Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XB-Fz6Caq4WtL-X8NVgErxtCpeo.roa
File: XB-Fz6Caq4WtL-X8NVgErxtCpeo.roa (raw, json)
Hash identifier: wdZmztOiLHzjTXQvtB0HW2E35jZXgqwic/R1COW2keY=
Subject key identifier: 5C:1F:85:CF:A0:9A:AB:85:AD:2F:E5:FC:35:58:04:AF:1B:42:A5:EA
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01886691B3AF5FEBB8937B74B20DE42375F4
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XB-Fz6Caq4WtL-X8NVgErxtCpeo.roa
Signing time: Mon 29 May 2023 08:13:24 +0000
ROA not before: Mon 29 May 2023 08:13:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15611
IP address blocks: 213.176.96.0/24 maxlen: 24
213.176.4.0/24 maxlen: 24
62.60.164.0/22 maxlen: 24
213.176.5.0/24 maxlen: 24
62.60.200.0/22 maxlen: 24
62.60.204.0/22 maxlen: 24
62.60.132.0/22 maxlen: 24
62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.143.0/24 maxlen: 24
62.60.141.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:91:b3:af:5f:eb:b8:93:7b:74:b2:0d:e4:23:75:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 29 08:13:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c1f85cfa09aab85ad2fe5fc355804af1b42a5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:de:a6:d7:f9:7b:74:5f:8f:3f:86:6f:6a:5f:
02:4a:08:b3:59:ff:be:20:f5:e1:d6:11:2a:b9:8f:
f1:39:42:76:7e:73:28:b7:67:1c:4a:9a:98:3a:cc:
72:08:94:52:0b:ce:58:26:c5:71:be:16:80:00:59:
91:6f:a8:06:43:ff:02:b9:65:58:de:80:a5:f0:37:
f6:8a:35:3d:df:58:72:91:81:19:1d:3e:a4:7b:21:
55:0e:ae:de:21:c9:0b:69:ce:e4:af:8b:d2:9f:02:
b5:e5:93:a2:b7:07:1d:73:f7:2c:79:b4:a3:3c:ff:
08:ed:8a:9f:90:a8:af:2f:6d:96:e8:0b:83:4e:e2:
48:09:c2:c2:11:04:43:65:f1:d2:a7:17:7f:6d:7f:
a7:29:28:db:aa:5f:57:d5:ff:ab:aa:1e:81:74:57:
26:9d:b3:a9:d1:83:06:66:e2:e8:f5:94:3c:94:be:
4c:46:35:cc:3d:df:71:62:84:0d:5e:48:fd:ac:30:
e2:82:ef:cd:d0:fe:92:a6:d6:f5:09:c6:6c:e7:51:
17:ab:b3:f5:13:b5:2d:34:8e:0f:be:92:15:ac:9f:
d0:5c:d1:0f:e7:d3:fb:f1:65:b9:17:48:3d:fb:7b:
08:5f:97:3e:4a:72:dc:d0:42:e8:96:d1:8b:5f:13:
ef:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1F:85:CF:A0:9A:AB:85:AD:2F:E5:FC:35:58:04:AF:1B:42:A5:EA
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XB-Fz6Caq4WtL-X8NVgErxtCpeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.132.0-62.60.137.255
62.60.139.0-62.60.143.255
62.60.145.0/24
62.60.164.0/22
62.60.200.0/21
213.176.4.0/23
213.176.96.0/24
213.176.122.0-213.176.125.255
Signature Algorithm: sha256WithRSAEncryption
44:c5:c0:23:14:94:ea:cc:37:54:5f:0c:30:b1:28:2b:d5:2f:
28:7c:27:50:8f:ad:8a:4c:fa:32:bb:e1:e4:81:33:c3:f4:4d:
ac:ef:16:be:64:af:04:0e:f5:f9:11:74:f2:ff:4e:19:e3:cf:
b9:46:6a:fd:81:0e:88:c9:cf:8a:d1:53:b4:4d:d6:20:68:e2:
c4:b8:7d:0c:cd:61:b3:f9:5a:48:51:7e:23:f7:4c:24:f0:4d:
e8:00:7d:da:4d:0c:1b:7e:a2:c5:81:3d:89:d4:75:a4:36:28:
e2:c8:28:fb:aa:19:54:39:6d:b8:4d:3e:9b:2b:54:95:63:48:
bc:1b:ce:c4:16:30:07:3a:ee:88:a7:4b:a4:07:2d:89:bb:ee:
2b:77:90:91:08:c3:83:ec:39:1c:00:19:ad:45:45:49:29:d1:
73:80:22:30:29:1c:68:9b:f6:51:56:e4:50:ef:6f:b0:68:08:
8c:f5:6b:f3:41:fb:0a:47:79:f3:0f:36:e2:46:93:d3:4b:12:
2d:8e:bb:ff:57:0a:69:fb:63:20:c8:d0:0c:3d:a3:1b:3d:31:
af:3c:8b:f3:72:29:77:83:27:d2:c0:27:c6:f9:3c:27:74:52:
c3:41:ef:f3:86:95:76:21:8b:29:4f:e6:ce:8c:34:6d:91:b7:
47:fe:4d:34
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYhmkbOvX+u4k3t0sg3kI3X0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNTI5MDgxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFmODVjZmEwOWFhYjg1YWQyZmU1ZmMzNTU4MDRhZjFiNDJhNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl96m1/l7dF+PP4Zval8CSgizWf++
IPXh1hEquY/xOUJ2fnMot2ccSpqYOsxyCJRSC85YJsVxvhaAAFmRb6gGQ/8CuWVY
3oCl8Df2ijU931hykYEZHT6keyFVDq7eIckLac7kr4vSnwK15ZOitwcdc/csebSj
PP8I7YqfkKivL22W6AuDTuJICcLCEQRDZfHSpxd/bX+nKSjbql9X1f+rqh6BdFcm
nbOp0YMGZuLo9ZQ8lL5MRjXMPd9xYoQNXkj9rDDigu/N0P6Sptb1CcZs51EXq7P1
E7UtNI4PvpIVrJ/QXNEP59P78WW5F0g9+3sIX5c+SnLc0ELoltGLXxPvMwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFwfhc+gmquFrS/l/DVYBK8bQqXqMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvWEItRno2Q2FxNFd0TC1YOE5WZ0VyeHRDcGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAI+PIQD
BAE+PIgwDAMEAD48iwMEBD48gAMEAD48kQMEAj48pAMEAz48yAMEAdWwBAMEANWw
YDAMAwQB1bB6AwQB1bB8MA0GCSqGSIb3DQEBCwUAA4IBAQBExcAjFJTqzDdUXwww
sSgr1S8ofCdQj62KTPoyu+HkgTPD9E2s7xa+ZK8EDvX5EXTy/04Z48+5Rmr9gQ6I
yc+K0VO0TdYgaOLEuH0MzWGz+VpIUX4j90wk8E3oAH3aTQwbfqLFgT2J1HWkNiji
yCj7qhlUOW24TT6bK1SVY0i8G87EFjAHOu6Ip0ukBy2Ju+4rd5CRCMOD7DkcABmt
RUVJKdFzgCIwKRxom/ZRVuRQ72+waAiM9WvzQfsKR3nzDzbiRpPTSxItjrv/Vwpp
+2MgyNAMPaMbPTGvPIvzcil3gyfSwCfG+TwndFLDQe/zhpV2IYspT+bOjDRtkbdH
/k00
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:23 2023 by rpki-client on console-ams.rpki-client.org