Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/aNJ42J8i9h3uPF9C89T0xU28mZk.roa
File: aNJ42J8i9h3uPF9C89T0xU28mZk.roa (raw, json)
Hash identifier: UhCX5MAYDzfedfWZezOfF++rh6m57pNJgK19pTG2dBw=
Subject key identifier: 68:D2:78:D8:9F:22:F6:1D:EE:3C:5F:42:F3:D4:F4:C5:4D:BC:99:99
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0189203B4F14EE05D4C8F47D0E13A9DC3907
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/aNJ42J8i9h3uPF9C89T0xU28mZk.roa
Signing time: Tue 04 Jul 2023 09:28:24 +0000
ROA not before: Tue 04 Jul 2023 09:28:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 213.176.2.0/23 maxlen: 24
213.176.120.0/23 maxlen: 24
213.176.126.0/23 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Jul 2023 10:03:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:3b:4f:14:ee:05:d4:c8:f4:7d:0e:13:a9:dc:39:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jul 4 09:28:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68d278d89f22f61dee3c5f42f3d4f4c54dbc9999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:03:24:96:f7:2c:dd:0e:6a:0f:f7:9b:3c:0c:
42:ad:7d:5a:16:25:48:9c:c7:15:ef:d8:ec:a4:eb:
41:31:be:2a:6e:76:99:32:0c:e2:3e:9f:41:ea:cd:
91:26:a9:f9:6c:46:7e:2f:b4:5a:6f:b3:ba:4b:e4:
18:af:e5:63:b4:58:e4:42:3b:cc:f9:ee:57:c8:3f:
b9:84:86:f2:bc:53:59:de:ab:18:63:38:12:07:80:
6a:a1:cd:8f:65:44:b0:fc:4e:a1:4b:54:aa:d2:3a:
27:5a:05:fa:61:08:ce:6f:ae:74:0e:40:e9:df:68:
5a:6b:16:18:2a:d5:89:78:aa:ef:87:29:c8:0b:eb:
e2:8d:bc:75:96:3f:cc:99:47:39:c9:95:08:12:25:
e9:0a:fa:b9:7a:45:e6:35:65:08:90:d1:78:1e:5c:
bf:d5:e7:60:b6:84:fb:3a:17:84:ef:94:56:1b:18:
4d:83:28:08:43:f7:fd:0a:74:70:59:bd:fa:47:d9:
d4:58:25:05:c2:a6:73:e6:45:23:5a:df:d0:22:ab:
12:bb:d7:d2:67:0c:27:0f:2e:21:7c:9f:ff:ab:30:
e9:bd:ce:87:07:65:82:a7:77:cb:30:2c:d9:f0:a0:
48:06:99:49:90:30:ca:ea:3f:b7:91:63:c0:28:3e:
05:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D2:78:D8:9F:22:F6:1D:EE:3C:5F:42:F3:D4:F4:C5:4D:BC:99:99
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/aNJ42J8i9h3uPF9C89T0xU28mZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.192.0/21
213.176.2.0/23
213.176.120.0/23
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
80:4a:72:b0:e7:16:50:5c:a6:28:3f:23:96:8e:7c:71:20:da:
50:1e:e3:c4:2e:d1:c0:87:cc:ab:87:32:d2:03:b3:e2:99:d5:
26:88:02:5a:f6:cc:84:18:2e:91:ba:a6:5c:60:02:07:51:b1:
db:f4:31:f2:d8:43:a2:bb:ca:20:86:5d:ad:ca:16:8b:f1:1c:
0a:b7:06:a9:30:5f:39:f6:b5:9f:10:38:f0:bb:ad:cf:58:61:
52:fe:97:e5:54:95:23:f5:80:a2:cb:87:b6:d8:bd:aa:d1:e3:
fd:99:9c:ad:12:3d:1b:a7:44:e4:17:19:ab:62:4a:ed:09:ef:
44:9a:a1:45:61:2e:ce:1a:ac:6c:c0:5b:9e:2d:30:88:ee:09:
29:4a:ab:0d:84:38:ac:f5:b2:83:22:99:04:70:bd:fd:0c:d7:
39:87:91:35:a4:cb:7a:c6:08:62:5f:3d:66:8a:b8:de:1e:f8:
d1:9b:80:6e:8d:2e:e5:d5:09:8b:29:0e:39:0c:57:38:07:37:
1a:78:f6:e9:b8:75:c6:7a:e8:da:ff:b3:59:90:9e:b5:38:59:
0d:32:d3:0c:fd:51:91:49:f3:cb:d9:24:99:a5:f4:13:2c:52:
0f:16:79:93:fd:8f:b9:11:63:f8:ac:cf:c2:a8:75:37:20:20:
6f:23:34:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkgO08U7gXUyPR9DhOp3DkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNzA0MDkyODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQyNzhkODlmMjJmNjFkZWUzYzVmNDJmM2Q0ZjRjNTRkYmM5OTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAMklvcs3Q5qD/ebPAxCrX1aFiVI
nMcV79jspOtBMb4qbnaZMgziPp9B6s2RJqn5bEZ+L7Rab7O6S+QYr+VjtFjkQjvM
+e5XyD+5hIbyvFNZ3qsYYzgSB4Bqoc2PZUSw/E6hS1Sq0jonWgX6YQjOb650DkDp
32haaxYYKtWJeKrvhynIC+vijbx1lj/MmUc5yZUIEiXpCvq5ekXmNWUIkNF4Hly/
1edgtoT7OheE75RWGxhNgygIQ/f9CnRwWb36R9nUWCUFwqZz5kUjWt/QIqsSu9fS
ZwwnDy4hfJ//qzDpvc6HB2WCp3fLMCzZ8KBIBplJkDDK6j+3kWPAKD4FLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGjSeNifIvYd7jxfQvPU9MVNvJmZMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvYU5KNDJKOGk5aDN1UEY5Qzg5VDB4VTI4bVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPjzAAwQB
1bACAwQB1bB4AwQB1bB+MA0GCSqGSIb3DQEBCwUAA4IBAQCASnKw5xZQXKYoPyOW
jnxxINpQHuPELtHAh8yrhzLSA7PimdUmiAJa9syEGC6RuqZcYAIHUbHb9DHy2EOi
u8oghl2tyhaL8RwKtwapMF859rWfEDjwu63PWGFS/pflVJUj9YCiy4e22L2q0eP9
mZytEj0bp0TkFxmrYkrtCe9EmqFFYS7OGqxswFueLTCI7gkpSqsNhDis9bKDIpkE
cL39DNc5h5E1pMt6xghiXz1mirjeHvjRm4BujS7l1QmLKQ45DFc4BzcaePbpuHXG
euja/7NZkJ61OFkNMtMM/VGRSfPL2SSZpfQTLFIPFnmT/Y+5EWP4rM/CqHU3ICBv
IzRc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org