Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/VRXiXiYtAPE0zGRFo8nt9pMbA0w.roa
File: VRXiXiYtAPE0zGRFo8nt9pMbA0w.roa (raw, json)
Hash identifier: D3D4yid0farfknwb9h4wVXewK+JNERr+VZpcRUYNJ1w=
Subject key identifier: 55:15:E2:5E:26:2D:00:F1:34:CC:64:45:A3:C9:ED:F6:93:1B:03:4C
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018F804E4BB36345A92E82C72145CAC199A8
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/VRXiXiYtAPE0zGRFo8nt9pMbA0w.roa
Signing time: Thu 16 May 2024 07:29:25 +0000
ROA not before: Thu 16 May 2024 07:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.160.0/22 maxlen: 24
213.176.0.0/24 maxlen: 24
213.176.7.0/24 maxlen: 24
213.176.64.0/23 maxlen: 24
213.176.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 May 2024 06:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:4e:4b:b3:63:45:a9:2e:82:c7:21:45:ca:c1:99:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 16 07:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5515e25e262d00f134cc6445a3c9edf6931b034c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:10:73:b4:57:6c:d6:57:21:82:cf:b2:5e:f3:
3d:5f:27:05:87:4a:60:9f:62:8a:fe:7e:b7:42:71:
84:f6:20:56:0d:c7:56:a7:31:58:a6:e0:56:8a:54:
d1:3d:8d:bf:e5:7e:59:8d:a1:4c:9f:12:0c:fd:6a:
f5:5b:bf:72:a1:16:86:5c:82:d6:ce:34:79:cf:3e:
de:84:70:43:e3:ff:66:3a:0c:1a:d2:7e:b6:ad:be:
34:ab:43:ee:1a:ae:3e:4b:b5:f2:cc:9c:76:6a:fd:
53:de:11:77:03:0a:56:cf:bd:6a:f2:2a:5b:fb:dd:
7f:ba:ac:96:53:95:48:02:74:b0:fb:b9:5a:a3:e2:
7e:5a:b1:a4:6b:78:75:e0:26:79:aa:6d:dd:35:2a:
62:9e:5b:1a:0b:0a:d4:49:1e:3d:3d:c9:26:42:8f:
86:e2:8f:08:74:b7:26:41:7f:5e:53:64:13:d3:e1:
4a:e3:4c:59:27:72:65:d3:26:78:a8:15:1b:ed:d0:
c0:9b:be:bf:f6:14:b3:fd:25:50:58:f7:f7:40:42:
38:35:a1:28:18:07:bf:86:1f:8f:c4:87:8f:9b:0f:
50:26:b7:04:f4:44:ba:80:5e:d9:9b:b7:91:36:15:
72:2a:d0:41:b6:43:a9:86:c3:f3:70:72:d6:67:b6:
9f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:15:E2:5E:26:2D:00:F1:34:CC:64:45:A3:C9:ED:F6:93:1B:03:4C
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/VRXiXiYtAPE0zGRFo8nt9pMbA0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.144.0/24
62.60.147.0/24
62.60.160.0/22
213.176.0.0/24
213.176.7.0/24
213.176.64.0/23
213.176.126.0/24
Signature Algorithm: sha256WithRSAEncryption
18:1a:a7:a1:96:cd:2d:15:fc:bd:53:3d:29:17:75:a3:0d:6c:
41:64:5e:03:a5:44:5c:c5:4d:a5:82:18:ff:01:7b:af:7c:42:
97:c6:c9:5c:38:2e:82:74:37:a4:63:03:3f:21:55:69:0c:ec:
fd:dc:ee:b0:df:ab:f6:1a:2d:6e:ec:c5:44:17:57:2d:4e:ee:
13:9d:73:6a:80:ce:60:3c:1a:05:55:07:b5:53:d1:5d:a4:dd:
e8:ca:51:f8:87:d7:13:15:26:90:73:e7:73:58:03:e1:b0:90:
e3:80:73:d6:59:83:6d:8f:b2:11:d6:08:41:be:2c:1b:39:c0:
0d:de:66:3e:1c:24:a0:97:07:25:29:c9:fb:32:32:2d:81:74:
41:e3:9c:23:b7:27:5b:e1:68:98:29:4f:fb:5c:a8:6b:ea:40:
79:67:85:e9:99:39:dd:fc:f7:b5:b3:c6:a9:f3:01:f8:72:aa:
b5:28:d8:81:8d:e0:bc:8c:09:fb:77:50:d7:47:d7:65:71:3e:
f7:8b:27:06:22:82:cf:a3:7e:31:c4:70:8d:38:68:85:21:19:
c8:6b:ed:86:c7:51:f4:8a:c1:7b:bc:86:6b:c1:2b:e8:fa:92:
27:3d:05:1b:e4:af:79:f5:0f:6a:f1:dd:bc:05:76:c2:ad:db:
6f:cb:35:7f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY+ATkuzY0WpLoLHIUXKwZmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNTE2MDcyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE1ZTI1ZTI2MmQwMGYxMzRjYzY0NDVhM2M5ZWRmNjkzMWIwMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxBztFds1lchgs+yXvM9XycFh0pg
n2KK/n63QnGE9iBWDcdWpzFYpuBWilTRPY2/5X5ZjaFMnxIM/Wr1W79yoRaGXILW
zjR5zz7ehHBD4/9mOgwa0n62rb40q0PuGq4+S7XyzJx2av1T3hF3AwpWz71q8ipb
+91/uqyWU5VIAnSw+7lao+J+WrGka3h14CZ5qm3dNSpinlsaCwrUSR49PckmQo+G
4o8IdLcmQX9eU2QT0+FK40xZJ3Jl0yZ4qBUb7dDAm76/9hSz/SVQWPf3QEI4NaEo
GAe/hh+PxIePmw9QJrcE9ES6gF7Zm7eRNhVyKtBBtkOphsPzcHLWZ7afbwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFUV4l4mLQDxNMxkRaPJ7faTGwNMMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVlJYaVhpWXRBUEUwekdSRm84bnQ5cE1iQTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPjyKAwQA
PjyQAwQAPjyTAwQCPjygAwQA1bAAAwQA1bAHAwQB1bBAAwQA1bB+MA0GCSqGSIb3
DQEBCwUAA4IBAQAYGqehls0tFfy9Uz0pF3WjDWxBZF4DpURcxU2lghj/AXuvfEKX
xslcOC6CdDekYwM/IVVpDOz93O6w36v2Gi1u7MVEF1ctTu4TnXNqgM5gPBoFVQe1
U9FdpN3oylH4h9cTFSaQc+dzWAPhsJDjgHPWWYNtj7IR1ghBviwbOcAN3mY+HCSg
lwclKcn7MjItgXRB45wjtydb4WiYKU/7XKhr6kB5Z4XpmTnd/Pe1s8ap8wH4cqq1
KNiBjeC8jAn7d1DXR9dlcT73iycGIoLPo34xxHCNOGiFIRnIa+2Gx1H0isF7vIZr
wSvo+pInPQUb5K959Q9q8d28BXbCrdtvyzV/
-----END CERTIFICATE-----
Generated at Sat May 25 09:14:52 2024 by rpki-client on console-fra.rpki-client.org