Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/nZph9Pg-6hW4UF_aURL6-YvTXp0.roa
File: nZph9Pg-6hW4UF_aURL6-YvTXp0.roa (raw, json)
Hash identifier: 209DiSRHbL83Q4t5zHGbn5DLFmVjhrYZQxtt+o/NWw8=
Subject key identifier: 9D:9A:61:F4:F8:3E:EA:15:B8:50:5F:DA:51:12:FA:F9:8B:D3:5E:9D
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018570B0715B8EC093A5FCDD166AE50D1E27
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/nZph9Pg-6hW4UF_aURL6-YvTXp0.roa
Signing time: Mon 02 Jan 2023 04:14:49 +0000
ROA not before: Mon 02 Jan 2023 04:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.143.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 07:44:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:71:5b:8e:c0:93:a5:fc:dd:16:6a:e5:0d:1e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 04:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d9a61f4f83eea15b8505fda5112faf98bd35e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:f8:27:bd:ca:cb:13:59:94:79:4c:eb:d7:
6c:a2:85:c4:ef:0f:7d:b3:a1:56:e5:5c:95:c5:68:
94:8b:e6:82:a7:33:0d:fe:60:e5:a9:75:72:13:31:
1c:1a:10:bc:42:4f:4f:24:f0:92:b9:3d:20:13:af:
ba:c6:d1:bb:bb:b3:a8:18:e7:2e:f2:54:80:69:54:
6f:16:e0:57:23:76:8c:ec:27:aa:1f:96:1a:5d:ac:
0b:16:a7:d7:fd:9d:b6:cd:ad:3c:51:9d:15:76:0a:
8d:1b:89:7d:48:45:02:fd:9c:9f:ef:7f:f4:29:ac:
e1:e0:3c:2c:33:81:64:98:46:cf:cd:92:58:1d:0c:
b4:36:27:97:36:ef:44:1d:b2:9d:00:fc:c8:12:ce:
02:aa:82:dd:86:bb:21:9d:5f:16:52:14:b4:b8:e6:
f7:d1:b8:f6:d3:03:2e:2c:db:c0:d0:49:0e:90:95:
da:aa:78:42:00:d8:da:8e:8b:3c:17:60:b8:41:c1:
cc:36:8f:b6:98:3c:e8:51:e4:64:39:a4:67:f2:a1:
ba:31:30:c2:a5:82:0e:0e:cf:be:a5:f8:7b:49:c8:
d1:f6:78:e5:43:ef:26:cd:33:8f:79:71:08:d7:25:
7c:75:11:81:12:84:8b:66:75:7b:1b:ef:18:86:ad:
01:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9A:61:F4:F8:3E:EA:15:B8:50:5F:DA:51:12:FA:F9:8B:D3:5E:9D
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/nZph9Pg-6hW4UF_aURL6-YvTXp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.143.0-62.60.144.255
62.60.160.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:c0:3f:90:f3:6b:96:71:e4:d2:bc:7c:29:63:f4:98:91:10:
48:4d:c3:e9:aa:7c:44:22:bb:8c:96:e6:2b:f2:8b:2f:f5:c8:
4f:c4:21:c2:0e:c4:10:f7:c6:de:0e:58:1c:e8:99:09:57:b4:
52:70:f9:07:55:31:0b:22:ec:99:f2:58:1f:3a:b9:f4:35:dd:
b2:3b:4e:d5:25:d8:d2:4a:60:f6:68:f6:d7:17:d0:19:d6:c3:
57:c2:8b:26:1f:3c:af:eb:78:4b:ff:cb:9f:a8:0a:0b:74:3c:
33:e3:94:fe:e6:03:81:5b:4f:15:66:c4:86:d9:8c:00:34:11:
15:67:62:c9:01:17:df:8f:c8:aa:dc:c8:c2:a6:d6:56:63:33:
06:6c:99:88:35:b8:99:5b:1f:0f:ff:89:40:2b:da:48:33:c1:
d1:00:a0:34:1b:a4:ee:43:6c:39:c6:3d:1a:86:4c:d1:e3:39:
6b:a5:c2:3e:6a:3d:ae:f1:bb:3e:3c:f6:50:1c:e5:84:f5:e0:
64:b3:c9:f9:d9:e6:38:3f:b9:1d:b1:b0:96:59:a5:d3:9b:e5:
da:ff:cf:c2:e5:91:37:58:ac:b8:7e:ba:9f:96:76:88:bb:50:
0b:62:dc:4c:f5:41:50:7c:d7:e3:12:96:ff:1e:25:67:06:42:
18:30:75:6e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwsHFbjsCTpfzdFmrlDR4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTAyMDQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDlhNjFmNGY4M2VlYTE1Yjg1MDVmZGE1MTEyZmFmOThiZDM1ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqr4J73KyxNZlHlM69dsooXE7w99
s6FW5VyVxWiUi+aCpzMN/mDlqXVyEzEcGhC8Qk9PJPCSuT0gE6+6xtG7u7OoGOcu
8lSAaVRvFuBXI3aM7CeqH5YaXawLFqfX/Z22za08UZ0VdgqNG4l9SEUC/Zyf73/0
Kazh4DwsM4FkmEbPzZJYHQy0NieXNu9EHbKdAPzIEs4CqoLdhrshnV8WUhS0uOb3
0bj20wMuLNvA0EkOkJXaqnhCANjajos8F2C4QcHMNo+2mDzoUeRkOaRn8qG6MTDC
pYIODs++pfh7ScjR9njlQ+8mzTOPeXEI1yV8dRGBEoSLZnV7G+8Yhq0BhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ2aYfT4PuoVuFBf2lES+vmL016dMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvblpwaDlQZy02aFc0VUZfYVVSTDYtWXZUWHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAA+PI8D
BAA+PJADBAI+PKAwDQYJKoZIhvcNAQELBQADggEBAIvAP5Dza5Zx5NK8fClj9JiR
EEhNw+mqfEQiu4yW5ivyiy/1yE/EIcIOxBD3xt4OWBzomQlXtFJw+QdVMQsi7Jny
WB86ufQ13bI7TtUl2NJKYPZo9tcX0BnWw1fCiyYfPK/reEv/y5+oCgt0PDPjlP7m
A4FbTxVmxIbZjAA0ERVnYskBF9+PyKrcyMKm1lZjMwZsmYg1uJlbHw//iUAr2kgz
wdEAoDQbpO5DbDnGPRqGTNHjOWulwj5qPa7xuz489lAc5YT14GSzyfnZ5jg/uR2x
sJZZpdOb5dr/z8LlkTdYrLh+up+Wdoi7UAti3Ez1QVB81+MSlv8eJWcGQhgwdW4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org