Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hMyb4YqK0_eOf5Ezcu575skwZH4.roa
File: hMyb4YqK0_eOf5Ezcu575skwZH4.roa (raw, json)
Hash identifier: 2dfYPvCunwVvxqsNxPtR2AR0jngXcGfWa8gJj7MvPBI=
Subject key identifier: 84:CC:9B:E1:8A:8A:D3:F7:8E:7F:91:33:72:EE:7B:E6:C9:30:64:7E
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018B21E14E5B12BAA76E41B793FEA4E1C76F
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hMyb4YqK0_eOf5Ezcu575skwZH4.roa
Signing time: Thu 12 Oct 2023 03:14:55 +0000
ROA not before: Thu 12 Oct 2023 03:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.216.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.152.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:21:e1:4e:5b:12:ba:a7:6e:41:b7:93:fe:a4:e1:c7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Oct 12 03:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84cc9be18a8ad3f78e7f913372ee7be6c930647e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0b:0c:ee:35:52:d3:da:31:52:55:a5:d0:33:
b2:c4:61:ca:5a:77:14:74:f1:5c:68:b9:2d:93:ce:
41:4d:89:6f:37:53:e5:d7:4e:34:d8:a6:95:da:af:
e1:fe:90:a2:88:38:a8:33:4e:b6:d4:0d:25:95:7a:
a7:92:9a:38:b6:09:7a:e6:55:aa:02:b1:02:39:04:
8a:86:fe:0f:a5:13:35:de:7b:12:50:ff:f8:99:e3:
88:7d:c3:66:30:a4:44:06:af:84:1f:7e:39:da:31:
fe:a5:c4:43:34:e6:de:30:ef:14:04:4a:f6:0c:40:
4b:96:8c:26:53:02:69:2b:cb:6f:1f:dd:16:21:63:
2f:5a:05:da:a1:cd:ed:58:e6:6d:5b:e4:9f:d4:11:
d7:c9:61:6c:56:af:6d:ec:24:23:8e:a7:60:08:2d:
70:10:a0:72:76:44:52:0a:e1:3c:b8:e0:85:11:f2:
53:52:fd:96:06:59:e5:c7:a3:15:df:db:bc:f1:9a:
01:62:e5:8f:32:80:3d:c7:0b:26:39:57:c2:94:06:
ff:38:1e:64:5c:6a:cc:ff:63:0d:0a:5f:33:81:f2:
26:eb:35:79:31:2e:e6:e8:18:3d:90:09:d4:50:e5:
9d:c3:65:71:0e:a8:96:43:53:b0:76:4e:44:d7:5e:
29:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CC:9B:E1:8A:8A:D3:F7:8E:7F:91:33:72:EE:7B:E6:C9:30:64:7E
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hMyb4YqK0_eOf5Ezcu575skwZH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/22
62.60.180.0/22
62.60.216.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:9f:29:1e:7d:2e:1f:0b:66:28:a0:14:4d:c9:50:1f:13:9a:
48:4d:16:68:e9:a6:92:49:f5:20:27:08:f0:b9:ec:11:7d:35:
f7:16:43:45:40:9f:77:26:31:7d:83:46:f2:7e:7b:d5:89:48:
f0:e9:79:f2:4a:b1:db:fe:c4:54:75:cb:4a:03:81:c7:91:5e:
45:8f:a8:41:9b:d8:bd:d3:13:d5:00:a7:fb:62:29:f0:b6:09:
24:43:ce:8d:6c:b7:59:55:d8:aa:35:f5:0e:ec:2f:e8:b8:ac:
bb:2d:1d:53:a0:38:09:71:ec:1e:32:25:e6:38:c4:22:e1:6a:
9b:66:8b:a8:dc:84:4a:ac:ba:fb:59:61:53:77:8d:9c:68:cb:
55:9a:36:70:54:1d:f7:17:9b:a7:2a:c7:d4:0e:5a:34:5c:16:
57:c3:d8:41:72:36:ff:64:a1:c0:82:98:93:77:83:17:6e:08:
3c:5b:61:4e:f0:bc:93:4c:2a:e2:f5:1f:e6:2e:89:84:e0:32:
ba:93:97:bc:84:b8:e1:92:e5:1b:76:4a:6d:f3:34:16:e0:4d:
0c:2a:25:80:eb:ae:ec:f8:f7:82:35:fb:4c:2f:23:e8:7b:a1:
1d:a2:2d:a1:0e:fd:e0:b8:4c:ba:50:1d:8d:d1:fc:75:3b:e1:
d3:c9:9b:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsh4U5bErqnbkG3k/6k4cdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMDEyMDMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNjOWJlMThhOGFkM2Y3OGU3ZjkxMzM3MmVlN2JlNmM5MzA2NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQsM7jVS09oxUlWl0DOyxGHKWncU
dPFcaLktk85BTYlvN1Pl10402KaV2q/h/pCiiDioM0621A0llXqnkpo4tgl65lWq
ArECOQSKhv4PpRM13nsSUP/4meOIfcNmMKREBq+EH3452jH+pcRDNObeMO8UBEr2
DEBLlowmUwJpK8tvH90WIWMvWgXaoc3tWOZtW+Sf1BHXyWFsVq9t7CQjjqdgCC1w
EKBydkRSCuE8uOCFEfJTUv2WBlnlx6MV39u88ZoBYuWPMoA9xwsmOVfClAb/OB5k
XGrM/2MNCl8zgfIm6zV5MS7m6Bg9kAnUUOWdw2VxDqiWQ1Owdk5E114psQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITMm+GKitP3jn+RM3Lue+bJMGR+MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaE15YjRZcUswX2VPZjVFemN1NTc1c2t3Wkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPjyYAwQC
Pjy0AwQDPjzYMA0GCSqGSIb3DQEBCwUAA4IBAQAPnykefS4fC2YooBRNyVAfE5pI
TRZo6aaSSfUgJwjwuewRfTX3FkNFQJ93JjF9g0byfnvViUjw6XnySrHb/sRUdctK
A4HHkV5Fj6hBm9i90xPVAKf7YinwtgkkQ86NbLdZVdiqNfUO7C/ouKy7LR1ToDgJ
ceweMiXmOMQi4WqbZouo3IRKrLr7WWFTd42caMtVmjZwVB33F5unKsfUDlo0XBZX
w9hBcjb/ZKHAgpiTd4MXbgg8W2FO8LyTTCri9R/mLomE4DK6k5e8hLjhkuUbdkpt
8zQW4E0MKiWA667s+PeCNftMLyPoe6Edoi2hDv3guEy6UB2N0fx1O+HTyZsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org