Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cdlB-fIM7fWsghTMTJRlIOPJ808.roa
File: cdlB-fIM7fWsghTMTJRlIOPJ808.roa (raw, json)
Hash identifier: mbdmRAr5595zJ/3TIY9x0fm3BrLD1ZufO6pAGbgIREQ=
Subject key identifier: 71:D9:41:F9:F2:0C:ED:F5:AC:82:14:CC:4C:94:65:20:E3:C9:F3:4F
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018F2ED8743CAF16569DC81BE11D92D21F67
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cdlB-fIM7fWsghTMTJRlIOPJ808.roa
Signing time: Tue 30 Apr 2024 11:51:28 +0000
ROA not before: Tue 30 Apr 2024 11:51:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.216.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.224.0/19 maxlen: 24
213.176.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 04:59:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:d8:74:3c:af:16:56:9d:c8:1b:e1:1d:92:d2:1f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Apr 30 11:51:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d941f9f20cedf5ac8214cc4c946520e3c9f34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:70:4f:18:af:d5:ae:a1:8c:18:7e:2b:cc:ea:
e7:86:d4:17:b0:32:12:0a:fd:02:ae:94:21:3f:56:
3d:49:3f:00:1a:3f:e2:37:0c:5a:ad:7c:d1:fe:69:
f6:7a:4d:f6:ad:26:90:95:66:ec:57:f3:26:f4:49:
e4:c0:fb:7e:4d:33:90:68:a8:ed:1e:a0:f8:59:38:
8f:ad:b5:15:9f:92:40:4b:2a:95:bc:a1:f2:b8:7a:
02:49:28:82:85:c0:84:d3:7b:04:a3:09:2b:4f:7f:
a9:67:51:6b:85:74:a7:08:63:ba:a8:a2:ab:4d:f3:
03:d5:1c:7d:f2:10:4e:f4:3c:b9:f9:45:52:f7:e1:
ed:a6:77:f3:83:5a:41:d9:86:7e:39:60:ca:42:ab:
d7:9f:07:be:0a:fe:0d:a0:46:2f:b9:e7:b1:04:80:
5d:37:b6:4c:37:83:4d:0a:38:e5:ed:b3:40:b0:99:
2e:03:94:2f:12:bf:b5:97:eb:07:22:2c:7c:5f:5d:
60:11:07:b3:37:f8:ef:83:a4:c8:a4:40:0d:b6:ab:
2d:53:04:38:a4:fa:49:e7:c0:a0:87:ef:26:c2:9c:
a8:c5:8c:a7:c6:7e:93:a2:28:e8:f2:1d:33:25:fd:
36:ca:db:53:92:b4:5d:4f:d3:78:98:9e:f2:7d:4f:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D9:41:F9:F2:0C:ED:F5:AC:82:14:CC:4C:94:65:20:E3:C9:F3:4F
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cdlB-fIM7fWsghTMTJRlIOPJ808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.216.0-62.60.255.255
213.176.64.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:19:c2:8d:38:e2:c2:ad:eb:84:94:c0:64:d5:da:8b:98:b0:
c9:36:f3:39:a1:0b:0f:82:d8:93:05:f9:c2:75:68:2e:42:de:
02:72:7e:1a:ee:38:7b:cd:89:1b:3c:8a:21:f9:bc:ca:d8:60:
00:99:a9:bb:8b:30:31:96:4a:4a:d3:c2:8b:c1:f2:c4:3f:3d:
d3:fe:0e:a2:34:ae:2a:0b:9d:d7:01:64:15:6e:cd:a2:36:b8:
ae:1f:8b:51:c3:03:15:7b:d6:66:2a:03:77:7f:ac:db:90:e2:
25:9b:80:29:67:35:b7:34:a2:c1:ea:80:09:65:23:66:d0:55:
ca:8d:47:2e:e7:02:53:57:54:11:f2:e3:33:ed:50:55:1d:0a:
e1:5f:c1:b7:67:83:17:ce:dc:26:e9:3b:b9:c3:40:95:aa:ed:
8a:d8:d8:29:99:6c:f4:77:7f:c2:31:ed:bd:84:27:5c:8a:b4:
b2:28:f1:0e:63:5f:8c:1e:f0:9a:0e:90:e5:20:b9:cb:47:52:
f9:62:d6:05:ba:dd:35:61:9e:2b:f6:30:19:ee:6a:69:75:8d:
7d:46:97:c0:da:7d:2d:e8:63:07:65:db:15:4c:90:a0:b9:c3:
b9:1e:87:03:06:04:89:bc:fe:d5:65:ac:57:0e:6a:26:4c:2d:
24:f7:b0:24
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY8u2HQ8rxZWncgb4R2S0h9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNDMwMTE1MTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ5NDFmOWYyMGNlZGY1YWM4MjE0Y2M0Yzk0NjUyMGUzYzlmMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3BPGK/VrqGMGH4rzOrnhtQXsDIS
Cv0CrpQhP1Y9ST8AGj/iNwxarXzR/mn2ek32rSaQlWbsV/Mm9EnkwPt+TTOQaKjt
HqD4WTiPrbUVn5JASyqVvKHyuHoCSSiChcCE03sEowkrT3+pZ1FrhXSnCGO6qKKr
TfMD1Rx98hBO9Dy5+UVS9+Htpnfzg1pB2YZ+OWDKQqvXnwe+Cv4NoEYvueexBIBd
N7ZMN4NNCjjl7bNAsJkuA5QvEr+1l+sHIix8X11gEQezN/jvg6TIpEANtqstUwQ4
pPpJ58Cgh+8mwpyoxYynxn6Toijo8h0zJf02yttTkrRdT9N4mJ7yfU/UpQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFHHZQfnyDO31rIIUzEyUZSDjyfNPMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvY2RsQi1mSU03ZldzZ2hUTVRKUmxJT1BKODA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQDPjyYAwQC
Pjy4AwQCPjzAMAsDBAM+PNgDAwA+PAMEAtWwQDANBgkqhkiG9w0BAQsFAAOCAQEA
mhnCjTjiwq3rhJTAZNXai5iwyTbzOaELD4LYkwX5wnVoLkLeAnJ+Gu44e82JGzyK
Ifm8ythgAJmpu4swMZZKStPCi8HyxD890/4OojSuKgud1wFkFW7Noja4rh+LUcMD
FXvWZioDd3+s25DiJZuAKWc1tzSiweqACWUjZtBVyo1HLucCU1dUEfLjM+1QVR0K
4V/Bt2eDF87cJuk7ucNAlartitjYKZls9Hd/wjHtvYQnXIq0sijxDmNfjB7wmg6Q
5SC5y0dS+WLWBbrdNWGeK/YwGe5qaXWNfUaXwNp9LehjB2XbFUyQoLnDuR6HAwYE
ibz+1WWsVw5qJkwtJPewJA==
-----END CERTIFICATE-----
Generated at Wed May 1 05:56:53 2024 by rpki-client on console-ams.rpki-client.org