Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/rPzg-bvzeLGNpVrI2U0UUmu1WPg.roa
File: rPzg-bvzeLGNpVrI2U0UUmu1WPg.roa (raw, json)
Hash identifier: DZ4E5ZlCqb0GdOdhay8hld2F3qXVbBDySOXlVVDU0Wk=
Subject key identifier: AC:FC:E0:F9:BB:F3:78:B1:8D:A5:5A:C8:D9:4D:14:52:6B:B5:58:F8
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018A8D36C0469064E9FB7EA4147575864EE4
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/rPzg-bvzeLGNpVrI2U0UUmu1WPg.roa
Signing time: Wed 13 Sep 2023 06:24:50 +0000
ROA not before: Wed 13 Sep 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 62.60.216.0/22 maxlen: 24
62.60.152.0/21 maxlen: 24
62.60.146.0/23 maxlen: 24
213.176.2.0/23 maxlen: 24
213.176.6.0/24 maxlen: 24
213.176.120.0/23 maxlen: 24
213.176.126.0/23 maxlen: 24
62.60.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 04:42:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:36:c0:46:90:64:e9:fb:7e:a4:14:75:75:86:4e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 13 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acfce0f9bbf378b18da55ac8d94d14526bb558f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:34:c5:f4:9d:f6:53:d3:d7:1b:f7:e4:35:
0e:3e:89:d2:ed:aa:8b:07:2f:2f:51:2c:7f:13:d8:
c2:18:70:d6:79:4c:c8:4b:3b:24:80:f3:c8:b0:3a:
64:af:07:29:fe:66:9a:3e:3f:b7:6e:98:5c:59:0d:
df:01:75:23:a1:7d:e4:f4:f6:29:b8:d4:2a:35:2d:
c4:20:74:30:26:13:7b:51:ca:ae:b3:57:02:f0:1a:
f2:6e:de:08:5f:8b:7a:16:6a:84:55:e5:79:7b:44:
11:02:4c:1d:18:4f:0e:45:e6:32:53:ce:f1:5c:e7:
eb:9e:05:ea:30:25:f9:89:6e:f6:39:5a:6d:a9:76:
6d:7b:40:32:78:b2:b1:fe:c7:33:d7:4b:12:55:f4:
98:c6:dc:57:41:ac:0b:ff:04:4f:38:d8:9e:33:95:
aa:ce:86:cd:b0:78:3e:7b:fd:3d:40:fd:6a:c1:bc:
2a:4d:80:44:74:2f:2c:23:23:c3:1c:4b:6b:2c:c4:
a9:17:ee:43:45:af:71:7f:3b:25:c7:7e:27:8c:42:
8b:16:f5:eb:3a:c0:9d:7d:fc:1e:5c:cb:f3:ef:7e:
92:76:a5:1e:1d:fe:75:65:64:b9:79:66:c7:3d:71:
6e:38:4b:cf:c0:b0:5a:3a:73:80:04:15:f1:93:a7:
49:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FC:E0:F9:BB:F3:78:B1:8D:A5:5A:C8:D9:4D:14:52:6B:B5:58:F8
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/rPzg-bvzeLGNpVrI2U0UUmu1WPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.146.0/23
62.60.152.0/21
62.60.196.0/22
62.60.216.0/22
213.176.2.0/23
213.176.6.0/24
213.176.120.0/23
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
74:a4:a1:e2:84:39:68:19:be:41:22:8d:67:a0:04:0d:7f:19:
60:6f:25:41:6c:d7:4a:d8:e8:75:cc:90:24:5d:d2:2f:8c:c6:
5c:9d:d4:84:12:25:a2:a8:c6:99:91:07:26:40:28:78:c0:72:
53:d2:ec:ad:f6:1a:4e:65:d2:37:7a:f9:9a:e0:34:45:16:c4:
d9:74:32:47:d9:32:7c:7e:8f:97:90:ff:59:86:ee:9c:ed:09:
de:b2:f4:83:c4:86:36:a1:7d:f7:66:0c:44:b4:13:3f:72:12:
31:ce:2e:6c:68:5b:14:a1:10:39:85:81:c2:c8:14:d0:ac:42:
9f:26:d6:c1:08:ae:14:ed:78:72:74:00:04:f9:6e:b1:64:20:
cb:06:ed:27:2d:ad:32:d4:12:20:44:bb:9f:c7:ca:74:24:bb:
93:1f:8a:b4:cf:bb:58:61:ad:e5:c3:92:e6:47:2e:61:c9:b2:
93:59:a8:d5:26:74:cf:a6:70:c0:b2:1f:f0:27:4c:6d:1a:e3:
c9:1d:9c:d1:fb:72:b2:48:27:0e:41:ed:29:09:30:2d:fb:b7:
b0:78:f5:a5:e9:d4:f0:ad:21:82:e4:fc:77:99:7b:09:93:5f:
e1:e1:9a:26:4b:4c:4c:5e:52:ac:cb:40:91:50:11:47:8a:59:
d0:a0:e0:22
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYqNNsBGkGTp+36kFHV1hk7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwOTEzMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZjZTBmOWJiZjM3OGIxOGRhNTVhYzhkOTRkMTQ1MjZiYjU1OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTs0xfSd9lPT1xv35DUOPonS7aqL
By8vUSx/E9jCGHDWeUzISzskgPPIsDpkrwcp/maaPj+3bphcWQ3fAXUjoX3k9PYp
uNQqNS3EIHQwJhN7Ucqus1cC8Brybt4IX4t6FmqEVeV5e0QRAkwdGE8OReYyU87x
XOfrngXqMCX5iW72OVptqXZte0AyeLKx/scz10sSVfSYxtxXQawL/wRPONieM5Wq
zobNsHg+e/09QP1qwbwqTYBEdC8sIyPDHEtrLMSpF+5DRa9xfzslx34njEKLFvXr
OsCdffweXMvz736SdqUeHf51ZWS5eWbHPXFuOEvPwLBaOnOABBXxk6dJ1wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKz84Pm783ixjaVayNlNFFJrtVj4MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvclB6Zy1idnplTEdOcFZySTJVMFVVbXUxV1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPjySAwQD
PjyYAwQCPjzEAwQCPjzYAwQB1bACAwQA1bAGAwQB1bB4AwQB1bB+MA0GCSqGSIb3
DQEBCwUAA4IBAQB0pKHihDloGb5BIo1noAQNfxlgbyVBbNdK2Oh1zJAkXdIvjMZc
ndSEEiWiqMaZkQcmQCh4wHJT0uyt9hpOZdI3evma4DRFFsTZdDJH2TJ8fo+XkP9Z
hu6c7QnesvSDxIY2oX33ZgxEtBM/chIxzi5saFsUoRA5hYHCyBTQrEKfJtbBCK4U
7XhydAAE+W6xZCDLBu0nLa0y1BIgRLufx8p0JLuTH4q0z7tYYa3lw5LmRy5hybKT
WajVJnTPpnDAsh/wJ0xtGuPJHZzR+3KySCcOQe0pCTAt+7ewePWl6dTwrSGC5Px3
mXsJk1/h4ZomS0xMXlKsy0CRUBFHilnQoOAi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:30 2024 by rpki-client on console-ams.rpki-client.org