Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hNDcbx573DoFkEE6ccDZKUhzBko.roa
File: hNDcbx573DoFkEE6ccDZKUhzBko.roa (raw, json)
Hash identifier: e8xDMjW3+rWQVyy7Fa5AhVR6KaVwCX8WDU8/Epal570=
Subject key identifier: 84:D0:DC:6F:1E:7B:DC:3A:05:90:41:3A:71:C0:D9:29:48:73:06:4A
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01859FF1268EE3EDD4308C8CD7E028901EAB
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hNDcbx573DoFkEE6ccDZKUhzBko.roa
Signing time: Wed 11 Jan 2023 08:27:39 +0000
ROA not before: Wed 11 Jan 2023 08:27:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.132.0/22 maxlen: 24
62.60.146.0/23 maxlen: 24
62.60.148.0/22 maxlen: 24
213.176.24.0/22 maxlen: 24
62.60.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Jan 2023 07:38:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:f1:26:8e:e3:ed:d4:30:8c:8c:d7:e0:28:90:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 11 08:27:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d0dc6f1e7bdc3a0590413a71c0d9294873064a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:69:83:2a:1c:a4:be:01:be:da:41:1d:dd:64:
bc:b0:32:5d:3b:f4:3d:cf:31:42:69:68:7c:a0:f1:
46:d7:92:31:02:12:d3:16:10:f0:51:11:f1:72:b4:
0d:9f:92:f3:9f:b4:c5:ff:6f:4f:93:00:5f:e9:83:
3e:8b:85:8f:7e:30:1d:4e:7c:b9:d0:9f:6b:da:d9:
24:2b:6c:de:86:11:f2:40:d0:bb:9d:b8:78:cb:27:
d9:26:6b:f7:8f:fb:30:9f:87:b5:9b:8e:8b:c4:f3:
bb:2f:5f:3b:55:b6:57:ea:61:d6:3c:a8:5c:62:a3:
46:a2:6c:74:26:f8:49:96:e8:56:f1:4d:dc:01:98:
32:4d:27:e5:c5:57:01:00:ce:c3:64:f1:f7:44:e1:
33:33:77:81:1d:77:e1:23:96:a1:d4:e4:2f:7a:16:
f4:ca:f9:a8:f0:e1:c9:0f:b7:ab:e5:36:a2:a7:ea:
eb:17:7b:74:10:04:37:4b:ac:5e:94:a8:33:c9:07:
b5:16:9e:10:f2:af:47:44:02:72:e1:25:81:f2:c7:
91:b2:b1:e5:3a:a7:05:4a:a4:b9:f9:53:ca:35:9e:
7e:26:d6:d1:82:69:b0:91:c8:cc:ee:2c:8d:a8:17:
89:5d:c5:15:5a:2a:a8:fc:ca:d0:e6:24:a8:ef:d7:
f4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D0:DC:6F:1E:7B:DC:3A:05:90:41:3A:71:C0:D9:29:48:73:06:4A
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hNDcbx573DoFkEE6ccDZKUhzBko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.132.0/22
62.60.146.0-62.60.151.255
62.60.212.0/24
213.176.24.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:21:39:a5:04:08:7e:7f:35:47:60:00:1e:08:b4:76:9e:6f:
96:75:91:e8:1c:a4:00:88:86:fe:17:c8:51:06:bf:1f:c9:5e:
9b:6d:52:43:2f:de:36:cd:2e:91:49:87:8e:ad:70:ae:aa:cc:
83:1f:35:5d:74:19:04:6c:17:00:52:88:73:d0:e4:b1:6e:34:
8d:ee:76:21:93:ef:70:5c:eb:0c:db:d5:ac:61:59:e7:fe:f9:
3a:fd:cf:e0:ce:ab:7f:35:4f:f3:41:b7:d7:f8:ce:e7:56:9b:
bd:e4:36:d0:e4:af:42:7f:73:dd:95:1f:ac:e6:ea:17:eb:e2:
ba:18:ff:90:bf:74:6a:3a:fb:e3:c9:b5:83:8d:d9:cb:cd:49:
b1:a1:8f:8e:79:35:65:56:04:69:3b:28:65:64:b3:77:b2:ed:
fa:d4:d1:6e:79:72:f6:82:a7:7a:8a:3a:08:ea:f0:57:45:8a:
ee:eb:1c:f3:a2:c4:d1:0d:49:e6:09:2c:3b:4a:b8:e5:97:42:
75:04:25:1b:bd:d7:87:32:d4:49:b2:37:c1:de:78:d9:cf:8d:
6f:17:fa:43:c3:4d:d4:42:c5:f6:82:81:8a:16:65:f3:c7:df:
c0:b1:86:3c:24:a8:2f:f3:fe:fa:41:38:a0:0f:13:2e:e2:3e:
96:3f:5a:57
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYWf8SaO4+3UMIyM1+AokB6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTExMDgyNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQwZGM2ZjFlN2JkYzNhMDU5MDQxM2E3MWMwZDkyOTQ4NzMwNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2mDKhykvgG+2kEd3WS8sDJdO/Q9
zzFCaWh8oPFG15IxAhLTFhDwURHxcrQNn5Lzn7TF/29PkwBf6YM+i4WPfjAdTny5
0J9r2tkkK2zehhHyQNC7nbh4yyfZJmv3j/swn4e1m46LxPO7L187VbZX6mHWPKhc
YqNGomx0JvhJluhW8U3cAZgyTSflxVcBAM7DZPH3ROEzM3eBHXfhI5ah1OQvehb0
yvmo8OHJD7er5Taip+rrF3t0EAQ3S6xelKgzyQe1Fp4Q8q9HRAJy4SWB8seRsrHl
OqcFSqS5+VPKNZ5+JtbRgmmwkcjM7iyNqBeJXcUVWiqo/MrQ5iSo79f0BQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFITQ3G8ee9w6BZBBOnHA2SlIcwZKMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaE5EY2J4NTczRG9Ga0VFNmNjRFpLVWh6QmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCPjyEMAwD
BAE+PJIDBAM+PJADBAA+PNQDBALVsBgwDQYJKoZIhvcNAQELBQADggEBAMohOaUE
CH5/NUdgAB4ItHaeb5Z1kegcpACIhv4XyFEGvx/JXpttUkMv3jbNLpFJh46tcK6q
zIMfNV10GQRsFwBSiHPQ5LFuNI3udiGT73Bc6wzb1axhWef++Tr9z+DOq381T/NB
t9f4zudWm73kNtDkr0J/c92VH6zm6hfr4roY/5C/dGo6++PJtYON2cvNSbGhj455
NWVWBGk7KGVks3ey7frU0W55cvaCp3qKOgjq8FdFiu7rHPOixNENSeYJLDtKuOWX
QnUEJRu914cy1EmyN8HeeNnPjW8X+kPDTdRCxfaCgYoWZfPH38CxhjwkqC/z/vpB
OKAPEy7iPpY/Wlc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org