Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UuMruDQlTl7vKMvYvuYoGracZqs.roa
File: UuMruDQlTl7vKMvYvuYoGracZqs.roa (raw, json)
Hash identifier: Xz3l6mvADOVUulrjn1Btm/Bc1obAd/W+Bdyk5eMhb+I=
Subject key identifier: 52:E3:2B:B8:34:25:4E:5E:EF:28:CB:D8:BE:E6:28:1A:B6:9C:66:AB
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01905D5AEE1FEEFE84709776B6AE41ED6D0E
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UuMruDQlTl7vKMvYvuYoGracZqs.roa
Signing time: Fri 28 Jun 2024 05:39:18 +0000
ROA not before: Fri 28 Jun 2024 05:39:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 62.60.156.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Jun 2024 08:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5d:5a:ee:1f:ee:fe:84:70:97:76:b6:ae:41:ed:6d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 28 05:39:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52e32bb834254e5eef28cbd8bee6281ab69c66ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:92:de:b7:1c:a3:4e:d5:e6:e1:53:f8:3b:64:
80:61:51:f3:fa:91:c6:c6:f4:2b:94:76:47:fb:9d:
7f:b6:96:6c:d9:4a:ea:f0:22:f9:65:55:9e:8f:8e:
e1:34:f1:25:aa:85:f8:0d:eb:6d:03:15:ee:24:67:
4a:a1:27:38:ff:aa:fd:2f:15:3a:77:2f:b7:9c:3f:
12:2e:b4:1f:4c:dd:da:b5:b5:c2:fe:b4:78:bd:97:
b2:93:1f:c8:d6:6b:90:0c:0c:9e:fa:5b:dc:e5:92:
5f:24:3b:7d:8b:26:49:bc:ce:a6:2a:c0:c3:1f:6f:
9e:d9:b7:92:10:9e:68:91:aa:9f:21:8a:a8:f3:9c:
ff:87:73:d3:7d:ec:b1:f1:2f:a2:02:6c:1f:76:a2:
6f:ca:2f:37:e9:fd:85:d3:31:ec:8e:71:b2:e1:1b:
b0:fc:9a:b1:a1:f5:14:74:0b:9c:ff:19:55:be:94:
97:fa:05:48:b7:4b:8f:6c:83:b2:91:f8:e4:ea:e9:
ba:a7:09:83:db:6c:78:ce:b6:30:c6:7d:6a:77:e8:
31:01:94:2e:42:da:3a:4d:8f:75:32:54:03:44:59:
c8:d1:b3:1b:f2:a3:fc:df:18:93:12:09:a4:40:3f:
93:00:de:89:6d:77:b9:fb:9f:ac:f8:27:a1:e7:b8:
a1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E3:2B:B8:34:25:4E:5E:EF:28:CB:D8:BE:E6:28:1A:B6:9C:66:AB
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UuMruDQlTl7vKMvYvuYoGracZqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.156.0/22
213.176.74.0/23
213.176.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:9b:83:3e:27:bb:22:34:0c:d1:e7:32:01:ec:01:6f:ea:f5:
8e:62:3c:7c:5a:40:11:80:19:df:ed:73:48:ee:3b:ee:41:3e:
e7:4a:9d:dc:7c:c2:b0:73:cf:b1:de:a2:3a:7a:64:1b:f6:75:
4f:79:5a:88:15:4a:22:b1:28:4a:a6:6e:0f:c5:ca:8a:33:84:
2b:4e:05:07:c2:22:a5:ee:a8:be:22:82:4f:e8:79:b5:33:53:
dd:cc:ea:a9:5d:82:a3:53:9d:03:4d:46:f9:53:4a:50:c3:18:
a8:43:09:46:3a:f9:d9:73:e5:3a:99:54:d5:4c:55:c8:7e:00:
d1:ff:8b:58:b3:35:0e:21:ac:14:b8:c2:9a:ce:6d:05:2c:d2:
79:67:bf:27:c8:3c:04:93:39:d1:50:b5:eb:6a:1f:2f:61:c9:
b4:8c:23:e0:fa:3e:cd:35:a5:fa:61:6b:f4:0b:c7:e6:28:22:
9c:57:6f:38:3e:79:32:82:7d:b8:65:11:ee:4e:57:a1:c2:5a:
4c:51:b2:c8:37:e8:ab:ba:63:7d:e5:65:0a:f4:6e:1e:f1:35:
f8:09:18:48:79:68:20:d9:dd:ea:f6:d1:f8:e3:22:9b:69:dd:
01:78:ca:4c:88:bc:41:cc:42:9c:77:a6:f8:cb:49:3d:1e:1d:
1a:9d:23:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBdWu4f7v6EcJd2tq5B7W0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNjI4MDUzOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmUzMmJiODM0MjU0ZTVlZWYyOGNiZDhiZWU2MjgxYWI2OWM2NmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5LetxyjTtXm4VP4O2SAYVHz+pHG
xvQrlHZH+51/tpZs2Urq8CL5ZVWej47hNPElqoX4DettAxXuJGdKoSc4/6r9LxU6
dy+3nD8SLrQfTN3atbXC/rR4vZeykx/I1muQDAye+lvc5ZJfJDt9iyZJvM6mKsDD
H2+e2beSEJ5okaqfIYqo85z/h3PTfeyx8S+iAmwfdqJvyi836f2F0zHsjnGy4Ruw
/JqxofUUdAuc/xlVvpSX+gVIt0uPbIOykfjk6um6pwmD22x4zrYwxn1qd+gxAZQu
Qto6TY91MlQDRFnI0bMb8qP83xiTEgmkQD+TAN6JbXe5+5+s+Ceh57ihXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFLjK7g0JU5e7yjL2L7mKBq2nGarMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVXVNcnVEUWxUbDd2S012WXZ1WW9HcmFjWnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPjycAwQB
1bBKAwQC1bBcMA0GCSqGSIb3DQEBCwUAA4IBAQA6m4M+J7siNAzR5zIB7AFv6vWO
Yjx8WkARgBnf7XNI7jvuQT7nSp3cfMKwc8+x3qI6emQb9nVPeVqIFUoisShKpm4P
xcqKM4QrTgUHwiKl7qi+IoJP6Hm1M1PdzOqpXYKjU50DTUb5U0pQwxioQwlGOvnZ
c+U6mVTVTFXIfgDR/4tYszUOIawUuMKazm0FLNJ5Z78nyDwEkznRULXrah8vYcm0
jCPg+j7NNaX6YWv0C8fmKCKcV284Pnkygn24ZRHuTlehwlpMUbLIN+irumN95WUK
9G4e8TX4CRhIeWgg2d3q9tH44yKbad0BeMpMiLxBzEKcd6b4y0k9Hh0anSNP
-----END CERTIFICATE-----
Generated at Sat Jun 29 10:07:54 2024 by rpki-client on console-fra.rpki-client.org