Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/shTymedwKM4wblgifK5YXDwE6mY.roa
File: shTymedwKM4wblgifK5YXDwE6mY.roa (raw, json)
Hash identifier: dX7y4NBoP/5f6spSsCH+ODIt1hdOZ5u6TvYLjt0uSco=
Subject key identifier: B2:14:F2:99:E7:70:28:CE:30:6E:58:22:7C:AE:58:5C:3C:04:EA:66
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018DCA54A99E411F34911B969E070351D94F
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/shTymedwKM4wblgifK5YXDwE6mY.roa
Signing time: Wed 21 Feb 2024 06:22:42 +0000
ROA not before: Wed 21 Feb 2024 06:22:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
213.176.6.0/24 maxlen: 24
213.176.126.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 13:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:54:a9:9e:41:1f:34:91:1b:96:9e:07:03:51:d9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 21 06:22:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b214f299e77028ce306e58227cae585c3c04ea66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f1:96:98:b8:cc:a4:69:8e:e8:6a:cc:c7:2c:
d3:c9:36:a5:ae:45:fd:cf:ae:3b:3c:90:f3:bc:98:
2d:f1:8e:d9:54:d4:e3:44:4e:c3:59:4b:29:ed:5e:
ca:10:de:d8:ae:c2:5a:1a:73:7c:dc:d8:2a:e8:8f:
e3:ff:e4:a1:58:ca:49:59:74:40:6c:25:17:3e:b2:
48:f8:5c:c8:2f:48:1f:20:5a:03:b2:61:df:05:90:
84:b8:c1:11:07:d8:17:da:03:ba:a1:c3:45:1d:e7:
89:98:6c:28:26:9f:84:c5:bf:61:5f:ac:64:86:64:
b0:7d:0e:38:3b:88:bf:94:40:23:22:a9:57:0f:85:
ef:ed:71:7c:bb:ca:3a:0d:62:4c:85:c6:f6:f9:49:
73:90:ce:da:4e:b0:2b:61:cb:a5:44:1b:88:99:14:
74:a6:ed:e7:ed:18:ed:52:b9:09:fc:c5:bd:f4:d6:
d7:c7:2a:95:97:f9:c5:8f:d7:66:45:f0:ca:60:0c:
33:d8:d1:1d:89:7b:e9:02:10:fe:fd:c9:8c:e2:4c:
21:f2:13:69:e3:b1:10:8c:e2:ec:c8:1c:9d:a2:54:
85:fd:49:43:41:49:45:99:9d:34:a2:9a:bc:8a:9a:
9e:cc:9f:b0:ad:90:87:28:fe:e5:75:07:c0:89:40:
ea:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:14:F2:99:E7:70:28:CE:30:6E:58:22:7C:AE:58:5C:3C:04:EA:66
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/shTymedwKM4wblgifK5YXDwE6mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.156.0/22
62.60.184.0/22
62.60.192.0/22
62.60.220.0/22
213.176.6.0/24
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
07:37:8a:9f:f4:29:94:97:d4:42:6e:fe:be:24:94:92:fe:c2:
fd:b5:8b:2e:ee:c0:19:03:89:08:30:5b:bd:ba:0f:40:c4:f8:
13:7f:54:13:0e:23:61:e4:1c:f7:8a:68:32:5a:6b:66:b3:af:
02:d4:fb:8a:67:83:ae:08:bc:09:14:ed:c5:7a:c6:55:b7:82:
d5:f8:71:bf:47:32:f3:a3:6a:58:02:39:26:75:aa:67:c6:3b:
7e:09:b1:80:f8:bf:4e:f1:7a:d4:67:84:07:2e:de:5e:dd:e8:
2b:a4:c4:49:e7:6c:65:a7:d1:b2:cd:e5:ae:bc:99:63:f8:cd:
68:4b:70:ae:9f:36:7c:56:3b:5d:13:2d:1a:1b:91:21:54:68:
98:77:28:e3:50:81:58:1e:6d:80:61:37:6d:2c:a4:72:b9:75:
7e:50:43:ac:ab:d0:2d:e0:c9:9e:2f:a5:4b:c3:66:8c:3e:90:
e1:17:3b:29:9c:1c:96:58:d4:5d:16:71:f6:1c:da:f9:38:8b:
c5:c7:f4:fa:d3:43:5a:3f:a5:cc:9d:b4:67:fb:54:7c:04:0c:
b3:f1:5a:aa:91:8b:19:74:03:4a:64:cc:b0:26:7c:24:92:00:
87:4b:25:ce:62:3c:0c:01:bd:e1:4e:e3:8d:9f:cc:e4:63:94:
cf:16:a9:a3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3KVKmeQR80kRuWngcDUdlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjIxMDYyMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE0ZjI5OWU3NzAyOGNlMzA2ZTU4MjI3Y2FlNTg1YzNjMDRlYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfGWmLjMpGmO6GrMxyzTyTalrkX9
z647PJDzvJgt8Y7ZVNTjRE7DWUsp7V7KEN7YrsJaGnN83Ngq6I/j/+ShWMpJWXRA
bCUXPrJI+FzIL0gfIFoDsmHfBZCEuMERB9gX2gO6ocNFHeeJmGwoJp+Exb9hX6xk
hmSwfQ44O4i/lEAjIqlXD4Xv7XF8u8o6DWJMhcb2+UlzkM7aTrArYculRBuImRR0
pu3n7RjtUrkJ/MW99NbXxyqVl/nFj9dmRfDKYAwz2NEdiXvpAhD+/cmM4kwh8hNp
47EQjOLsyBydolSF/UlDQUlFmZ00opq8ipqezJ+wrZCHKP7ldQfAiUDqEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLIU8pnncCjOMG5YInyuWFw8BOpmMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvc2hUeW1lZHdLTTR3YmxnaWZLNVlYRHdFNm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCPjycAwQC
Pjy4AwQCPjzAAwQCPjzcAwQA1bAGAwQB1bB+MA0GCSqGSIb3DQEBCwUAA4IBAQAH
N4qf9CmUl9RCbv6+JJSS/sL9tYsu7sAZA4kIMFu9ug9AxPgTf1QTDiNh5Bz3imgy
Wmtms68C1PuKZ4OuCLwJFO3FesZVt4LV+HG/RzLzo2pYAjkmdapnxjt+CbGA+L9O
8XrUZ4QHLt5e3egrpMRJ52xlp9GyzeWuvJlj+M1oS3CunzZ8VjtdEy0aG5EhVGiY
dyjjUIFYHm2AYTdtLKRyuXV+UEOsq9At4MmeL6VLw2aMPpDhFzspnByWWNRdFnH2
HNr5OIvFx/T600NaP6XMnbRn+1R8BAyz8VqqkYsZdANKZMywJnwkkgCHSyXOYjwM
Ab3hTuONn8zkY5TPFqmj
-----END CERTIFICATE-----
Generated at Wed Feb 21 16:51:05 2024 by rpki-client on console-fra.rpki-client.org