Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qYv5ieN6FRFN1c44aPy1rP-1y40.roa
File: qYv5ieN6FRFN1c44aPy1rP-1y40.roa (raw, json)
Hash identifier: dWkVqKSkp/kiJkK9ngesNCFhxXhKHaiKeTlgEwghIWE=
Subject key identifier: A9:8B:F9:89:E3:7A:15:11:4D:D5:CE:38:68:FC:B5:AC:FF:B5:CB:8D
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01858FEE642C5A1AE46006F6C0C00110DCAC
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qYv5ieN6FRFN1c44aPy1rP-1y40.roa
Signing time: Sun 08 Jan 2023 05:50:43 +0000
ROA not before: Sun 08 Jan 2023 05:50:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52209
IP address blocks: 213.176.64.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
213.176.88.0/22 maxlen: 24
213.176.20.0/22 maxlen: 24
62.60.200.0/21 maxlen: 24
62.60.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 13:28:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8f:ee:64:2c:5a:1a:e4:60:06:f6:c0:c0:01:10:dc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 8 05:50:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a98bf989e37a15114dd5ce3868fcb5acffb5cb8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:34:61:07:04:c5:35:b1:a9:fb:e4:41:d8:ad:
43:5b:ad:61:42:30:c0:38:3e:d4:30:7b:ad:aa:5d:
3b:3f:45:f4:26:1a:f3:90:7f:1e:34:fe:5d:22:3e:
33:1e:37:dc:d5:f6:86:d0:1b:f6:94:76:34:59:a6:
3c:b7:a5:24:4e:10:42:8f:c5:2b:71:e1:2a:e8:c8:
86:28:8b:13:10:d0:b0:e3:00:88:50:9c:5e:28:52:
91:a7:e9:f8:ce:8d:fa:e6:54:75:7b:c4:dc:61:a1:
d2:9c:6d:c9:8f:c9:4f:87:18:96:a6:b6:b1:a6:f3:
5c:a5:0d:b9:5a:bc:a4:68:dc:0a:0a:75:b0:0e:cf:
49:b8:11:c3:86:2e:9a:c3:8f:5b:8b:68:f5:31:e7:
45:aa:d6:b9:ee:5b:87:f4:e2:6c:d3:d9:d6:81:29:
ff:56:aa:2f:4b:03:f7:7c:95:87:49:19:86:c2:9c:
c1:76:62:09:0f:ff:8a:f4:44:15:da:8f:e4:56:a2:
49:3f:66:27:d6:71:5c:77:f3:33:1e:82:4d:b0:73:
c4:71:3f:02:1d:a4:35:88:18:b2:ce:51:58:d4:ae:
ee:b1:24:48:76:d4:2f:f4:35:03:c9:0f:f9:28:86:
25:f3:c4:ec:7a:9e:19:73:2c:63:79:c2:8b:9a:81:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8B:F9:89:E3:7A:15:11:4D:D5:CE:38:68:FC:B5:AC:FF:B5:CB:8D
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qYv5ieN6FRFN1c44aPy1rP-1y40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.200.0-62.60.211.255
62.60.220.0/22
213.176.20.0/22
213.176.64.0/22
213.176.88.0/22
Signature Algorithm: sha256WithRSAEncryption
29:9b:64:f0:03:19:d0:28:48:a3:e8:d3:70:5e:9e:10:e3:49:
59:2c:1d:b0:b1:f4:7e:5b:ee:1c:42:d0:7b:bc:c0:fc:a7:93:
20:d6:1f:73:22:32:b2:e8:56:05:93:3d:b4:c8:c0:6d:0a:3c:
99:2d:02:38:e0:0b:47:e9:c5:07:3c:4c:58:04:56:66:52:fb:
89:ce:1a:d5:2c:63:f4:5b:94:65:cb:bf:42:8b:06:7d:d0:8b:
db:6f:c6:e8:c6:2d:0d:f6:b7:a2:cb:12:f0:6d:63:25:e7:85:
fd:b4:9f:f2:14:b0:4f:0e:5b:5d:4f:d0:81:83:2f:14:03:0d:
db:3c:68:38:26:a0:0a:05:83:e6:ed:98:bf:be:7b:1a:6d:24:
95:a0:1c:30:e3:2c:ed:b7:e3:f6:24:50:4a:60:c3:d1:5e:1b:
77:73:ef:8c:cb:d7:06:46:55:44:95:98:30:45:d2:b2:a5:3e:
9a:96:60:59:bb:1f:10:7c:25:41:53:72:17:da:36:d2:8d:ec:
c3:e8:d3:76:f3:a9:55:d1:ad:4d:c3:41:3d:9d:d4:45:af:e9:
ed:3f:e8:ab:d2:3f:2b:73:3b:bc:03:be:3c:f5:3a:01:fa:81:
17:b4:f5:1d:e7:4b:0a:bf:0f:1d:e0:9c:55:07:22:cc:bb:87:
b0:93:63:75
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYWP7mQsWhrkYAb2wMABENysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTA4MDU1MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThiZjk4OWUzN2ExNTExNGRkNWNlMzg2OGZjYjVhY2ZmYjVjYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDRhBwTFNbGp++RB2K1DW61hQjDA
OD7UMHutql07P0X0JhrzkH8eNP5dIj4zHjfc1faG0Bv2lHY0WaY8t6UkThBCj8Ur
ceEq6MiGKIsTENCw4wCIUJxeKFKRp+n4zo365lR1e8TcYaHSnG3Jj8lPhxiWprax
pvNcpQ25WrykaNwKCnWwDs9JuBHDhi6aw49bi2j1MedFqta57luH9OJs09nWgSn/
VqovSwP3fJWHSRmGwpzBdmIJD/+K9EQV2o/kVqJJP2Yn1nFcd/MzHoJNsHPEcT8C
HaQ1iBiyzlFY1K7usSRIdtQv9DUDyQ/5KIYl88Tsep4ZcyxjecKLmoGQjQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKmL+YnjehURTdXOOGj8taz/tcuNMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvcVl2NWllTjZGUkZOMWM0NGFQeTFyUC0xeTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAM+PMgD
BAI+PNADBAI+PNwDBALVsBQDBALVsEADBALVsFgwDQYJKoZIhvcNAQELBQADggEB
ACmbZPADGdAoSKPo03BenhDjSVksHbCx9H5b7hxC0Hu8wPynkyDWH3MiMrLoVgWT
PbTIwG0KPJktAjjgC0fpxQc8TFgEVmZS+4nOGtUsY/RblGXLv0KLBn3Qi9tvxujG
LQ32t6LLEvBtYyXnhf20n/IUsE8OW11P0IGDLxQDDds8aDgmoAoFg+btmL++expt
JJWgHDDjLO234/YkUEpgw9FeG3dz74zL1wZGVUSVmDBF0rKlPpqWYFm7HxB8JUFT
chfaNtKN7MPo03bzqVXRrU3DQT2d1EWv6e0/6KvSPytzO7wDvjz1OgH6gRe09R3n
Swq/Dx3gnFUHIsy7h7CTY3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org