Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hpoZFRXIr-ny7N99nhl9NoR3Ye0.roa
File: hpoZFRXIr-ny7N99nhl9NoR3Ye0.roa (raw, json)
Hash identifier: IBSwaR82/xzJqw2uSwerSlb0xaJc/cBfH4KoWlLz1gw=
Subject key identifier: 86:9A:19:15:15:C8:AF:E9:F2:EC:DF:7D:9E:19:7D:36:84:77:61:ED
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0193551EEC865D649ACC33A442F75A52AA59
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hpoZFRXIr-ny7N99nhl9NoR3Ye0.roa
Signing time: Fri 22 Nov 2024 18:25:09 +0000
ROA not before: Fri 22 Nov 2024 18:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 62.60.230.0/23 maxlen: 24
62.60.235.0/24 maxlen: 24
213.176.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 10:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:1e:ec:86:5d:64:9a:cc:33:a4:42:f7:5a:52:aa:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Nov 22 18:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869a191515c8afe9f2ecdf7d9e197d36847761ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:83:bc:76:2d:27:63:e6:bc:75:1e:00:51:2e:
36:8b:ed:18:c3:53:28:6f:18:31:08:18:6f:71:2c:
80:57:f0:bb:86:10:7e:2f:ed:b5:1d:c4:66:21:d8:
11:d5:f0:a9:29:04:2f:cf:2c:c8:67:19:13:1e:66:
ae:60:9d:74:01:ed:df:23:62:72:30:6f:47:98:ba:
d0:af:f0:98:f2:66:53:4c:36:26:e0:c5:05:be:cc:
30:36:fa:2a:73:4e:d0:2f:25:d3:32:1b:d5:06:08:
f7:04:ab:b7:40:90:a2:a0:95:9a:93:6b:fa:e1:24:
e8:dc:03:dd:49:08:bb:c1:aa:b0:85:22:32:7f:87:
58:2c:4e:c7:d9:8e:55:64:cc:bc:1d:7b:0a:55:3e:
87:99:93:bb:9f:4d:44:27:f6:31:78:89:63:51:a2:
3b:53:a5:eb:b7:82:3c:97:f2:87:7a:c3:d7:3a:3c:
05:43:25:94:de:be:f8:3e:69:9b:e8:ee:30:f9:e2:
31:f1:4b:d7:f5:cc:90:b9:c4:2a:c7:e7:c3:2f:6d:
af:30:db:b7:7d:36:1f:ff:22:d1:a8:2a:7a:21:80:
33:d2:a2:db:ba:02:63:00:8d:14:ce:7c:d4:13:99:
e9:d7:6f:69:0c:05:b8:38:18:fd:10:4f:33:ed:fd:
de:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9A:19:15:15:C8:AF:E9:F2:EC:DF:7D:9E:19:7D:36:84:77:61:ED
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/hpoZFRXIr-ny7N99nhl9NoR3Ye0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.230.0/23
62.60.235.0/24
213.176.67.0/24
Signature Algorithm: sha256WithRSAEncryption
40:4f:3c:00:15:8d:d8:60:94:68:59:a4:93:d7:26:50:2a:69:
f8:fc:66:2c:59:f3:ad:ca:41:91:96:79:9b:39:e1:a3:42:8e:
50:3c:6f:3d:9a:ee:a4:9a:ac:d5:81:5e:a7:f1:33:f4:1f:14:
a2:55:97:ef:e2:e3:eb:09:fd:f0:b0:81:85:d0:06:a2:77:1d:
da:f7:57:ac:85:fd:bf:e0:f7:81:d2:50:60:47:fc:14:93:83:
ea:ce:a9:b1:22:c4:ce:71:a5:4e:76:c1:4d:26:ff:fb:1d:d1:
d6:5b:fc:38:47:8b:12:60:ac:4d:2d:fc:c0:78:b4:9d:84:60:
47:a3:d7:d2:38:41:cb:14:af:7f:10:c1:7d:a1:6c:0b:44:9d:
f0:7a:b6:e8:fd:40:90:b6:d6:df:e0:8d:3b:b0:0f:22:e7:01:
6d:c8:e5:b6:c3:82:dd:37:1b:8d:3f:30:97:ba:0c:64:e5:13:
65:53:d3:91:79:89:54:ee:d5:b2:be:fd:e7:d2:e3:70:b8:29:
e4:cc:27:5a:41:cb:5e:b5:5f:95:22:b1:7b:b7:20:d0:05:00:
b7:f0:5d:4f:9e:86:fb:2d:28:ba:e5:29:b6:ef:1d:88:0e:7e:
47:e6:9a:22:7b:a0:06:a7:ce:67:37:9f:81:5b:fd:93:14:a0:
e7:3c:1f:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNVHuyGXWSazDOkQvdaUqpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQxMTIyMTgyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlhMTkxNTE1YzhhZmU5ZjJlY2RmN2Q5ZTE5N2QzNjg0Nzc2MWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YO8di0nY+a8dR4AUS42i+0Yw1Mo
bxgxCBhvcSyAV/C7hhB+L+21HcRmIdgR1fCpKQQvzyzIZxkTHmauYJ10Ae3fI2Jy
MG9HmLrQr/CY8mZTTDYm4MUFvswwNvoqc07QLyXTMhvVBgj3BKu3QJCioJWak2v6
4STo3APdSQi7waqwhSIyf4dYLE7H2Y5VZMy8HXsKVT6HmZO7n01EJ/YxeIljUaI7
U6Xrt4I8l/KHesPXOjwFQyWU3r74Pmmb6O4w+eIx8UvX9cyQucQqx+fDL22vMNu3
fTYf/yLRqCp6IYAz0qLbugJjAI0UznzUE5np129pDAW4OBj9EE8z7f3eUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIaaGRUVyK/p8uzffZ4ZfTaEd2HtMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaHBvWkZSWElyLW55N045OW5obDlOb1IzWWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBPjzmAwQA
PjzrAwQA1bBDMA0GCSqGSIb3DQEBCwUAA4IBAQBATzwAFY3YYJRoWaST1yZQKmn4
/GYsWfOtykGRlnmbOeGjQo5QPG89mu6kmqzVgV6n8TP0HxSiVZfv4uPrCf3wsIGF
0Aaidx3a91eshf2/4PeB0lBgR/wUk4PqzqmxIsTOcaVOdsFNJv/7HdHWW/w4R4sS
YKxNLfzAeLSdhGBHo9fSOEHLFK9/EMF9oWwLRJ3werbo/UCQttbf4I07sA8i5wFt
yOW2w4LdNxuNPzCXugxk5RNlU9OReYlU7tWyvv3n0uNwuCnkzCdaQctetV+VIrF7
tyDQBQC38F1Pnob7LSi65Sm27x2IDn5H5poie6AGp85nN5+BW/2TFKDnPB9b
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:05:48 2025 by rpki-client