Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ia0RZaQatKc_YAmJFp62c2XzRx0.roa
File: ia0RZaQatKc_YAmJFp62c2XzRx0.roa (raw, json)
Hash identifier: tuSg/wIG9RqHd3U7BKsOTzHeg0zRq5xPklbMOwXrUuc=
Subject key identifier: 89:AD:11:65:A4:1A:B4:A7:3F:60:09:89:16:9E:B6:73:65:F3:47:1D
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01893A1B89E75373991E03C8829BD2A1921B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ia0RZaQatKc_YAmJFp62c2XzRx0.roa
Signing time: Sun 09 Jul 2023 10:03:50 +0000
ROA not before: Sun 09 Jul 2023 10:03:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53356
IP address blocks: 62.60.216.0/22 maxlen: 24
213.176.2.0/23 maxlen: 24
213.176.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 16:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:1b:89:e7:53:73:99:1e:03:c8:82:9b:d2:a1:92:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jul 9 10:03:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89ad1165a41ab4a73f600989169eb67365f3471d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4b:a0:f7:87:d4:01:b2:99:9e:d2:00:74:90:
25:dc:32:12:82:eb:86:8c:1c:60:fc:25:f0:06:d1:
ea:b7:43:e5:2d:d4:fc:d5:d5:6e:d9:25:ce:08:11:
c0:1a:f5:9a:5f:76:ac:68:bf:94:28:ff:ff:d9:a2:
db:d4:d5:cc:87:28:e8:96:21:94:e8:c8:ad:4a:c7:
37:fd:01:9c:35:a8:4b:7b:0f:fe:d4:be:29:4f:bb:
52:79:ed:6b:84:0b:de:1a:9e:2f:d9:46:de:17:5e:
49:eb:f1:d9:db:9f:61:f2:70:91:24:61:d8:a7:bf:
38:87:d0:5b:f8:f0:2e:93:36:36:2c:b4:00:12:3e:
f8:97:0d:b8:65:54:8b:00:54:f8:46:9a:22:5e:8d:
4c:3c:46:ca:5c:6b:e8:59:1e:07:5d:37:ef:1c:a2:
b3:f8:63:04:16:3b:d8:bd:60:f2:f9:87:73:3e:ed:
a9:a8:f8:e8:de:bf:bc:97:79:83:a2:02:7a:c2:e6:
2e:70:c5:25:16:45:a6:a3:12:5d:5a:ca:a7:f6:6a:
53:a4:36:a1:7b:52:ab:93:68:77:ed:ca:9a:71:85:
ea:4c:66:1c:59:86:5a:00:f0:28:ca:c7:56:6c:f9:
78:61:45:32:0a:91:53:48:94:c0:b4:10:55:c5:de:
ca:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AD:11:65:A4:1A:B4:A7:3F:60:09:89:16:9E:B6:73:65:F3:47:1D
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ia0RZaQatKc_YAmJFp62c2XzRx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.216.0/22
213.176.2.0/23
213.176.6.0/23
Signature Algorithm: sha256WithRSAEncryption
10:74:61:a0:4c:9e:0a:94:a7:77:58:9f:9f:3f:f9:be:9b:98:
d2:ad:68:42:3b:a5:3d:5b:34:1b:df:d6:9e:0b:1e:53:c3:97:
8e:38:39:84:37:b2:4a:ee:8d:c5:e2:c8:86:29:f2:e0:a3:ae:
a0:64:f6:44:ef:73:09:0d:2f:03:99:c6:b7:21:dc:57:44:17:
f7:fb:da:5c:18:1c:3f:00:f1:ab:84:fe:81:b5:29:1c:d5:b5:
82:42:5b:17:d7:7a:56:ca:5e:ef:b4:78:2b:5d:78:fd:ba:c4:
d7:42:ce:7c:04:77:42:da:5b:cd:8c:90:37:8b:b2:d1:2f:0d:
b0:2e:2b:1b:9c:cf:59:92:60:78:bb:91:1f:12:61:97:d4:ee:
c5:88:d2:71:ce:5a:7e:b2:a6:f4:6e:1e:ec:34:03:ae:9b:ce:
35:32:12:e5:51:f9:d0:7c:02:90:29:9b:f5:81:d3:e3:54:4a:
4e:93:e1:4b:84:9e:d8:23:79:85:6a:44:a0:be:1f:1a:03:69:
39:d3:46:ef:57:d3:b1:15:92:e2:e1:9e:72:68:af:10:b8:f9:
d9:53:e1:ff:82:45:c5:74:20:3a:fa:82:e2:85:bd:85:ad:15:
79:a5:bb:ac:5d:fd:62:2f:c7:be:85:75:b1:2a:c8:4c:e4:7a:
32:92:a7:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYk6G4nnU3OZHgPIgpvSoZIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNzA5MTAwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFkMTE2NWE0MWFiNGE3M2Y2MDA5ODkxNjllYjY3MzY1ZjM0NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20ug94fUAbKZntIAdJAl3DISguuG
jBxg/CXwBtHqt0PlLdT81dVu2SXOCBHAGvWaX3asaL+UKP//2aLb1NXMhyjoliGU
6MitSsc3/QGcNahLew/+1L4pT7tSee1rhAveGp4v2UbeF15J6/HZ259h8nCRJGHY
p784h9Bb+PAukzY2LLQAEj74lw24ZVSLAFT4RpoiXo1MPEbKXGvoWR4HXTfvHKKz
+GMEFjvYvWDy+YdzPu2pqPjo3r+8l3mDogJ6wuYucMUlFkWmoxJdWsqn9mpTpDah
e1Krk2h37cqacYXqTGYcWYZaAPAoysdWbPl4YUUyCpFTSJTAtBBVxd7KjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFImtEWWkGrSnP2AJiRaetnNl80cdMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaWEwUlphUWF0S2NfWUFtSkZwNjJjMlh6UngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPjzYAwQB
1bACAwQB1bAGMA0GCSqGSIb3DQEBCwUAA4IBAQAQdGGgTJ4KlKd3WJ+fP/m+m5jS
rWhCO6U9WzQb39aeCx5Tw5eOODmEN7JK7o3F4siGKfLgo66gZPZE73MJDS8Dmca3
IdxXRBf3+9pcGBw/APGrhP6BtSkc1bWCQlsX13pWyl7vtHgrXXj9usTXQs58BHdC
2lvNjJA3i7LRLw2wLisbnM9ZkmB4u5EfEmGX1O7FiNJxzlp+sqb0bh7sNAOum841
MhLlUfnQfAKQKZv1gdPjVEpOk+FLhJ7YI3mFakSgvh8aA2k500bvV9OxFZLi4Z5y
aK8QuPnZU+H/gkXFdCA6+oLihb2FrRV5pbusXf1iL8e+hXWxKshM5HoykqeL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org