Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cNQg0iIchAw8JpQGnEbjjW73t5A.roa
File: cNQg0iIchAw8JpQGnEbjjW73t5A.roa (raw, json)
Hash identifier: w4mFeCq5vnRgS2kqaqk2lrBsIwqBuLx/vV22zvvmAkE=
Subject key identifier: 70:D4:20:D2:22:1C:84:0C:3C:26:94:06:9C:46:E3:8D:6E:F7:B7:90
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0186F07CA97CF0F6BE35A7282D0DFEFA72FA
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cNQg0iIchAw8JpQGnEbjjW73t5A.roa
Signing time: Fri 17 Mar 2023 16:52:27 +0000
ROA not before: Fri 17 Mar 2023 16:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 62.60.216.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.204.0/22 maxlen: 24
62.60.200.0/21 maxlen: 24
62.60.208.0/22 maxlen: 24
62.60.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 13:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:7c:a9:7c:f0:f6:be:35:a7:28:2d:0d:fe:fa:72:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Mar 17 16:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d420d2221c840c3c2694069c46e38d6ef7b790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5f:65:68:01:0a:64:4f:91:88:14:d6:4a:f0:
76:3d:d1:41:6a:e2:13:d3:f5:41:1c:30:e2:80:ed:
01:0c:c1:28:12:82:0d:6b:19:6d:76:cc:b5:36:f0:
ee:ea:8a:2e:a9:66:e3:25:62:2a:a7:22:c9:4a:23:
e3:7c:82:19:b0:e3:66:30:5f:7a:26:04:dd:11:96:
d4:9b:cc:a2:69:7c:3b:46:5b:b7:20:d1:43:b8:1c:
c5:79:39:57:81:a1:f7:00:11:f7:31:75:17:c0:9f:
53:ce:db:0c:d8:8f:f1:53:17:d5:d8:d6:72:47:ef:
db:8a:ed:c8:1f:f6:0e:a8:9b:52:3d:99:a8:3d:21:
da:25:3a:73:61:32:df:5a:33:cd:86:aa:57:83:b9:
d3:92:a1:75:cb:d7:5d:ec:4b:55:e4:34:5a:28:45:
e6:63:8b:57:50:9d:45:60:75:39:a8:e8:1a:20:8a:
8c:b9:5e:38:f5:c6:e2:26:90:0f:bf:2d:95:1d:20:
78:1e:9e:53:f6:f9:d5:48:d5:f1:93:d8:1c:a4:74:
9d:3d:21:ad:2b:93:56:40:c2:ab:4d:10:f0:a5:4c:
9e:03:cb:8f:33:c1:75:7c:4a:71:30:c1:6e:d2:58:
10:fa:30:ea:74:03:9b:73:11:81:dc:8b:d3:13:43:
6f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D4:20:D2:22:1C:84:0C:3C:26:94:06:9C:46:E3:8D:6E:F7:B7:90
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cNQg0iIchAw8JpQGnEbjjW73t5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.172.0/22
62.60.200.0-62.60.212.255
62.60.216.0/21
Signature Algorithm: sha256WithRSAEncryption
cf:2b:b5:ba:28:fe:8a:11:97:b8:65:fc:24:0e:74:e5:9c:b1:
b2:6f:be:48:55:63:90:d6:ac:97:27:f2:35:eb:64:21:5a:b5:
20:1c:06:8f:95:57:ac:54:1f:cb:89:fc:86:92:5d:3e:46:03:
fc:0e:ce:fe:c9:ef:04:8c:24:ab:37:73:ba:d7:9f:17:0d:92:
3e:96:44:33:6c:9f:5d:e9:b9:a8:45:fa:73:bc:85:c4:48:f5:
ad:dd:35:25:4d:e3:bf:71:3e:90:90:37:cd:37:f5:89:aa:6f:
e3:75:27:87:cc:78:75:b8:04:2d:1b:01:e5:57:07:f8:a7:69:
9e:f2:f7:ae:d5:35:f9:0d:82:8c:e7:5a:ad:e5:80:ad:94:70:
e1:33:cb:d2:60:58:5e:77:51:c3:97:c0:4c:a5:ac:45:33:9a:
e0:d8:1d:05:45:ef:69:7b:f2:31:4c:55:ac:45:a6:e1:3d:e5:
d4:ca:7f:c4:00:c6:2d:37:bd:7e:a6:a5:d5:23:40:a8:2e:db:
80:73:4c:d0:1c:33:c0:6c:36:4f:4a:9a:bb:a7:7f:50:02:62:
7e:75:13:ae:5b:d1:06:8c:80:68:19:9c:39:8c:7c:ed:31:ee:
fb:b6:1b:4a:0c:e4:53:72:05:8a:5a:9e:4d:d7:c1:be:9b:78:
83:ee:fe:9e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYbwfKl88Pa+NacoLQ3++nL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMzE3MTY1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ0MjBkMjIyMWM4NDBjM2MyNjk0MDY5YzQ2ZTM4ZDZlZjdiNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF9laAEKZE+RiBTWSvB2PdFBauIT
0/VBHDDigO0BDMEoEoINaxltdsy1NvDu6oouqWbjJWIqpyLJSiPjfIIZsONmMF96
JgTdEZbUm8yiaXw7Rlu3INFDuBzFeTlXgaH3ABH3MXUXwJ9TztsM2I/xUxfV2NZy
R+/biu3IH/YOqJtSPZmoPSHaJTpzYTLfWjPNhqpXg7nTkqF1y9dd7EtV5DRaKEXm
Y4tXUJ1FYHU5qOgaIIqMuV449cbiJpAPvy2VHSB4Hp5T9vnVSNXxk9gcpHSdPSGt
K5NWQMKrTRDwpUyeA8uPM8F1fEpxMMFu0lgQ+jDqdAObcxGB3IvTE0NvxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHDUINIiHIQMPCaUBpxG441u97eQMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvY05RZzBpSWNoQXc4SnBRR25FYmpqVzczdDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCPjysMAwD
BAM+PMgDBAA+PNQDBAM+PNgwDQYJKoZIhvcNAQELBQADggEBAM8rtboo/ooRl7hl
/CQOdOWcsbJvvkhVY5DWrJcn8jXrZCFatSAcBo+VV6xUH8uJ/IaSXT5GA/wOzv7J
7wSMJKs3c7rXnxcNkj6WRDNsn13puahF+nO8hcRI9a3dNSVN479xPpCQN8039Ymq
b+N1J4fMeHW4BC0bAeVXB/inaZ7y967VNfkNgoznWq3lgK2UcOEzy9JgWF53UcOX
wEylrEUzmuDYHQVF72l78jFMVaxFpuE95dTKf8QAxi03vX6mpdUjQKgu24BzTNAc
M8BsNk9Kmrunf1ACYn51E65b0QaMgGgZnDmMfO0x7vu2G0oM5FNyBYpank3Xwb6b
eIPu/p4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org