Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/su8JJM_kWeoO0mHiuL4sAy6s8UM.roa
File: su8JJM_kWeoO0mHiuL4sAy6s8UM.roa (raw, json)
Hash identifier: QK6whfZNyXE5UJ+pIiiy4vzxmtsQ1GaDb5i4ISXGups=
Subject key identifier: B2:EF:09:24:CF:E4:59:EA:0E:D2:61:E2:B8:BE:2C:03:2E:AC:F1:43
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018A5A102FB8E640EB807402063726C1CF8B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/su8JJM_kWeoO0mHiuL4sAy6s8UM.roa
Signing time: Sun 03 Sep 2023 08:02:04 +0000
ROA not before: Sun 03 Sep 2023 08:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 62.60.216.0/22 maxlen: 24
62.60.152.0/21 maxlen: 24
62.60.146.0/23 maxlen: 24
213.176.2.0/23 maxlen: 24
213.176.120.0/23 maxlen: 24
213.176.126.0/23 maxlen: 24
62.60.196.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:10:2f:b8:e6:40:eb:80:74:02:06:37:26:c1:cf:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 3 08:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2ef0924cfe459ea0ed261e2b8be2c032eacf143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f3:1c:b3:24:7c:f1:4b:77:b0:80:20:8e:8d:
b9:1a:c4:0b:2c:42:6f:1f:7c:db:9d:ab:d9:d1:71:
ff:78:4d:d9:5a:49:4d:2d:3d:a3:e1:24:bf:19:d4:
92:8d:77:89:ab:fd:d2:0f:d1:04:b1:e9:fc:c6:2a:
2f:a2:6c:71:86:af:56:4d:75:89:e9:04:f9:b0:43:
c5:5a:c6:76:fb:21:2d:c6:6a:b5:cb:ed:f9:ca:ba:
45:26:38:a0:96:0d:f9:c8:ec:6c:fd:fb:83:11:18:
9e:df:6a:d8:14:8d:35:f0:98:46:27:00:80:56:bb:
77:93:0a:f1:2d:0d:34:f8:b4:c1:95:d5:8f:c8:9f:
9a:f0:cf:d6:45:12:ff:e9:28:c5:e8:ca:5c:f6:72:
18:cc:f1:c2:2a:d7:83:47:28:42:97:30:25:54:1d:
5f:d5:d7:e5:d5:0b:42:ae:cf:b5:11:2d:fb:da:22:
7e:4a:8d:34:d5:e1:74:e9:c5:32:9a:76:0e:af:4b:
ff:b8:20:0e:f0:3c:d7:00:1c:5e:0b:54:1e:f9:35:
1c:94:f2:27:8e:e5:7d:0d:f3:e3:a5:3f:6b:a9:57:
3e:fc:8a:fd:2a:93:54:24:06:ba:ad:ff:d5:3f:ba:
f0:e2:6a:7b:c2:b3:48:0b:bc:21:42:33:16:46:9b:
51:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EF:09:24:CF:E4:59:EA:0E:D2:61:E2:B8:BE:2C:03:2E:AC:F1:43
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/su8JJM_kWeoO0mHiuL4sAy6s8UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.146.0/23
62.60.152.0/21
62.60.196.0/22
62.60.216.0/22
213.176.2.0/23
213.176.120.0/23
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
37:12:67:cb:6b:66:63:0b:a1:b9:f4:5b:1f:cc:49:0e:47:2d:
4e:fe:6d:f5:e3:c1:5d:42:da:14:44:46:06:b4:fd:98:25:f7:
00:0a:50:1a:4a:53:c3:78:90:78:24:b7:3e:24:89:c9:fb:87:
a2:7a:42:a6:da:1a:8f:27:28:0a:36:33:69:37:79:c1:e7:79:
ba:ec:d8:03:53:c0:ca:37:f4:df:f2:52:f3:31:6b:65:95:6f:
b8:82:55:7a:d0:d0:13:ae:2c:32:65:89:9f:a2:1d:0c:0d:61:
a6:6b:bc:55:6c:5f:64:82:20:30:0b:4b:78:26:28:4a:ae:b4:
96:ce:f5:e7:6f:ff:76:74:f4:70:fe:93:1a:3e:73:09:0d:f8:
c1:e1:7a:75:b3:a9:95:9d:c7:de:15:93:a2:4a:38:43:f3:c4:
24:65:86:9c:a0:a4:38:76:6c:10:de:45:aa:24:9f:e2:4c:cd:
1e:c5:db:07:0f:ca:60:ef:1b:e4:50:b7:c3:88:dd:59:a6:8b:
68:7e:20:22:7d:e7:15:ba:48:1e:d4:14:ef:db:31:d4:75:83:
0f:c5:7b:51:95:84:1f:77:c5:a3:02:f6:f0:70:74:04:98:6c:
77:b2:e3:a0:27:92:24:ac:e1:b0:0c:68:99:cf:3d:c1:7e:39:
8e:b5:b3:20
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpaEC+45kDrgHQCBjcmwc+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwOTAzMDgwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVmMDkyNGNmZTQ1OWVhMGVkMjYxZTJiOGJlMmMwMzJlYWNmMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPMcsyR88Ut3sIAgjo25GsQLLEJv
H3zbnavZ0XH/eE3ZWklNLT2j4SS/GdSSjXeJq/3SD9EEsen8xiovomxxhq9WTXWJ
6QT5sEPFWsZ2+yEtxmq1y+35yrpFJjiglg35yOxs/fuDERie32rYFI018JhGJwCA
Vrt3kwrxLQ00+LTBldWPyJ+a8M/WRRL/6SjF6Mpc9nIYzPHCKteDRyhClzAlVB1f
1dfl1QtCrs+1ES372iJ+So001eF06cUymnYOr0v/uCAO8DzXABxeC1Qe+TUclPIn
juV9DfPjpT9rqVc+/Ir9KpNUJAa6rf/VP7rw4mp7wrNIC7whQjMWRptRiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLLvCSTP5FnqDtJh4ri+LAMurPFDMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvc3U4SkpNX2tXZW9PMG1IaXVMNHNBeTZzOFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPjySAwQD
PjyYAwQCPjzEAwQCPjzYAwQB1bACAwQB1bB4AwQB1bB+MA0GCSqGSIb3DQEBCwUA
A4IBAQA3EmfLa2ZjC6G59FsfzEkORy1O/m3148FdQtoUREYGtP2YJfcAClAaSlPD
eJB4JLc+JInJ+4eiekKm2hqPJygKNjNpN3nB53m67NgDU8DKN/Tf8lLzMWtllW+4
glV60NATriwyZYmfoh0MDWGma7xVbF9kgiAwC0t4JihKrrSWzvXnb/92dPRw/pMa
PnMJDfjB4Xp1s6mVncfeFZOiSjhD88QkZYacoKQ4dmwQ3kWqJJ/iTM0exdsHD8pg
7xvkULfDiN1ZpotofiAifecVukge1BTv2zHUdYMPxXtRlYQfd8WjAvbwcHQEmGx3
suOgJ5IkrOGwDGiZzz3BfjmOtbMg
-----END CERTIFICATE-----
Generated at Wed Sep 13 06:33:01 2023 by rpki-client on console-ams.rpki-client.org