xkFz6pDhPMbXDVFVBuSpOOLxe4YJGN79rV8v/E+4WtmYwfEfrNTf0141q
aGsWgOfSzqs6TZcYpbAIK7VZ0hrVOKUIPKbj7j2jOu5zsr+nI8RqtJJWNClmXGBw
yr51LYHUrsPeJwtFvpVEMAGQVh+ctFCjk0rIHm8WngYPGcujMWXVZijJ3wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFF3/SJdwY4J+3+LHTGJ77+cxg0HMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVVhmOUlsM0JqZ243ZjRzZE1ZbnZ2NXpHRFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPjySAwQD
PjyYAwQCPjzEAwQCPjzYAwQB1bACAwQB1bAGAwQB1bB4AwQB1bB+MA0GCSqGSIb3
DQEBCwUAA4IBAQChD4K9I9zBiOXXNHQXtVLUoS8ZTLXIWYAkhaDnXAjB/SvUEtL8
YjtGsu5dQurrc1JwRqLmKR7nXPgcg7oNvC+uRseIxbvq+sDrieD2wRwT9833xkew
yZy0Ug7buAAmQOFlczyGkop1K/TNGXoeeKbxxRQTTnCuNv/XJSeyDx7xdzdWxg9D
WZ7C6tOT9+kHoVKZQkxVV1LSzB0+OX6tDd3WxGbxjCNHjCvH4zO0HdpTZzdvG7qj
kglOZ2m8+xV46ZHL6Aq3VqI6rRb70rIkomHRCUaycFaNcerdKfLRkJp4qvwwivM0
W32cs+AKGB3X2Qz7rIALuDPDKUE5ehDI6THe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org