Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cupE7VgVTPke6rkHswRzMKfsXOg.roa
File: cupE7VgVTPke6rkHswRzMKfsXOg.roa (raw, json)
Hash identifier: 6ra0PsvJ25zeLDmwsHv3pk6VbXvQ8Xsqp4eDBERF7Dc=
Subject key identifier: 72:EA:44:ED:58:15:4C:F9:1E:EA:B9:07:B3:04:73:30:A7:EC:5C:E8
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01916F66F03AD3A4D1D9450FD5565CFEC9A4
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cupE7VgVTPke6rkHswRzMKfsXOg.roa
Signing time: Tue 20 Aug 2024 10:48:22 +0000
ROA not before: Tue 20 Aug 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.196.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 20:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:66:f0:3a:d3:a4:d1:d9:45:0f:d5:56:5c:fe:c9:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 20 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72ea44ed58154cf91eeab907b3047330a7ec5ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:39:13:d1:78:86:93:68:d8:b6:b3:58:5d:
bc:28:fc:d1:96:e4:af:95:76:be:9f:39:55:8b:20:
e8:35:b2:0a:78:a4:e5:1e:60:b2:a9:64:4f:64:07:
cf:15:b1:65:98:61:0f:75:a3:78:a4:54:63:de:28:
72:54:99:a2:54:23:f7:7b:ee:ca:a5:08:ee:18:a5:
ed:46:5f:57:3e:f9:14:ab:93:b3:08:a5:cf:45:c8:
26:c1:9c:10:de:b2:3c:7f:c0:90:a0:be:29:6f:90:
e1:50:ff:19:79:a7:ab:3b:61:df:e5:04:9f:2a:4d:
80:e0:dc:3e:09:4e:08:1c:06:f6:e7:e1:cf:9d:e4:
61:a3:56:85:4a:a4:04:22:a0:e6:aa:72:bb:c7:61:
e5:8e:a1:45:7c:0a:f8:ac:14:ff:dd:30:e9:15:fc:
7f:40:70:4a:9a:64:19:b8:c1:82:35:b1:2e:7b:d2:
2f:4c:58:4d:07:c5:00:32:fb:56:2d:b0:e0:61:7c:
d0:58:8a:dd:5b:29:d5:9b:52:78:dc:27:76:4a:2e:
93:a7:82:c2:11:d6:ed:50:ff:4b:4b:29:bd:35:49:
ff:20:c3:c3:ba:a1:c7:14:5f:32:bd:c0:a9:19:1e:
ac:b2:2d:27:0b:af:fc:a9:1a:f9:38:6a:be:99:a1:
5a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EA:44:ED:58:15:4C:F9:1E:EA:B9:07:B3:04:73:30:A7:EC:5C:E8
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cupE7VgVTPke6rkHswRzMKfsXOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0/22
62.60.196.0/22
62.60.244.0-62.60.251.255
Signature Algorithm: sha256WithRSAEncryption
55:17:94:9f:d3:dd:a4:2e:f2:0b:26:32:31:39:07:71:d7:97:
fd:a6:1c:9f:0e:94:68:f1:e0:f2:42:df:c6:78:92:da:f9:f9:
05:5d:31:50:19:e1:20:30:81:3b:68:98:20:dc:a8:e9:2a:dc:
74:21:6b:e2:7f:b3:bf:eb:9b:5b:24:70:e9:80:a0:15:a4:54:
41:cf:11:8b:8a:2c:b5:5e:34:03:c4:2b:23:0e:dc:31:30:68:
01:06:b1:bf:45:5b:2e:94:9f:09:da:4b:21:81:09:42:a1:82:
18:92:b1:00:c5:b0:0e:e7:fc:5b:ec:05:20:7b:24:70:0a:12:
1f:63:71:07:40:0c:01:6e:eb:2b:8d:f8:24:1e:92:80:56:93:
6e:a7:5a:dd:e4:8a:6f:14:ee:a9:23:1d:88:73:01:12:8b:eb:
d9:aa:c7:b2:48:12:20:38:f7:42:71:6c:d4:53:a3:57:90:43:
72:0c:5a:e2:c4:14:cd:19:3b:95:6f:62:eb:92:34:fa:2f:e5:
53:68:76:b3:d1:77:bd:59:22:78:bf:e7:6c:e5:e2:11:74:82:
4d:61:a1:e0:9e:39:fc:08:6f:eb:23:63:07:8d:7e:a1:72:e2:
f0:0c:9e:c4:09:c2:d6:0a:9e:b7:42:45:63:f1:63:62:c3:28:
db:71:df:ad
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFvZvA606TR2UUP1VZc/smkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwODIwMTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmVhNDRlZDU4MTU0Y2Y5MWVlYWI5MDdiMzA0NzMzMGE3ZWM1Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKw5E9F4hpNo2LazWF28KPzRluSv
lXa+nzlViyDoNbIKeKTlHmCyqWRPZAfPFbFlmGEPdaN4pFRj3ihyVJmiVCP3e+7K
pQjuGKXtRl9XPvkUq5OzCKXPRcgmwZwQ3rI8f8CQoL4pb5DhUP8ZeaerO2Hf5QSf
Kk2A4Nw+CU4IHAb25+HPneRho1aFSqQEIqDmqnK7x2HljqFFfAr4rBT/3TDpFfx/
QHBKmmQZuMGCNbEue9IvTFhNB8UAMvtWLbDgYXzQWIrdWynVm1J43Cd2Si6Tp4LC
EdbtUP9LSym9NUn/IMPDuqHHFF8yvcCpGR6ssi0nC6/8qRr5OGq+maFaKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHLqRO1YFUz5Huq5B7MEczCn7FzoMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvY3VwRTdWZ1ZUUGtlNnJrSHN3UnpNS2ZzWE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCPjyUAwQC
PjzEMAwDBAI+PPQDBAI+PPgwDQYJKoZIhvcNAQELBQADggEBAFUXlJ/T3aQu8gsm
MjE5B3HXl/2mHJ8OlGjx4PJC38Z4ktr5+QVdMVAZ4SAwgTtomCDcqOkq3HQha+J/
s7/rm1skcOmAoBWkVEHPEYuKLLVeNAPEKyMO3DEwaAEGsb9FWy6UnwnaSyGBCUKh
ghiSsQDFsA7n/FvsBSB7JHAKEh9jcQdADAFu6yuN+CQekoBWk26nWt3kim8U7qkj
HYhzARKL69mqx7JIEiA490JxbNRTo1eQQ3IMWuLEFM0ZO5VvYuuSNPov5VNodrPR
d71ZIni/52zl4hF0gk1hoeCeOfwIb+sjYweNfqFy4vAMnsQJwtYKnrdCRWPxY2LD
KNtx360=
-----END CERTIFICATE-----
Generated at Thu Aug 29 21:41:42 2024 by rpki-client on console-fra.rpki-client.org