Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NTlqa4GiylqZX7bUU44wVfQHYm8.roa
File: NTlqa4GiylqZX7bUU44wVfQHYm8.roa (raw, json)
Hash identifier: eSuaOGN/qydrfkclf8mwL/0Gt2oNUhAymftXAjQ2AMw=
Subject key identifier: 35:39:6A:6B:81:A2:CA:5A:99:5F:B6:D4:53:8E:30:55:F4:07:62:6F
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018CD10A158CED019225D2B7849DE4C99466
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NTlqa4GiylqZX7bUU44wVfQHYm8.roa
Signing time: Wed 03 Jan 2024 20:35:48 +0000
ROA not before: Wed 03 Jan 2024 20:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.160.0/22 maxlen: 24
213.176.0.0/24 maxlen: 24
213.176.7.0/24 maxlen: 24
213.176.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 06:22:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d1:0a:15:8c:ed:01:92:25:d2:b7:84:9d:e4:c9:94:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 3 20:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35396a6b81a2ca5a995fb6d4538e3055f407626f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e1:9d:dc:52:a0:9e:12:54:08:f8:94:f6:01:
ec:17:96:ef:e8:b3:60:f0:d8:24:bb:a4:59:c0:fd:
22:22:29:c7:67:fe:60:99:f5:0b:d7:c9:09:8e:be:
50:11:b2:5e:c3:a4:1f:25:12:12:8b:44:d7:a4:51:
fb:b5:75:de:9b:6e:09:d6:81:89:1c:43:9b:9b:87:
71:62:fd:a7:ec:fa:6c:11:4c:00:dc:24:9e:a5:76:
69:de:33:94:79:10:d0:2a:12:24:af:98:fb:e7:65:
0a:a9:84:1d:af:8c:65:fa:de:bb:ca:5f:ba:d9:18:
ab:e7:ac:e6:31:3c:c3:63:37:55:75:0f:9a:0b:72:
57:9e:28:68:9d:35:84:df:6f:82:20:74:ef:40:2c:
80:03:55:d0:09:b2:8d:22:9e:79:4c:e5:08:28:f0:
0b:66:49:53:de:31:97:e5:84:d3:cd:51:06:19:b2:
97:c2:07:e7:a7:70:15:dc:1f:09:26:ff:0c:2c:ce:
06:6f:92:31:98:f2:9d:a9:49:bc:7e:1d:ad:3f:f4:
34:66:6c:a8:ce:cb:52:c8:3d:88:30:33:dc:e2:e7:
9d:d2:4b:ea:87:ce:ab:a1:ec:77:2e:94:89:a9:8a:
27:67:83:43:f8:e3:29:33:cb:eb:98:af:81:d7:43:
0a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:39:6A:6B:81:A2:CA:5A:99:5F:B6:D4:53:8E:30:55:F4:07:62:6F
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NTlqa4GiylqZX7bUU44wVfQHYm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.144.0/24
62.60.147.0/24
62.60.160.0/22
213.176.0.0/24
213.176.6.0/23
Signature Algorithm: sha256WithRSAEncryption
97:6b:d6:33:33:8b:71:55:0a:87:92:09:69:37:5e:e7:e2:94:
7c:0d:98:e8:7a:53:7f:82:1c:c1:8e:26:13:08:05:93:79:37:
c1:0c:ab:d5:43:95:66:6f:bb:7e:df:8d:68:ef:0c:b7:fe:3b:
47:2e:fb:4e:bf:08:a5:d4:39:98:3c:29:64:d8:34:ab:1e:84:
4d:3d:34:66:3a:55:db:10:a5:32:0e:1e:47:bb:9a:b3:fb:e2:
cc:3c:fe:4c:cb:01:a4:6e:13:eb:35:e8:ce:51:2a:e2:c3:b9:
13:4f:8a:85:26:92:bf:08:09:55:1b:94:79:c7:f0:8f:63:fb:
37:67:97:93:71:21:19:91:67:06:7d:7e:57:39:62:f0:8f:b4:
c9:44:69:89:e1:7a:c5:1c:0c:a6:c6:37:a9:b7:47:6f:26:c8:
fd:35:22:ee:f0:89:65:c8:fb:c7:bf:cf:f1:c2:9b:21:7c:93:
7d:c6:d6:0e:2b:7c:bd:70:2b:69:bf:5e:35:6f:c9:4c:5d:77:
28:e7:93:d4:42:fe:e9:99:59:3d:0b:ba:47:42:37:5a:6c:eb:
c6:27:47:ae:65:bb:af:0e:c8:88:83:ec:e3:d7:47:d2:46:a2:
7e:c5:1e:40:65:b7:c1:f8:4c:23:23:78:f5:fe:82:41:c5:10:
32:df:8c:6b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzRChWM7QGSJdK3hJ3kyZRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTAzMjAzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM5NmE2YjgxYTJjYTVhOTk1ZmI2ZDQ1MzhlMzA1NWY0MDc2MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOGd3FKgnhJUCPiU9gHsF5bv6LNg
8Ngku6RZwP0iIinHZ/5gmfUL18kJjr5QEbJew6QfJRISi0TXpFH7tXXem24J1oGJ
HEObm4dxYv2n7PpsEUwA3CSepXZp3jOUeRDQKhIkr5j752UKqYQdr4xl+t67yl+6
2Rir56zmMTzDYzdVdQ+aC3JXnihonTWE32+CIHTvQCyAA1XQCbKNIp55TOUIKPAL
ZklT3jGX5YTTzVEGGbKXwgfnp3AV3B8JJv8MLM4Gb5IxmPKdqUm8fh2tP/Q0Zmyo
zstSyD2IMDPc4ued0kvqh86roex3LpSJqYonZ4ND+OMpM8vrmK+B10MKrwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDU5amuBospamV+21FOOMFX0B2JvMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTlRscWE0R2l5bHFaWDdiVVU0NHdWZlFIWW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPjyKAwQA
PjyQAwQAPjyTAwQCPjygAwQA1bAAAwQB1bAGMA0GCSqGSIb3DQEBCwUAA4IBAQCX
a9YzM4txVQqHkglpN17n4pR8DZjoelN/ghzBjiYTCAWTeTfBDKvVQ5Vmb7t+341o
7wy3/jtHLvtOvwil1DmYPClk2DSrHoRNPTRmOlXbEKUyDh5Hu5qz++LMPP5MywGk
bhPrNejOUSriw7kTT4qFJpK/CAlVG5R5x/CPY/s3Z5eTcSEZkWcGfX5XOWLwj7TJ
RGmJ4XrFHAymxjept0dvJsj9NSLu8IllyPvHv8/xwpshfJN9xtYOK3y9cCtpv141
b8lMXXco55PUQv7pmVk9C7pHQjdabOvGJ0euZbuvDsiIg+zj10fSRqJ+xR5AZbfB
+EwjI3j1/oJBxRAy34xr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org