Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/upgFizuOw35766iQN7HN-Tf9HQU.roa
File: upgFizuOw35766iQN7HN-Tf9HQU.roa (raw, json)
Hash identifier: veicUYdPA4OdO2x69dG+UEW0+iYMRBH2d88rZ8uD7ts=
Subject key identifier: BA:98:05:8B:3B:8E:C3:7E:7B:EB:A8:90:37:B1:CD:F9:37:FD:1D:05
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01901ADBDB999D407CCCE61B1298AC23BFF3
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/upgFizuOw35766iQN7HN-Tf9HQU.roa
Signing time: Sat 15 Jun 2024 07:45:34 +0000
ROA not before: Sat 15 Jun 2024 07:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.220.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 06:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1a:db:db:99:9d:40:7c:cc:e6:1b:12:98:ac:23:bf:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 15 07:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba98058b3b8ec37e7beba89037b1cdf937fd1d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:32:ef:73:70:de:c6:df:ab:04:c9:36:db:
4a:f4:73:99:de:5d:40:39:17:30:3a:b1:6c:c6:49:
86:41:bd:e0:7c:1c:b0:44:11:e6:69:ee:83:5f:46:
33:e5:a8:3e:5a:8e:65:13:8e:15:1d:21:5f:28:3a:
a4:06:e4:9b:26:00:87:c0:fa:1a:8d:77:19:f8:03:
45:46:7c:bf:c1:ab:a7:70:5e:8b:73:65:5c:12:bd:
cd:14:8a:f6:f1:e3:db:87:0b:36:71:8d:9d:71:a8:
96:81:13:5f:a7:27:6b:cf:dc:b6:65:86:79:55:e5:
0e:1f:0d:c2:b6:2f:aa:b3:38:b5:b3:f2:cb:c4:90:
b5:e6:5d:b7:a3:b4:ff:d5:44:27:fd:36:8c:fd:77:
69:b3:a8:72:28:0e:89:c2:3b:57:f0:6c:21:b8:ae:
2f:0e:ea:22:c7:1a:3a:d1:5a:72:d9:17:cb:90:3b:
53:d6:b0:a5:59:dc:05:49:63:99:3c:fb:01:5f:c1:
5b:64:a2:6b:1e:2b:47:cf:01:c0:62:2c:14:4f:7f:
5b:72:3d:46:34:41:72:6b:ef:45:bf:df:7c:9e:7e:
29:29:d1:c8:f2:16:46:fc:37:ce:58:7f:cb:3d:bc:
a0:d0:64:22:28:e9:d6:7c:cb:60:28:e3:7c:dc:a3:
b8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:98:05:8B:3B:8E:C3:7E:7B:EB:A8:90:37:B1:CD:F9:37:FD:1D:05
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/upgFizuOw35766iQN7HN-Tf9HQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.184.0/22
62.60.192.0/22
62.60.220.0/22
213.176.64.0/22
213.176.92.0/22
Signature Algorithm: sha256WithRSAEncryption
61:92:0a:34:eb:cb:91:e3:42:fe:e4:88:ff:b8:66:7a:53:0f:
0c:1b:e6:23:b8:33:17:8c:c8:ee:f6:3a:51:c8:2c:dc:d3:71:
96:14:5d:29:ed:89:75:fd:40:e0:80:7e:ce:cc:2d:a4:47:2e:
ba:6e:34:0b:51:5f:5f:2e:79:de:4d:f1:f3:a5:e5:3a:70:3e:
fb:e0:fd:ee:83:40:7a:61:b8:9b:56:a5:e0:db:74:3d:25:db:
d1:01:61:fd:4d:97:37:96:80:5e:d5:eb:8d:0d:f9:5b:76:36:
91:e9:5f:3b:3d:b0:58:44:27:cb:bb:66:f9:ce:2d:6c:9c:3b:
bc:09:c6:00:03:a6:91:0d:90:b6:34:a5:69:93:86:69:21:68:
26:f6:b7:e1:85:1f:0c:7b:c2:fa:12:b1:6c:15:45:9c:eb:e4:
29:21:27:df:1e:6c:8c:c0:7b:02:d6:00:69:0c:e4:8d:69:4c:
4b:2b:6f:18:6a:75:22:08:28:d1:f9:19:6b:f3:e3:03:ac:0d:
f4:6d:f2:b8:c8:c6:67:2a:31:be:92:51:ca:3e:fe:51:82:44:
45:ff:d5:d9:60:dd:b4:27:ac:2f:4c:b3:98:4b:7e:22:5b:0a:
4a:23:c7:f8:b6:74:d2:24:7d:be:00:9c:5b:03:d8:f7:3d:2d:
7e:35:41:2c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZAa29uZnUB8zOYbEpisI7/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNjE1MDc0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk4MDU4YjNiOGVjMzdlN2JlYmE4OTAzN2IxY2RmOTM3ZmQxZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjYy73Nw3sbfqwTJNttK9HOZ3l1A
ORcwOrFsxkmGQb3gfBywRBHmae6DX0Yz5ag+Wo5lE44VHSFfKDqkBuSbJgCHwPoa
jXcZ+ANFRny/wauncF6Lc2VcEr3NFIr28ePbhws2cY2dcaiWgRNfpydrz9y2ZYZ5
VeUOHw3Cti+qszi1s/LLxJC15l23o7T/1UQn/TaM/Xdps6hyKA6JwjtX8GwhuK4v
Duoixxo60Vpy2RfLkDtT1rClWdwFSWOZPPsBX8FbZKJrHitHzwHAYiwUT39bcj1G
NEFya+9Fv998nn4pKdHI8hZG/DfOWH/LPbyg0GQiKOnWfMtgKON83KO48QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLqYBYs7jsN+e+uokDexzfk3/R0FMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvdXBnRml6dU93MzU3NjZpUU43SE4tVGY5SFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDPjyYAwQC
Pjy4AwQCPjzAAwQCPjzcAwQC1bBAAwQC1bBcMA0GCSqGSIb3DQEBCwUAA4IBAQBh
kgo068uR40L+5Ij/uGZ6Uw8MG+YjuDMXjMju9jpRyCzc03GWFF0p7Yl1/UDggH7O
zC2kRy66bjQLUV9fLnneTfHzpeU6cD774P3ug0B6YbibVqXg23Q9JdvRAWH9TZc3
loBe1euNDflbdjaR6V87PbBYRCfLu2b5zi1snDu8CcYAA6aRDZC2NKVpk4ZpIWgm
9rfhhR8Me8L6ErFsFUWc6+QpISffHmyMwHsC1gBpDOSNaUxLK28YanUiCCjR+Rlr
8+MDrA30bfK4yMZnKjG+klHKPv5RgkRF/9XZYN20J6wvTLOYS34iWwpKI8f4tnTS
JH2+AJxbA9j3PS1+NUEs
-----END CERTIFICATE-----
Generated at Tue Jun 25 12:08:04 2024 by rpki-client on console-fra.rpki-client.org