Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/kQifnXZBdx7X09vc7dNavpSzunk.roa
File: kQifnXZBdx7X09vc7dNavpSzunk.roa (raw, json)
Hash identifier: fXfQj7JQ4Bxz6K09pQx1IquAGUSf17abh/kF8oe0M5k=
Subject key identifier: 91:08:9F:9D:76:41:77:1E:D7:D3:DB:DC:ED:D3:5A:BE:94:B3:BA:79
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018BADBC41CDFA5250DE4E50E348A3298D9F
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/kQifnXZBdx7X09vc7dNavpSzunk.roa
Signing time: Wed 08 Nov 2023 07:01:17 +0000
ROA not before: Wed 08 Nov 2023 07:01:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.216.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 10:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:bc:41:cd:fa:52:50:de:4e:50:e3:48:a3:29:8d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Nov 8 07:01:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91089f9d7641771ed7d3dbdcedd35abe94b3ba79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:49:5a:6a:7c:ba:f8:1e:f3:a9:38:74:05:
11:c6:77:26:f1:2f:e9:2f:31:f3:e9:da:5d:f2:c4:
03:96:f1:46:62:bb:64:2c:9d:d8:26:9a:70:f0:aa:
15:bf:68:5d:67:7e:61:5f:41:3a:4f:c5:e4:cf:15:
db:a3:62:d5:93:34:d0:df:18:85:27:d0:80:b5:b2:
02:50:6a:a1:f2:e9:3e:9a:a2:95:93:45:f3:2e:8a:
6f:8a:71:27:81:da:44:b0:b9:9c:52:86:ef:8c:c1:
85:83:f0:a8:91:e1:a1:76:36:3a:14:ee:ad:c1:60:
d8:29:9a:31:5d:1c:2e:03:de:fc:02:bf:01:3f:d1:
82:15:08:c7:70:9d:dc:1f:81:18:f8:07:2a:18:f1:
29:80:b4:25:6d:66:65:8e:29:04:2b:04:74:d3:09:
4b:a3:a6:ce:ae:ed:b5:6d:a6:e8:63:6b:5f:6e:fa:
78:f8:9d:7b:bd:6c:91:84:c3:0f:54:a6:3f:5e:7a:
ba:56:09:91:b0:62:15:c7:76:7c:09:ab:90:3c:8c:
29:b3:45:e0:47:4a:d3:ea:25:ed:f3:8b:cb:16:c2:
a1:8b:4a:90:13:cf:89:92:7e:d6:ff:ac:02:00:80:
cf:08:66:f0:cc:bc:2d:ec:b3:a2:90:b5:b7:a4:0b:
88:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:08:9F:9D:76:41:77:1E:D7:D3:DB:DC:ED:D3:5A:BE:94:B3:BA:79
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/kQifnXZBdx7X09vc7dNavpSzunk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.156.0/22
62.60.188.0/22
62.60.216.0/21
213.176.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:b7:bd:a1:2d:dc:ef:bc:fb:71:2b:3f:40:27:26:aa:29:de:
02:df:4a:f2:bc:17:4d:6e:7f:90:83:94:25:34:c6:be:5c:10:
f0:18:59:bb:82:a3:fe:d7:8d:66:a5:74:6e:fa:1d:27:78:df:
a9:9c:8b:c6:d1:a5:bf:4f:27:8b:31:89:bf:7d:3c:22:45:35:
ff:d5:b7:7f:eb:5a:09:47:3d:21:f4:33:0b:1a:a1:cf:9c:fe:
6f:35:ba:4a:c0:b2:69:9a:fc:36:f9:08:37:7e:1f:b4:be:be:
f5:ca:e3:93:1b:10:99:4a:8e:6d:e3:b8:b4:a8:11:01:6f:6b:
cd:7a:d9:a4:1d:2a:5c:a0:59:90:09:a3:e6:1c:42:f6:12:a7:
79:da:ee:b4:eb:a7:c5:e1:7e:40:b0:5a:d2:47:78:38:e4:d1:
f2:de:b1:d5:6d:b0:bc:49:ba:5b:dc:2c:68:d8:54:dc:43:f1:
21:31:f8:f6:4d:9a:b9:a5:db:af:aa:94:49:7e:ea:cd:b3:e2:
8a:af:0e:c5:ea:77:04:26:45:83:4d:ee:ab:c5:4a:54:98:2b:
26:87:f8:a7:38:87:55:77:d2:40:6b:48:51:e8:73:6a:2b:e3:
82:60:f2:f8:01:fd:c2:50:03:bf:5b:dd:fd:5e:bc:07:d0:52:
1c:70:0d:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYutvEHN+lJQ3k5Q40ijKY2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMTA4MDcwMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA4OWY5ZDc2NDE3NzFlZDdkM2RiZGNlZGQzNWFiZTk0YjNiYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn01JWmp8uvge86k4dAURxncm8S/p
LzHz6dpd8sQDlvFGYrtkLJ3YJppw8KoVv2hdZ35hX0E6T8XkzxXbo2LVkzTQ3xiF
J9CAtbICUGqh8uk+mqKVk0XzLopvinEngdpEsLmcUobvjMGFg/CokeGhdjY6FO6t
wWDYKZoxXRwuA978Ar8BP9GCFQjHcJ3cH4EY+AcqGPEpgLQlbWZljikEKwR00wlL
o6bOru21baboY2tfbvp4+J17vWyRhMMPVKY/Xnq6VgmRsGIVx3Z8CauQPIwps0Xg
R0rT6iXt84vLFsKhi0qQE8+Jkn7W/6wCAIDPCGbwzLwt7LOikLW3pAuILQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJEIn512QXce19Pb3O3TWr6Us7p5MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEva1FpZm5YWkJkeDdYMDl2YzdkTmF2cFN6dW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPjycAwQC
Pjy8AwQDPjzYAwQC1bBAMA0GCSqGSIb3DQEBCwUAA4IBAQCPt72hLdzvvPtxKz9A
JyaqKd4C30ryvBdNbn+Qg5QlNMa+XBDwGFm7gqP+141mpXRu+h0neN+pnIvG0aW/
TyeLMYm/fTwiRTX/1bd/61oJRz0h9DMLGqHPnP5vNbpKwLJpmvw2+Qg3fh+0vr71
yuOTGxCZSo5t47i0qBEBb2vNetmkHSpcoFmQCaPmHEL2Eqd52u6066fF4X5AsFrS
R3g45NHy3rHVbbC8Sbpb3Cxo2FTcQ/EhMfj2TZq5pduvqpRJfurNs+KKrw7F6ncE
JkWDTe6rxUpUmCsmh/inOIdVd9JAa0hR6HNqK+OCYPL4Af3CUAO/W939XrwH0FIc
cA1Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org