Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/35SlO7iKta5w6aNgsAU1DGtf-_M.roa
File: 35SlO7iKta5w6aNgsAU1DGtf-_M.roa (raw, json)
Hash identifier: 4zvVeigJ3rAntrfirQZ1Ivd6c9RqxgvbpJd50gZQHq8=
Subject key identifier: DF:94:A5:3B:B8:8A:B5:AE:70:E9:A3:60:B0:05:35:0C:6B:5F:FB:F3
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018EFAA607E89BC6EC609906EA89FC9EECE2
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/35SlO7iKta5w6aNgsAU1DGtf-_M.roa
Signing time: Sat 20 Apr 2024 08:36:08 +0000
ROA not before: Sat 20 Apr 2024 08:36:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.160.0/22 maxlen: 24
213.176.0.0/24 maxlen: 24
213.176.7.0/24 maxlen: 24
213.176.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 07:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fa:a6:07:e8:9b:c6:ec:60:99:06:ea:89:fc:9e:ec:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Apr 20 08:36:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df94a53bb88ab5ae70e9a360b005350c6b5ffbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5e:9e:f4:07:b4:61:37:4a:83:a0:93:f0:9b:
13:ae:43:21:cf:0c:6d:e4:78:d8:0a:7b:b8:1a:22:
f2:ec:9b:51:d3:be:3b:ab:5e:d5:3c:8c:a1:85:a8:
93:b1:dc:ad:3b:74:57:63:80:3a:3b:eb:20:51:b7:
92:2c:62:b8:e0:34:58:83:37:98:06:88:d3:ee:29:
bc:91:54:88:ad:88:e0:36:62:dc:58:95:e6:59:19:
f8:83:89:a6:f0:24:5d:f3:23:71:29:ce:d0:55:49:
75:9a:d2:b5:6c:c7:8c:1e:79:f9:dc:12:aa:3c:02:
aa:d1:b6:87:4a:f8:c3:44:04:01:0b:8d:62:5e:94:
37:f3:00:26:6e:fa:05:38:55:3b:4a:a3:62:45:f9:
5d:98:a9:76:ff:a8:22:df:ca:7d:14:b0:c6:35:53:
85:e4:82:3f:89:f1:e9:80:a5:43:62:9a:c2:81:ac:
53:2e:5f:41:4d:76:b4:6e:d5:11:4e:6e:cf:2c:26:
48:04:27:7f:11:0a:b8:f9:10:62:39:0d:11:9e:8a:
2b:45:6e:b8:52:86:6e:07:30:7b:5b:4b:30:58:fc:
a4:b1:53:c7:ff:3f:11:59:4a:0a:40:d2:d3:7a:26:
76:6f:d5:74:80:ae:db:28:a2:b5:43:ae:19:02:1f:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:94:A5:3B:B8:8A:B5:AE:70:E9:A3:60:B0:05:35:0C:6B:5F:FB:F3
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/35SlO7iKta5w6aNgsAU1DGtf-_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.144.0/24
62.60.147.0/24
62.60.160.0/22
213.176.0.0/24
213.176.7.0/24
213.176.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a1:a6:55:7b:0f:8b:b1:d0:ac:0d:94:27:bb:7d:71:8d:06:
8d:c8:10:34:fe:7e:55:5b:52:93:16:5f:cc:d0:21:e6:44:6a:
3d:6e:56:fe:89:d9:62:14:ef:79:35:2b:11:74:43:3b:d2:e0:
52:51:7d:49:05:97:df:49:8c:37:db:2a:8b:bd:99:82:99:e1:
32:df:8e:55:a5:57:f3:e6:cf:f5:c6:75:ff:c7:56:22:c2:4b:
58:84:d8:af:b2:bd:30:ce:ee:42:da:3e:a7:0f:0c:87:5c:5d:
f2:3c:55:a1:76:f7:eb:1c:c1:7f:50:73:0c:5c:e6:4c:c8:e5:
3b:20:3e:42:3c:4b:6d:bf:11:81:c4:4c:35:b7:83:c8:dd:89:
e0:47:4d:e6:56:e0:86:fc:6c:19:45:3b:40:ba:06:01:b4:79:
77:44:93:23:a7:66:f8:f0:96:21:00:14:8f:9b:db:61:23:e4:
b7:f3:c3:7b:33:f1:d3:5b:f4:6b:ea:6d:cf:98:14:68:ac:e6:
cc:d9:fe:0e:5a:cc:29:10:da:11:46:9c:86:ba:8a:64:f2:81:
ef:9c:1c:4e:67:95:e4:19:e9:7c:34:23:98:8b:27:74:ad:80:
74:43:3b:c5:99:11:1d:63:fa:51:2a:38:bf:3d:ab:d4:bf:91:
83:38:33:bb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY76pgfom8bsYJkG6on8nuziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNDIwMDgzNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk0YTUzYmI4OGFiNWFlNzBlOWEzNjBiMDA1MzUwYzZiNWZmYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil6e9Ae0YTdKg6CT8JsTrkMhzwxt
5HjYCnu4GiLy7JtR0747q17VPIyhhaiTsdytO3RXY4A6O+sgUbeSLGK44DRYgzeY
BojT7im8kVSIrYjgNmLcWJXmWRn4g4mm8CRd8yNxKc7QVUl1mtK1bMeMHnn53BKq
PAKq0baHSvjDRAQBC41iXpQ38wAmbvoFOFU7SqNiRfldmKl2/6gi38p9FLDGNVOF
5II/ifHpgKVDYprCgaxTLl9BTXa0btURTm7PLCZIBCd/EQq4+RBiOQ0RnoorRW64
UoZuBzB7W0swWPyksVPH/z8RWUoKQNLTeiZ2b9V0gK7bKKK1Q64ZAh/aVwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN+UpTu4irWucOmjYLAFNQxrX/vzMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMzVTbE83aUt0YTV3NmFOZ3NBVTFER3RmLV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPjyKAwQA
PjyQAwQAPjyTAwQCPjygAwQA1bAAAwQA1bAHAwQA1bB+MA0GCSqGSIb3DQEBCwUA
A4IBAQB7oaZVew+LsdCsDZQnu31xjQaNyBA0/n5VW1KTFl/M0CHmRGo9blb+idli
FO95NSsRdEM70uBSUX1JBZffSYw32yqLvZmCmeEy345VpVfz5s/1xnX/x1YiwktY
hNivsr0wzu5C2j6nDwyHXF3yPFWhdvfrHMF/UHMMXOZMyOU7ID5CPEttvxGBxEw1
t4PI3YngR03mVuCG/GwZRTtAugYBtHl3RJMjp2b48JYhABSPm9thI+S388N7M/HT
W/Rr6m3PmBRorObM2f4OWswpENoRRpyGuopk8oHvnBxOZ5XkGel8NCOYiyd0rYB0
QzvFmREdY/pRKji/PavUv5GDODO7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org