Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/INSZrj07NXp3tmexRSd1pD-0Cdg.roa
File: INSZrj07NXp3tmexRSd1pD-0Cdg.roa (raw, json)
Hash identifier: 20GngZikSqGaKkNOJPa8BQHPhBrD0A0LHVOnhyxb4dU=
Subject key identifier: 20:D4:99:AE:3D:3B:35:7A:77:B6:67:B1:45:27:75:A4:3F:B4:09:D8
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018FAE8993715EB88A47F0FF851B04203AC7
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/INSZrj07NXp3tmexRSd1pD-0Cdg.roa
Signing time: Sat 25 May 2024 06:56:42 +0000
ROA not before: Sat 25 May 2024 06:56:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.156.0/23 maxlen: 24
62.60.160.0/22 maxlen: 24
213.176.0.0/24 maxlen: 24
213.176.7.0/24 maxlen: 24
213.176.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 08:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ae:89:93:71:5e:b8:8a:47:f0:ff:85:1b:04:20:3a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 25 06:56:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20d499ae3d3b357a77b667b1452775a43fb409d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ed:4a:94:f1:b1:aa:7e:0a:3e:09:4b:aa:b5:
f6:69:d3:0d:bb:f8:ad:2a:46:4e:85:e1:b4:10:f1:
1f:82:b4:8b:0c:9c:e2:41:55:c4:b1:88:fe:81:ab:
ea:54:1c:49:83:f9:80:c4:33:f7:43:a3:b7:ca:48:
84:e6:19:04:8f:bc:54:b9:fc:3f:a9:26:72:2f:22:
cc:3d:04:b2:a1:c7:fb:dc:f1:a9:83:3c:c1:e8:83:
d7:71:ac:91:fc:4e:97:7d:ec:dc:b2:34:f6:76:f8:
52:6f:9f:ef:ea:80:57:30:fc:ec:0a:fb:e8:c5:e6:
d2:9d:8f:6f:52:1b:28:c6:ac:52:56:2f:d7:69:65:
df:f4:e7:a5:70:63:d9:f1:97:68:b0:02:ef:e6:a2:
b8:70:13:bb:e7:e0:94:a3:32:57:e4:00:cc:14:8d:
56:7f:09:33:e3:a0:b4:87:07:34:1e:6f:5b:ae:b2:
64:20:5e:de:46:cb:8d:13:ff:0c:51:b1:c1:45:fb:
92:8b:12:10:75:a8:d6:52:60:61:cb:b2:18:c0:05:
f7:4e:cd:11:03:05:17:43:09:6c:ca:1d:d7:21:d1:
3a:d4:f2:22:c8:39:b4:27:ef:3b:aa:ff:ff:40:c7:
9c:b1:8d:68:b2:74:d1:ad:2b:81:4a:a0:af:5b:d9:
bf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D4:99:AE:3D:3B:35:7A:77:B6:67:B1:45:27:75:A4:3F:B4:09:D8
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/INSZrj07NXp3tmexRSd1pD-0Cdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.144.0/24
62.60.147.0/24
62.60.156.0/23
62.60.160.0/22
213.176.0.0/24
213.176.7.0/24
213.176.126.0/24
Signature Algorithm: sha256WithRSAEncryption
00:80:7d:37:4e:50:59:94:59:19:31:1d:fd:12:e0:b7:10:e1:
12:4d:81:92:57:52:06:c6:0a:59:10:d6:01:53:ef:b4:78:37:
c6:d0:dd:b7:bc:89:8e:25:26:91:00:04:5d:12:20:cb:d5:b7:
2e:b1:a8:a6:c4:90:50:71:b8:43:48:f0:39:ab:66:00:6b:00:
4c:ca:7e:5d:35:49:ef:59:7d:df:8a:c9:58:c4:eb:e2:51:c6:
a0:1a:1d:c9:15:56:c4:df:43:b7:f2:c3:9d:a3:7e:c6:3d:52:
0a:86:85:b5:a5:4e:fd:55:8a:a6:89:f9:22:23:0a:f0:3e:34:
74:0c:c4:8b:cf:59:d7:c4:67:16:32:96:e5:2e:17:7e:c5:d1:
9c:e8:38:be:38:59:9a:3c:49:52:af:4a:9f:49:7e:e1:eb:c5:
1a:6d:25:54:af:fe:98:22:ac:ae:bf:13:ae:b8:19:d5:e5:bb:
94:8b:a4:00:a2:93:a6:23:8a:8d:0d:0c:c6:98:9e:93:2d:15:
e7:08:61:c6:b1:e4:bc:6c:ce:b2:37:47:16:f6:2c:82:75:5e:
d0:c1:27:44:b5:1c:43:27:f7:f6:8b:28:10:f8:e4:30:d6:db:
f2:18:25:6b:96:7d:2f:bf:e7:de:bb:1f:bc:ba:4a:91:47:9a:
b9:93:b4:b4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY+uiZNxXriKR/D/hRsEIDrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNTI1MDY1NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGQ0OTlhZTNkM2IzNTdhNzdiNjY3YjE0NTI3NzVhNDNmYjQwOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu1KlPGxqn4KPglLqrX2adMNu/it
KkZOheG0EPEfgrSLDJziQVXEsYj+gavqVBxJg/mAxDP3Q6O3ykiE5hkEj7xUufw/
qSZyLyLMPQSyocf73PGpgzzB6IPXcayR/E6XfezcsjT2dvhSb5/v6oBXMPzsCvvo
xebSnY9vUhsoxqxSVi/XaWXf9OelcGPZ8ZdosALv5qK4cBO75+CUozJX5ADMFI1W
fwkz46C0hwc0Hm9brrJkIF7eRsuNE/8MUbHBRfuSixIQdajWUmBhy7IYwAX3Ts0R
AwUXQwlsyh3XIdE61PIiyDm0J+87qv//QMecsY1osnTRrSuBSqCvW9m/eQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCDUma49OzV6d7ZnsUUndaQ/tAnYMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSU5TWnJqMDdOWHAzdG1leFJTZDFwRC0wQ2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPjyKAwQA
PjyQAwQAPjyTAwQBPjycAwQCPjygAwQA1bAAAwQA1bAHAwQA1bB+MA0GCSqGSIb3
DQEBCwUAA4IBAQAAgH03TlBZlFkZMR39EuC3EOESTYGSV1IGxgpZENYBU++0eDfG
0N23vImOJSaRAARdEiDL1bcusaimxJBQcbhDSPA5q2YAawBMyn5dNUnvWX3fislY
xOviUcagGh3JFVbE30O38sOdo37GPVIKhoW1pU79VYqmifkiIwrwPjR0DMSLz1nX
xGcWMpblLhd+xdGc6Di+OFmaPElSr0qfSX7h68UabSVUr/6YIqyuvxOuuBnV5buU
i6QAopOmI4qNDQzGmJ6TLRXnCGHGseS8bM6yN0cW9iyCdV7QwSdEtRxDJ/f2iygQ
+OQw1tvyGCVrln0vv+feux+8ukqRR5q5k7S0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org