Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/iaAkDOZ5LjivUDagvNnjfKvd804.roa
File: iaAkDOZ5LjivUDagvNnjfKvd804.roa (raw, json)
Hash identifier: IvziLwNIP7kFlQsg5RfMzFHoXTGVPLYTJmEKD5d4QG0=
Subject key identifier: 89:A0:24:0C:E6:79:2E:38:AF:50:36:A0:BC:D9:E3:7C:AB:DD:F3:4E
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018FD28BCA606AC9B8C0532B5BD59F831F1F
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/iaAkDOZ5LjivUDagvNnjfKvd804.roa
Signing time: Sat 01 Jun 2024 06:45:27 +0000
ROA not before: Sat 01 Jun 2024 06:45:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 62.60.224.0/19 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 08:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:8b:ca:60:6a:c9:b8:c0:53:2b:5b:d5:9f:83:1f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 1 06:45:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a0240ce6792e38af5036a0bcd9e37cabddf34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:23:99:a2:cc:86:55:5f:d0:e2:82:5a:1e:
5e:c7:49:48:6f:4a:e4:85:17:bc:cd:b0:cf:72:9f:
bc:c5:93:9a:cd:7d:2f:7d:b2:63:c3:4c:b5:2a:16:
b8:5d:11:ef:f8:68:80:86:1f:69:27:a0:40:b4:91:
67:52:4f:fc:48:d5:af:7a:10:c9:3e:ab:83:6c:21:
79:f4:96:55:62:e2:85:ac:16:b2:fa:bb:15:a7:46:
0d:1e:97:4a:56:43:8f:97:86:b1:6e:2f:bb:54:6e:
6c:43:e9:c0:49:b6:7d:3d:84:48:66:dd:c7:06:ad:
69:46:4a:1c:80:fd:f7:c1:c7:a3:a0:b8:c7:c9:7c:
9f:4d:7b:b2:79:de:cd:8b:8a:5b:24:93:54:5f:ef:
a3:d5:91:70:24:82:24:f3:c2:b3:9d:34:51:17:b3:
2a:c6:da:d9:2d:9c:3b:5b:35:41:7a:8a:5f:cf:dd:
d5:d5:3f:2a:59:1e:8e:0a:d7:73:a7:6e:88:f1:91:
fb:20:db:73:87:52:d1:24:e2:53:15:2f:74:63:c3:
76:27:3d:c0:2f:a5:89:0e:8d:87:09:4c:be:58:c0:
cd:db:d6:20:87:66:d0:eb:91:f6:a3:d8:70:b3:63:
2a:d4:b2:e2:72:07:d2:16:5c:1a:db:c5:6a:9f:f3:
1c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A0:24:0C:E6:79:2E:38:AF:50:36:A0:BC:D9:E3:7C:AB:DD:F3:4E
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/iaAkDOZ5LjivUDagvNnjfKvd804.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.224.0/19
Signature Algorithm: sha256WithRSAEncryption
cb:6a:9b:04:f1:14:b0:6a:81:48:bd:c8:65:08:8f:37:f7:90:
5a:52:b7:5d:53:d8:90:5f:e0:8c:7a:9d:6f:0d:23:aa:63:7f:
e2:5b:e6:82:63:01:00:a9:c4:23:49:63:8f:f0:78:ed:62:db:
af:2c:0c:29:cf:29:0a:60:ec:d0:48:13:f4:19:67:3f:49:13:
a9:67:57:54:b2:77:9d:b7:95:84:e8:0d:fb:15:13:32:80:45:
ab:22:b3:75:51:e4:23:0c:06:71:8b:eb:9e:7e:22:3e:14:7d:
a6:56:44:55:cb:2e:ad:0c:cb:86:40:a2:8a:83:ba:2f:d5:56:
48:d5:ad:bd:89:e3:8c:d0:37:40:49:f3:9b:f9:55:e5:9e:02:
93:43:13:27:04:38:cf:ad:3f:8f:ff:44:f2:bf:db:1e:80:78:
89:9c:c0:37:fe:f2:04:97:9c:88:c8:4c:c7:1b:6b:dd:28:57:
ea:3c:44:92:4e:c4:03:f6:85:d6:07:45:77:3c:aa:d7:5b:0e:
37:42:05:cc:7d:02:c1:0e:a6:de:16:1d:ae:c9:df:e4:7e:4c:
dc:e3:18:1b:fb:77:c0:b0:85:b5:f0:e9:02:2d:b6:c1:ee:10:
f3:60:02:96:89:02:5f:20:b4:41:ed:1b:03:40:ec:2b:4e:32:
15:16:20:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/Si8pgasm4wFMrW9Wfgx8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNjAxMDY0NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWEwMjQwY2U2NzkyZTM4YWY1MDM2YTBiY2Q5ZTM3Y2FiZGRmMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfUjmaLMhlVf0OKCWh5ex0lIb0rk
hRe8zbDPcp+8xZOazX0vfbJjw0y1Kha4XRHv+GiAhh9pJ6BAtJFnUk/8SNWvehDJ
PquDbCF59JZVYuKFrBay+rsVp0YNHpdKVkOPl4axbi+7VG5sQ+nASbZ9PYRIZt3H
Bq1pRkocgP33wcejoLjHyXyfTXuyed7Ni4pbJJNUX++j1ZFwJIIk88KznTRRF7Mq
xtrZLZw7WzVBeopfz93V1T8qWR6OCtdzp26I8ZH7INtzh1LRJOJTFS90Y8N2Jz3A
L6WJDo2HCUy+WMDN29Ygh2bQ65H2o9hws2Mq1LLicgfSFlwa28Vqn/McAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImgJAzmeS44r1A2oLzZ43yr3fNOMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaWFBa0RPWjVMaml2VURhZ3ZObmpmS3ZkODA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPjzgMA0G
CSqGSIb3DQEBCwUAA4IBAQDLapsE8RSwaoFIvchlCI8395BaUrddU9iQX+CMep1v
DSOqY3/iW+aCYwEAqcQjSWOP8HjtYtuvLAwpzykKYOzQSBP0GWc/SROpZ1dUsned
t5WE6A37FRMygEWrIrN1UeQjDAZxi+uefiI+FH2mVkRVyy6tDMuGQKKKg7ov1VZI
1a29ieOM0DdASfOb+VXlngKTQxMnBDjPrT+P/0Tyv9segHiJnMA3/vIEl5yIyEzH
G2vdKFfqPESSTsQD9oXWB0V3PKrXWw43QgXMfQLBDqbeFh2uyd/kfkzc4xgb+3fA
sIW18OkCLbbB7hDzYAKWiQJfILRB7RsDQOwrTjIVFiBt
-----END CERTIFICATE-----
Generated at Fri May 9 05:31:48 2025 by rpki-client