Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ymN3FTWwkLCIWnkNJkBT4QZDKvA.roa
File: ymN3FTWwkLCIWnkNJkBT4QZDKvA.roa (raw, json)
Hash identifier: ymDZT7X2M/WrPm70OapP6W08DReKBynRAB+0w/ylLmI=
Subject key identifier: CA:63:77:15:35:B0:90:B0:88:5A:79:0D:26:40:53:E1:06:43:2A:F0
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01884D81B14B5BE11800454189400BDE0F8B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ymN3FTWwkLCIWnkNJkBT4QZDKvA.roa
Signing time: Wed 24 May 2023 11:25:25 +0000
ROA not before: Wed 24 May 2023 11:25:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 213.176.2.0/23 maxlen: 24
62.60.164.0/22 maxlen: 24
213.176.6.0/23 maxlen: 24
213.176.120.0/23 maxlen: 24
213.176.126.0/23 maxlen: 24
62.60.188.0/22 maxlen: 24
62.60.204.0/22 maxlen: 24
62.60.200.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 May 2023 08:21:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:81:b1:4b:5b:e1:18:00:45:41:89:40:0b:de:0f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 24 11:25:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca63771535b090b0885a790d264053e106432af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:85:06:89:c8:47:32:68:8d:7e:2f:89:20:a0:
8a:0d:a7:5c:e9:1e:b8:3c:16:94:56:ec:fc:e4:c3:
40:e8:6c:f6:99:71:ef:c8:06:b1:54:2f:3c:32:a1:
f4:2f:b7:b4:3d:f3:b1:31:f3:3c:bd:95:92:24:cb:
7b:d3:43:2a:5b:f6:7e:0c:85:15:a3:24:29:19:68:
95:fd:09:9f:0b:89:e7:23:d9:ad:2f:96:06:97:ef:
32:9c:4b:1f:6a:af:aa:45:8a:92:ca:7c:10:e3:71:
f5:ea:78:eb:89:a0:65:ea:4b:ad:77:5f:f9:57:e0:
32:83:17:6a:69:fc:47:e9:60:d1:0e:52:35:19:34:
81:0b:f3:3c:7d:4c:31:af:5d:1b:8c:ed:9a:ad:20:
40:0e:b9:9a:e0:dc:e0:16:94:71:e4:59:c4:cf:42:
fd:ef:33:0d:d8:e8:38:72:ad:81:e8:98:4b:57:57:
ec:fa:2c:e5:97:06:b1:cd:59:23:04:ec:ca:2e:01:
b4:62:43:b6:0c:24:af:cb:9d:b4:ee:54:47:ed:b4:
fe:81:cc:2b:f0:75:53:1c:03:62:e5:fc:30:27:28:
da:94:c5:b9:a8:36:0d:d6:87:38:63:d1:74:44:d1:
a8:2b:4d:4c:d3:99:ea:de:fe:89:66:07:ad:bf:86:
8e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:63:77:15:35:B0:90:B0:88:5A:79:0D:26:40:53:E1:06:43:2A:F0
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ymN3FTWwkLCIWnkNJkBT4QZDKvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.164.0/22
62.60.188.0/22
62.60.200.0/21
213.176.2.0/23
213.176.6.0/23
213.176.120.0/23
213.176.126.0/23
Signature Algorithm: sha256WithRSAEncryption
86:9a:1c:31:bb:b9:7e:9a:56:1a:d1:0a:b9:85:39:a9:e3:df:
ab:29:5f:15:40:b4:52:ba:aa:14:52:23:f9:bd:07:4e:f5:95:
db:36:b3:22:d8:66:f4:b2:3d:0e:a2:1d:71:3b:a2:e4:88:b8:
e4:98:de:aa:76:6d:a2:90:e1:94:0d:b6:c4:d7:ef:b3:0a:eb:
5a:b1:f5:ee:0b:03:93:3e:80:71:c4:8a:61:f8:32:47:f0:b7:
09:f4:30:cb:5d:17:fd:dc:f9:b4:5a:a1:53:a7:06:72:a9:ba:
f2:d2:10:4c:f9:5a:32:4f:7d:a5:5a:95:35:3b:a6:cf:16:a5:
4c:74:ec:9e:92:a4:51:5a:24:de:4f:e8:a0:3f:24:28:0b:14:
5f:46:74:a3:41:e3:17:56:c1:de:ef:05:7c:25:63:4d:dc:84:
4e:14:3a:31:7e:e6:41:1b:f2:ce:d7:a2:2e:66:ee:ee:5d:a8:
d8:13:8d:8c:84:84:d4:de:4c:9e:72:0f:a4:f2:5a:d7:80:30:
43:04:a3:be:e1:ca:d2:ce:68:63:09:3f:b1:e5:ee:62:f3:cc:
68:a6:81:a2:32:cb:e5:e2:27:dc:b1:ec:24:98:00:ee:d3:e1:
a5:63:0e:d0:bc:1b:5c:e6:b6:0a:84:4e:fb:51:b3:4f:00:54:
a8:c9:19:3c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYhNgbFLW+EYAEVBiUAL3g+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNTI0MTEyNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYzNzcxNTM1YjA5MGIwODg1YTc5MGQyNjQwNTNlMTA2NDMyYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oUGichHMmiNfi+JIKCKDadc6R64
PBaUVuz85MNA6Gz2mXHvyAaxVC88MqH0L7e0PfOxMfM8vZWSJMt700MqW/Z+DIUV
oyQpGWiV/QmfC4nnI9mtL5YGl+8ynEsfaq+qRYqSynwQ43H16njriaBl6kutd1/5
V+AygxdqafxH6WDRDlI1GTSBC/M8fUwxr10bjO2arSBADrma4NzgFpRx5FnEz0L9
7zMN2Og4cq2B6JhLV1fs+izllwaxzVkjBOzKLgG0YkO2DCSvy5207lRH7bT+gcwr
8HVTHANi5fwwJyjalMW5qDYN1oc4Y9F0RNGoK01M05nq3v6JZgetv4aOvwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMpjdxU1sJCwiFp5DSZAU+EGQyrwMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEveW1OM0ZUV3drTENJV25rTkprQlQ0UVpES3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCPjykAwQC
Pjy8AwQDPjzIAwQB1bACAwQB1bAGAwQB1bB4AwQB1bB+MA0GCSqGSIb3DQEBCwUA
A4IBAQCGmhwxu7l+mlYa0Qq5hTmp49+rKV8VQLRSuqoUUiP5vQdO9ZXbNrMi2Gb0
sj0Ooh1xO6LkiLjkmN6qdm2ikOGUDbbE1++zCutasfXuCwOTPoBxxIph+DJH8LcJ
9DDLXRf93Pm0WqFTpwZyqbry0hBM+VoyT32lWpU1O6bPFqVMdOyekqRRWiTeT+ig
PyQoCxRfRnSjQeMXVsHe7wV8JWNN3IROFDoxfuZBG/LO16IuZu7uXajYE42MhITU
3kyecg+k8lrXgDBDBKO+4crSzmhjCT+x5e5i88xopoGiMsvl4ifcsewkmADu0+Gl
Yw7QvBtc5rYKhE77UbNPAFSoyRk8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:30 2024 by rpki-client on console-ams.rpki-client.org