Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/uw2bOlq-jeQ_CNIRD3A4a7wLQc0.roa
File: uw2bOlq-jeQ_CNIRD3A4a7wLQc0.roa (raw, json)
Hash identifier: VIikSQbf9wHdNx1/gW3TbJvk6mFQoRpETmOkSXf1brg=
Subject key identifier: BB:0D:9B:3A:5A:BE:8D:E4:3F:08:D2:11:0F:70:38:6B:BC:0B:41:CD
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01879ED88095F5A43CBF42C08DDACDE55E25
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/uw2bOlq-jeQ_CNIRD3A4a7wLQc0.roa
Signing time: Thu 20 Apr 2023 13:26:41 +0000
ROA not before: Thu 20 Apr 2023 13:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 62.60.220.0/22 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.204.0/22 maxlen: 24
62.60.200.0/21 maxlen: 24
62.60.208.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:d8:80:95:f5:a4:3c:bf:42:c0:8d:da:cd:e5:5e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Apr 20 13:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb0d9b3a5abe8de43f08d2110f70386bbc0b41cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:e7:fd:1c:72:18:69:6a:c5:a2:95:c2:1c:
33:d9:c3:50:13:fd:80:02:49:90:32:31:d5:a9:03:
14:51:c6:05:79:1d:a8:f4:e5:ab:49:7e:ea:73:36:
d2:a8:76:ca:7d:59:71:2d:66:83:33:2f:52:f2:b2:
5f:b5:06:29:62:68:65:7e:ab:da:1d:ba:89:15:90:
8e:eb:43:59:5c:20:18:ac:77:e0:61:54:d1:da:71:
9f:d3:f2:0d:39:bf:40:ee:8f:6a:f4:6b:50:e5:af:
86:64:e6:3a:ad:d6:bc:aa:bc:bd:5a:33:6a:f2:d2:
0f:11:f2:83:bb:e9:ec:f3:d4:8b:7c:38:84:4b:63:
32:3c:d0:51:fd:5c:e0:d6:7e:4e:28:b8:2f:cb:be:
a7:6f:73:ee:c4:19:a6:c3:46:e7:80:38:ae:8b:84:
a9:56:f2:64:e2:50:43:84:a7:82:2c:22:0e:e9:87:
69:6a:5f:aa:2e:a9:06:14:32:61:75:43:3a:19:0f:
e0:03:f9:15:b9:e8:ac:b1:8f:65:60:8d:14:8a:ee:
ef:fb:2f:a8:bc:9e:23:d3:95:1f:92:7e:e4:9d:33:
1f:0f:3e:e7:87:23:b9:55:41:16:90:c9:bf:bf:b2:
71:9e:ae:b0:8c:23:e3:b3:54:6a:a5:a5:e7:f3:4f:
15:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0D:9B:3A:5A:BE:8D:E4:3F:08:D2:11:0F:70:38:6B:BC:0B:41:CD
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/uw2bOlq-jeQ_CNIRD3A4a7wLQc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.172.0/22
62.60.200.0-62.60.211.255
62.60.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:79:23:ac:6d:5c:e2:11:e1:34:15:fd:11:80:1b:81:6b:35:
c1:09:6b:07:07:75:17:24:53:b4:68:3f:9b:ad:24:76:02:c8:
11:12:42:11:15:66:c6:7b:ba:36:17:ae:1f:21:8f:e1:73:0c:
d7:0e:50:31:23:df:e4:06:53:48:66:5d:62:08:0c:2a:70:70:
e5:4a:d1:4e:3a:8d:d9:60:cf:57:04:4f:f1:d4:2c:87:72:fd:
6b:cd:06:9b:d2:1c:ae:ca:d7:ff:db:c7:f7:2c:42:c6:d7:09:
fc:9e:05:bd:3a:88:f3:08:74:d4:e1:40:28:2d:1f:a5:96:75:
3f:2c:90:87:ac:63:db:6d:3a:18:85:84:63:4d:45:81:82:d8:
64:b4:f2:2f:89:55:1b:6c:57:32:d4:1e:f4:b6:44:7e:0e:c2:
89:e2:47:4e:f6:97:3e:57:62:02:98:75:a0:fb:c2:84:b4:8f:
a0:2a:f5:2c:26:a2:44:5e:c1:03:a3:fa:49:68:98:11:ff:96:
c1:7d:ee:21:b7:e6:bc:50:37:51:7d:48:61:03:ce:fb:ea:89:
9d:06:04:db:f4:95:37:01:09:fd:41:cb:53:9c:e3:35:3b:50:
07:eb:53:74:3c:fa:d4:1b:bb:ee:e9:07:e4:a2:ed:71:23:e7:
a9:4e:34:6b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYee2ICV9aQ8v0LAjdrN5V4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNDIwMTMyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBkOWIzYTVhYmU4ZGU0M2YwOGQyMTEwZjcwMzg2YmJjMGI0MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZHn/RxyGGlqxaKVwhwz2cNQE/2A
AkmQMjHVqQMUUcYFeR2o9OWrSX7qczbSqHbKfVlxLWaDMy9S8rJftQYpYmhlfqva
HbqJFZCO60NZXCAYrHfgYVTR2nGf0/INOb9A7o9q9GtQ5a+GZOY6rda8qry9WjNq
8tIPEfKDu+ns89SLfDiES2MyPNBR/Vzg1n5OKLgvy76nb3PuxBmmw0bngDiui4Sp
VvJk4lBDhKeCLCIO6Ydpal+qLqkGFDJhdUM6GQ/gA/kVueissY9lYI0Uiu7v+y+o
vJ4j05Ufkn7knTMfDz7nhyO5VUEWkMm/v7Jxnq6wjCPjs1RqpaXn808VLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLsNmzpavo3kPwjSEQ9wOGu8C0HNMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvdXcyYk9scS1qZVFfQ05JUkQzQTRhN3dMUWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCPjysMAwD
BAM+PMgDBAI+PNADBAI+PNwwDQYJKoZIhvcNAQELBQADggEBAAt5I6xtXOIR4TQV
/RGAG4FrNcEJawcHdRckU7RoP5utJHYCyBESQhEVZsZ7ujYXrh8hj+FzDNcOUDEj
3+QGU0hmXWIIDCpwcOVK0U46jdlgz1cET/HULIdy/WvNBpvSHK7K1//bx/csQsbX
CfyeBb06iPMIdNThQCgtH6WWdT8skIesY9ttOhiFhGNNRYGC2GS08i+JVRtsVzLU
HvS2RH4OwoniR072lz5XYgKYdaD7woS0j6Aq9SwmokRewQOj+klomBH/lsF97iG3
5rxQN1F9SGEDzvvqiZ0GBNv0lTcBCf1By1Oc4zU7UAfrU3Q8+tQbu+7pB+Si7XEj
56lONGs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-ams.rpki-client.org