Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/oxTL9UnoOwuXLeoo-NCjQx7Mab0.roa
File: oxTL9UnoOwuXLeoo-NCjQx7Mab0.roa (raw, json)
Hash identifier: 0SF8gsdsY4g99L6WELaXT6hwxleneL5TvW2CaGtWw5Q=
Subject key identifier: A3:14:CB:F5:49:E8:3B:0B:97:2D:EA:28:F8:D0:A3:43:1E:CC:69:BD
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018DCCEC82CA0BD7F8A6B3A6AE484DF9806F
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/oxTL9UnoOwuXLeoo-NCjQx7Mab0.roa
Signing time: Wed 21 Feb 2024 18:27:48 +0000
ROA not before: Wed 21 Feb 2024 18:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.146.0/23 maxlen: 24
62.60.216.0/22 maxlen: 24
62.60.224.0/19 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.120.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 17:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:ec:82:ca:0b:d7:f8:a6:b3:a6:ae:48:4d:f9:80:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 21 18:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a314cbf549e83b0b972dea28f8d0a3431ecc69bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:79:0c:26:88:0f:9c:fb:21:c5:70:ec:44:59:
7f:80:fc:92:5f:db:15:c8:2d:35:c3:83:25:97:f3:
05:1f:aa:14:31:7f:49:8e:3f:12:08:24:7d:32:64:
2a:8b:e8:dd:cd:fa:9e:84:c5:82:d7:57:1d:fd:d8:
ab:d6:db:d0:5a:21:ae:d4:6e:17:13:62:aa:11:0a:
35:a3:05:17:20:46:df:0b:53:f5:40:58:1e:6b:c2:
f4:c2:c1:89:c5:5c:fe:2b:37:62:9c:00:bf:0a:22:
d7:84:5d:69:23:77:4e:e4:ab:1f:35:1b:e9:f1:48:
ff:ab:a4:68:53:81:37:f0:eb:b7:ce:ff:b8:20:21:
68:e2:c9:23:cd:8c:4a:9c:de:bb:4a:b6:5d:b9:9e:
cd:41:02:e2:93:77:4f:27:e7:55:65:23:f2:7b:89:
ef:39:d6:6f:2c:1f:19:d0:82:5f:4e:04:11:b6:75:
67:f2:3b:ba:f1:99:8d:29:fe:c4:51:5e:95:4a:c2:
7a:1a:c7:9f:de:b6:c6:5b:f5:aa:c8:51:d0:9e:3d:
2d:ed:ac:bc:db:cc:32:90:50:2f:c3:97:32:d5:94:
7c:01:da:3e:be:76:09:17:5b:c8:84:98:9e:a2:13:
8b:a2:70:8f:b6:85:17:0d:56:4f:bb:1f:09:9f:2f:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:14:CB:F5:49:E8:3B:0B:97:2D:EA:28:F8:D0:A3:43:1E:CC:69:BD
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/oxTL9UnoOwuXLeoo-NCjQx7Mab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.146.0/23
62.60.216.0/22
62.60.224.0/19
213.176.64.0/22
213.176.120.0/23
Signature Algorithm: sha256WithRSAEncryption
76:b9:f7:60:5f:4e:2d:d8:47:e5:6b:86:d3:04:9f:f3:01:b4:
e4:41:d5:2b:71:5b:3b:bd:8e:82:44:c3:21:8e:9a:2a:f7:97:
36:6e:7d:27:fb:54:d4:45:8c:3d:bb:64:90:c9:ae:78:e1:56:
cb:95:a5:e5:6f:d5:ab:17:6e:0b:4d:db:89:44:9f:f0:21:e9:
3a:86:36:64:26:b3:74:39:b9:47:90:f1:b7:26:7c:40:66:a7:
d1:c3:f7:2d:51:0d:5f:a8:db:39:ab:d6:01:30:68:58:81:29:
29:74:a5:b3:a8:27:91:f6:1d:37:60:8a:50:36:fa:6d:e4:89:
ba:63:5c:ec:f2:2f:f5:d6:fb:f0:96:80:0f:23:16:8e:8a:14:
22:b1:14:92:b6:90:d9:f0:d0:df:e7:3d:18:8b:09:5c:d0:1f:
5b:66:2b:76:e9:82:55:d4:e5:78:9e:3a:01:a2:c7:1c:27:dd:
43:99:0f:f5:d2:0b:6b:2a:8f:6b:ba:87:9a:ed:13:6e:35:fa:
c6:e6:2d:35:ae:fc:a5:60:9b:2c:66:2c:da:b7:f1:00:44:b0:
a9:54:91:4d:30:c2:59:dc:33:f9:04:03:34:66:41:fc:09:d2:
8c:07:23:04:5d:33:ea:83:99:7d:3b:ad:3a:86:6c:4d:c1:73:
37:9d:0d:a5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3M7ILKC9f4prOmrkhN+YBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjIxMTgyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE0Y2JmNTQ5ZTgzYjBiOTcyZGVhMjhmOGQwYTM0MzFlY2M2OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnkMJogPnPshxXDsRFl/gPySX9sV
yC01w4Mll/MFH6oUMX9Jjj8SCCR9MmQqi+jdzfqehMWC11cd/dir1tvQWiGu1G4X
E2KqEQo1owUXIEbfC1P1QFgea8L0wsGJxVz+KzdinAC/CiLXhF1pI3dO5KsfNRvp
8Uj/q6RoU4E38Ou3zv+4ICFo4skjzYxKnN67SrZduZ7NQQLik3dPJ+dVZSPye4nv
OdZvLB8Z0IJfTgQRtnVn8ju68ZmNKf7EUV6VSsJ6Gsef3rbGW/WqyFHQnj0t7ay8
28wykFAvw5cy1ZR8Ado+vnYJF1vIhJieohOLonCPtoUXDVZPux8Jny8pswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKMUy/VJ6DsLly3qKPjQo0MezGm9MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvb3hUTDlVbm9Pd3VYTGVvby1OQ2pReDdNYWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBPjySAwQC
PjzYAwQFPjzgAwQC1bBAAwQB1bB4MA0GCSqGSIb3DQEBCwUAA4IBAQB2ufdgX04t
2Efla4bTBJ/zAbTkQdUrcVs7vY6CRMMhjpoq95c2bn0n+1TURYw9u2SQya544VbL
laXlb9WrF24LTduJRJ/wIek6hjZkJrN0OblHkPG3JnxAZqfRw/ctUQ1fqNs5q9YB
MGhYgSkpdKWzqCeR9h03YIpQNvpt5Im6Y1zs8i/11vvwloAPIxaOihQisRSStpDZ
8NDf5z0Yiwlc0B9bZit26YJV1OV4njoBosccJ91DmQ/10gtrKo9ruoea7RNuNfrG
5i01rvylYJssZizat/EARLCpVJFNMMJZ3DP5BAM0ZkH8CdKMByMEXTPqg5l9O606
hmxNwXM3nQ2l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org