Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qSdXh9KlgXdJAQ1H7wwi2pvB42A.roa
File: qSdXh9KlgXdJAQ1H7wwi2pvB42A.roa (raw, json)
Hash identifier: 6MbejQLFQuniVh2e+0XkjBXZMU8aKh0YqO2OiUjUwR4=
Subject key identifier: A9:27:57:87:D2:A5:81:77:49:01:0D:47:EF:0C:22:DA:9B:C1:E3:60
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01919228F26124433017FD4D4D7BD0B5829B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qSdXh9KlgXdJAQ1H7wwi2pvB42A.roa
Signing time: Tue 27 Aug 2024 04:47:22 +0000
ROA not before: Tue 27 Aug 2024 04:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 62.60.152.0/22 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.240.0/22 maxlen: 24
213.176.72.0/23 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 04:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:28:f2:61:24:43:30:17:fd:4d:4d:7b:d0:b5:82:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 27 04:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9275787d2a5817749010d47ef0c22da9bc1e360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:ef:41:df:55:69:47:47:d9:6d:ab:92:d1:
fc:62:1e:d2:46:6d:81:16:ef:98:84:05:19:91:63:
19:3c:29:2e:ef:36:b3:4d:0d:39:d8:17:95:86:09:
dc:79:c4:d7:35:3d:88:0d:84:fe:0e:7b:a4:77:97:
fb:fc:66:ac:9a:3c:10:2c:7b:ec:9a:7c:0f:32:ae:
d6:97:0b:1f:f0:a3:9c:ac:bb:98:9c:d4:55:08:63:
66:03:41:d1:0d:b4:69:63:63:63:52:1a:bf:68:77:
74:d9:18:e3:02:a5:1e:60:71:0f:73:70:04:56:f4:
58:ea:64:86:30:5f:3b:15:03:85:34:ae:1e:4b:c1:
51:25:ed:1d:b7:5d:65:82:d5:88:20:63:60:7d:0f:
db:66:91:f8:45:dd:2e:6e:54:25:91:9b:c0:13:53:
f7:5c:e8:3d:cf:e0:5a:ab:3a:e0:c0:73:30:54:97:
10:04:75:36:5a:4c:28:15:3b:3c:19:dc:7f:6b:ae:
09:a4:2e:c2:34:0b:0a:ac:b5:9e:1d:a1:82:a9:24:
af:8c:83:bd:30:fb:78:4c:61:11:4e:5c:7e:f5:d0:
72:22:19:87:75:c7:f4:c3:e5:cb:21:70:fc:bf:47:
15:58:3d:fb:e2:61:7d:a3:2f:76:0e:5d:1c:82:ad:
3a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:27:57:87:D2:A5:81:77:49:01:0D:47:EF:0C:22:DA:9B:C1:E3:60
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qSdXh9KlgXdJAQ1H7wwi2pvB42A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.240.0/22
213.176.72.0/22
213.176.92.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
56:42:79:61:58:02:b1:af:45:27:6b:80:e9:62:db:e5:e1:eb:
78:ef:a1:49:5f:8d:a3:12:cd:da:f2:a3:1e:6e:84:d5:2b:af:
3b:29:8e:bf:8d:58:b4:c8:91:d8:26:76:3a:91:04:97:22:d3:
94:e6:20:d9:ac:7d:64:4f:4d:eb:f9:4c:04:d0:ab:a4:fb:28:
d3:40:44:00:7e:8a:d7:50:12:88:2d:50:9c:a5:c3:6c:89:88:
94:65:6f:0c:f5:00:ea:77:e7:3e:3d:50:c3:4c:e0:e2:f3:98:
e6:53:0a:4a:3e:67:7d:90:eb:60:fd:91:0b:16:fe:da:c4:fe:
6f:bc:53:ed:90:9a:bb:c2:1d:73:26:3b:94:46:e9:5d:38:f1:
99:13:b2:fc:b7:2a:a2:d2:b5:ea:68:97:84:5d:3e:cf:00:b9:
5c:dc:77:85:d6:7b:b2:56:a7:ef:18:aa:e4:b7:4a:55:ce:82:
25:28:18:9c:a4:ef:6b:38:3a:dc:2e:b1:0e:c2:b7:b3:5f:ef:
79:c5:21:f8:79:45:22:b3:25:64:37:d8:b7:71:eb:b9:b4:eb:
1a:73:ca:0a:e5:65:30:70:ec:27:22:4f:7a:67:f2:38:3f:7e:
fc:c6:d4:79:f8:56:35:61:39:5f:ed:b9:41:95:8f:9e:9e:ec:
5c:78:d6:2a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGSKPJhJEMwF/1NTXvQtYKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwODI3MDQ0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTI3NTc4N2QyYTU4MTc3NDkwMTBkNDdlZjBjMjJkYTliYzFlMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVvvQd9VaUdH2W2rktH8Yh7SRm2B
Fu+YhAUZkWMZPCku7zazTQ052BeVhgncecTXNT2IDYT+Dnukd5f7/GasmjwQLHvs
mnwPMq7Wlwsf8KOcrLuYnNRVCGNmA0HRDbRpY2NjUhq/aHd02RjjAqUeYHEPc3AE
VvRY6mSGMF87FQOFNK4eS8FRJe0dt11lgtWIIGNgfQ/bZpH4Rd0ublQlkZvAE1P3
XOg9z+BaqzrgwHMwVJcQBHU2WkwoFTs8Gdx/a64JpC7CNAsKrLWeHaGCqSSvjIO9
MPt4TGERTlx+9dByIhmHdcf0w+XLIXD8v0cVWD374mF9oy92Dl0cgq06gQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKknV4fSpYF3SQENR+8MItqbweNgMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvcVNkWGg5S2xnWGRKQVExSDd3d2kycHZCNDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDPjyYAwQC
PjzwAwQC1bBIAwQC1bBcAwQD1bBwMA0GCSqGSIb3DQEBCwUAA4IBAQBWQnlhWAKx
r0Una4DpYtvl4et476FJX42jEs3a8qMeboTVK687KY6/jVi0yJHYJnY6kQSXItOU
5iDZrH1kT03r+UwE0Kuk+yjTQEQAforXUBKILVCcpcNsiYiUZW8M9QDqd+c+PVDD
TODi85jmUwpKPmd9kOtg/ZELFv7axP5vvFPtkJq7wh1zJjuURuldOPGZE7L8tyqi
0rXqaJeEXT7PALlc3HeF1nuyVqfvGKrkt0pVzoIlKBicpO9rODrcLrEOwrezX+95
xSH4eUUisyVkN9i3ceu5tOsac8oK5WUwcOwnIk96Z/I4P378xtR5+FY1YTlf7blB
lY+enuxceNYq
-----END CERTIFICATE-----
Generated at Tue May 13 19:22:54 2025 by rpki-client