Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/xUMKfQu9OQGGsF7R--Ya3290ctM.roa
File: xUMKfQu9OQGGsF7R--Ya3290ctM.roa (raw, json)
Hash identifier: AIPfNaqJwpjBcJ7DFH7f5yg5hne6STBjv+zDwAsNZIs=
Subject key identifier: C5:43:0A:7D:0B:BD:39:01:86:B0:5E:D1:FB:E6:1A:DF:6F:74:72:D3
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0191EA2352314F0D56E2D0E4D78B39DA00C2
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/xUMKfQu9OQGGsF7R--Ya3290ctM.roa
Signing time: Fri 13 Sep 2024 06:47:48 +0000
ROA not before: Fri 13 Sep 2024 06:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.232.0/21 maxlen: 24
62.60.240.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 07:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:23:52:31:4f:0d:56:e2:d0:e4:d7:8b:39:da:00:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 13 06:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5430a7d0bbd390186b05ed1fbe61adf6f7472d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e6:cc:2f:78:e1:33:4c:12:28:74:ac:b4:f9:
5d:80:f8:da:d1:e7:d7:d6:02:e6:a6:97:13:0d:9e:
98:8d:fc:56:29:6d:b9:d5:2e:84:f3:c5:1d:d1:09:
d2:d8:d8:0f:d5:87:c6:43:6a:66:59:55:ea:6f:4a:
a5:a4:ed:61:c0:5b:da:d6:b8:3a:01:fc:ef:92:17:
36:1f:da:9d:0f:dd:3e:02:cb:6b:7e:cc:33:30:fc:
46:49:c2:72:bf:61:6e:76:d8:f1:15:96:48:44:c2:
65:b9:51:cb:3b:0b:bd:e3:9b:72:90:65:41:e6:7b:
94:42:5b:7e:1b:d5:e4:59:88:5b:6d:e1:7f:6a:bc:
69:6e:5e:f3:62:67:9a:16:13:1e:02:64:81:74:a9:
af:c7:b0:f2:c9:fd:5d:84:9c:00:05:7b:e0:eb:71:
f5:ab:81:27:08:22:01:cc:2d:e9:11:7c:de:6c:5c:
de:e7:fe:a2:6b:d8:9f:e4:f1:35:d9:c4:87:18:a7:
a2:c8:9d:8e:cd:72:f2:8a:c1:85:d1:4d:63:d4:1c:
4d:4d:53:8d:c9:5d:43:b7:dd:b3:e8:0f:0a:16:a6:
a3:a4:66:9b:d8:f7:c1:6c:ad:9c:4d:21:87:eb:18:
58:19:86:fe:9e:28:22:8a:74:43:0b:01:02:27:ea:
2c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:43:0A:7D:0B:BD:39:01:86:B0:5E:D1:FB:E6:1A:DF:6F:74:72:D3
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/xUMKfQu9OQGGsF7R--Ya3290ctM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.232.0-62.60.243.255
213.176.74.0/23
213.176.92.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
21:ab:02:05:0a:87:65:a0:25:f1:48:e4:20:75:68:21:e7:ba:
25:ad:78:70:52:1d:19:70:7e:42:d8:1a:d7:6f:ff:da:71:e8:
7b:a9:53:a1:af:cb:3f:34:d0:8a:df:08:af:ff:30:27:26:bb:
1c:af:fd:17:61:b6:99:f6:65:ca:cb:7a:9e:ea:b5:f0:d3:18:
f7:f9:1b:9a:40:d8:d5:58:bc:42:5e:f9:85:40:c9:14:b7:a5:
1a:e9:3e:43:6f:ec:61:3c:b2:1d:e6:ec:ec:54:6d:27:59:09:
9b:3d:00:35:90:c6:86:69:b6:8e:36:97:22:d0:7a:fc:dc:7e:
eb:cf:23:b8:55:d8:58:50:37:f7:44:44:72:f9:9e:49:9f:2b:
bf:92:a8:bc:c8:73:7e:0a:a9:2c:b1:b5:fa:2a:02:73:a9:98:
02:83:58:b1:f9:9f:49:3c:2c:59:7b:32:e2:43:bd:df:64:60:
e7:f4:8f:75:a9:35:61:37:8c:21:7c:eb:7e:71:dc:61:00:9f:
48:51:f4:09:21:9e:e7:f2:3b:9b:f3:e7:0a:6c:74:31:a2:22:
4c:7f:e8:b3:0b:92:8b:5a:89:7c:fb:e9:87:ce:2a:76:48:0b:
bf:22:73:07:f8:5a:8a:41:2e:e2:c7:60:55:00:f8:c6:a7:56:
16:0f:88:ce
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHqI1IxTw1W4tDk14s52gDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwOTEzMDY0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQzMGE3ZDBiYmQzOTAxODZiMDVlZDFmYmU2MWFkZjZmNzQ3MmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkObML3jhM0wSKHSstPldgPja0efX
1gLmppcTDZ6YjfxWKW251S6E88Ud0QnS2NgP1YfGQ2pmWVXqb0qlpO1hwFva1rg6
Afzvkhc2H9qdD90+AstrfswzMPxGScJyv2FudtjxFZZIRMJluVHLOwu945tykGVB
5nuUQlt+G9XkWYhbbeF/arxpbl7zYmeaFhMeAmSBdKmvx7Dyyf1dhJwABXvg63H1
q4EnCCIBzC3pEXzebFze5/6ia9if5PE12cSHGKeiyJ2OzXLyisGF0U1j1BxNTVON
yV1Dt92z6A8KFqajpGab2PfBbK2cTSGH6xhYGYb+nigiinRDCwECJ+osvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMVDCn0LvTkBhrBe0fvmGt9vdHLTMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEveFVNS2ZRdTlPUUdHc0Y3Ui0tWWEzMjkwY3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAM+POgD
BAI+PPADBAHVsEoDBALVsFwDBAPVsHAwDQYJKoZIhvcNAQELBQADggEBACGrAgUK
h2WgJfFI5CB1aCHnuiWteHBSHRlwfkLYGtdv/9px6HupU6Gvyz800IrfCK//MCcm
uxyv/Rdhtpn2ZcrLep7qtfDTGPf5G5pA2NVYvEJe+YVAyRS3pRrpPkNv7GE8sh3m
7OxUbSdZCZs9ADWQxoZpto42lyLQevzcfuvPI7hV2FhQN/dERHL5nkmfK7+SqLzI
c34KqSyxtfoqAnOpmAKDWLH5n0k8LFl7MuJDvd9kYOf0j3WpNWE3jCF8635x3GEA
n0hR9AkhnufyO5vz5wpsdDGiIkx/6LMLkotaiXz76YfOKnZIC78icwf4WopBLuLH
YFUA+ManVhYPiM4=
-----END CERTIFICATE-----
Generated at Wed Sep 25 09:41:00 2024 by rpki-client on console-fra.rpki-client.org