Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XmLukldJdCWFUbdgIW5mNsL7nc0.roa
File: XmLukldJdCWFUbdgIW5mNsL7nc0.roa (raw, json)
Hash identifier: lS4MK2gYce55cLggrmnQ1CEOikMB5ag/DKd0QIi1LF0=
Subject key identifier: 5E:62:EE:92:57:49:74:25:85:51:B7:60:21:6E:66:36:C2:FB:9D:CD
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01916439EA4ED8C5B0FED9D5FA3C8E62AC05
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XmLukldJdCWFUbdgIW5mNsL7nc0.roa
Signing time: Sun 18 Aug 2024 06:43:22 +0000
ROA not before: Sun 18 Aug 2024 06:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214922
IP address blocks: 62.60.192.0/24 maxlen: 24
62.60.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 07:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:64:39:ea:4e:d8:c5:b0:fe:d9:d5:fa:3c:8e:62:ac:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 18 06:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e62ee92574974258551b760216e6636c2fb9dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8f:d1:8d:ce:bd:a7:8f:a6:a6:df:65:42:e1:
9d:1d:cc:4b:6c:f7:fb:3e:bb:51:d2:5c:a3:77:4c:
b8:9a:72:6e:24:65:e3:95:cd:c7:00:25:40:42:bc:
55:fb:55:e1:1d:a3:1b:85:f0:fd:ae:59:75:24:76:
32:ea:2d:ee:1b:d2:65:7e:9c:5d:16:e5:27:61:cf:
49:72:b3:5c:46:63:bd:57:81:bb:5f:dd:f1:1c:38:
58:5d:05:6d:f4:1b:fa:d5:49:35:6a:1c:92:f5:1c:
93:47:96:f5:05:c1:58:dc:13:2d:3b:f5:e4:38:1d:
51:ff:3a:25:53:15:59:61:20:97:5b:f2:12:5e:28:
ec:d1:cc:6b:7b:31:c6:bb:a5:ae:45:ea:31:d0:42:
c6:33:f5:79:f9:dc:34:1a:8f:0e:9b:d9:96:f7:e2:
80:cf:70:70:1a:66:c6:5c:56:2b:93:68:d9:35:65:
71:5e:b6:2d:1a:fe:fd:4b:cb:89:42:0d:9e:60:58:
6e:b0:fc:f8:7f:00:51:08:a2:3e:bc:00:19:e4:2c:
0b:ab:21:81:9b:7e:ee:2a:22:11:d7:ab:ae:ed:44:
74:6c:96:f7:8d:50:cc:dc:04:62:13:76:22:0b:56:
4b:eb:fc:1b:08:22:99:f1:b9:17:7f:5e:06:91:6c:
9e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:62:EE:92:57:49:74:25:85:51:B7:60:21:6E:66:36:C2:FB:9D:CD
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XmLukldJdCWFUbdgIW5mNsL7nc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.192.0/24
62.60.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:40:f2:f4:a4:c7:cc:ad:93:6c:c8:7b:27:ff:9e:f7:57:02:
ae:87:04:81:3b:19:0b:a7:7b:db:e5:27:2c:a9:4d:85:39:64:
e2:e1:7b:c7:30:e4:09:7c:82:7a:7a:85:7e:78:26:fc:0e:ab:
bd:c8:fd:98:46:ce:21:16:84:db:ea:19:00:7b:6a:91:cb:4c:
fd:6e:c1:cf:0d:ca:8c:83:0d:9d:57:0d:a4:d0:ae:7d:82:ec:
d6:e8:ba:33:04:7d:9b:3c:e6:18:b8:69:20:83:a0:45:97:a1:
ef:f7:e6:ca:8c:7c:8f:f3:cf:cb:fe:06:ec:85:81:4c:e2:b6:
e6:48:e5:03:bb:29:38:d3:ea:f5:08:3d:51:39:83:b2:d1:9d:
a9:93:7c:0b:f2:bc:3a:f2:49:5e:11:87:7f:21:91:2a:52:e1:
00:36:2d:74:99:a0:4d:70:cd:94:bf:2e:06:cf:ee:40:2a:ae:
dd:cb:96:ac:78:a7:52:68:2e:54:38:53:80:74:fc:e5:6b:aa:
09:5b:fa:b8:90:5a:15:9f:c1:d7:43:86:13:f5:c3:ab:fa:92:
2e:eb:19:f7:a5:72:bd:74:57:91:02:4b:b0:47:8c:16:8b:4d:
19:30:dc:6e:ac:59:fc:48:6d:12:4a:ee:30:54:b2:40:fa:a7:
89:23:ab:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFkOepO2MWw/tnV+jyOYqwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwODE4MDY0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTYyZWU5MjU3NDk3NDI1ODU1MWI3NjAyMTZlNjYzNmMyZmI5ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I/Rjc69p4+mpt9lQuGdHcxLbPf7
PrtR0lyjd0y4mnJuJGXjlc3HACVAQrxV+1XhHaMbhfD9rll1JHYy6i3uG9Jlfpxd
FuUnYc9JcrNcRmO9V4G7X93xHDhYXQVt9Bv61Uk1ahyS9RyTR5b1BcFY3BMtO/Xk
OB1R/zolUxVZYSCXW/ISXijs0cxrezHGu6WuReox0ELGM/V5+dw0Go8Om9mW9+KA
z3BwGmbGXFYrk2jZNWVxXrYtGv79S8uJQg2eYFhusPz4fwBRCKI+vAAZ5CwLqyGB
m37uKiIR16uu7UR0bJb3jVDM3ARiE3YiC1ZL6/wbCCKZ8bkXf14GkWyeYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF5i7pJXSXQlhVG3YCFuZjbC+53NMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvWG1MdWtsZEpkQ1dGVWJkZ0lXNW1Oc0w3bmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPjzAAwQA
PjzcMA0GCSqGSIb3DQEBCwUAA4IBAQA9QPL0pMfMrZNsyHsn/573VwKuhwSBOxkL
p3vb5ScsqU2FOWTi4XvHMOQJfIJ6eoV+eCb8Dqu9yP2YRs4hFoTb6hkAe2qRy0z9
bsHPDcqMgw2dVw2k0K59guzW6LozBH2bPOYYuGkgg6BFl6Hv9+bKjHyP88/L/gbs
hYFM4rbmSOUDuyk40+r1CD1ROYOy0Z2pk3wL8rw68kleEYd/IZEqUuEANi10maBN
cM2Uvy4Gz+5AKq7dy5aseKdSaC5UOFOAdPzla6oJW/q4kFoVn8HXQ4YT9cOr+pIu
6xn3pXK9dFeRAkuwR4wWi00ZMNxurFn8SG0SSu4wVLJA+qeJI6sX
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:28:00 2025 by rpki-client