Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/TeQ27lIl8ZN2qMJJqVmN17iU_xg.roa
File: TeQ27lIl8ZN2qMJJqVmN17iU_xg.roa (raw, json)
Hash identifier: XWWVYJq/8CYUVDjoqRgVB+lvaIdawpKJcbP7HS4jwE8=
Subject key identifier: 4D:E4:36:EE:52:25:F1:93:76:A8:C2:49:A9:59:8D:D7:B8:94:FF:18
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018DCA54A97D758D4ED4F92985CB2C187599
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/TeQ27lIl8ZN2qMJJqVmN17iU_xg.roa
Signing time: Wed 21 Feb 2024 06:22:42 +0000
ROA not before: Wed 21 Feb 2024 06:22:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.160.0/22 maxlen: 24
213.176.0.0/24 maxlen: 24
213.176.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Apr 2024 08:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:54:a9:7d:75:8d:4e:d4:f9:29:85:cb:2c:18:75:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 21 06:22:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4de436ee5225f19376a8c249a9598dd7b894ff18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:81:95:97:d1:75:29:7b:71:c0:8e:1e:ce:28:
29:67:3b:3c:ed:5a:55:ac:ce:62:e0:7e:25:04:ff:
ad:70:21:6a:33:01:89:9b:38:34:3c:7e:03:be:61:
fc:8b:aa:77:83:ac:65:c4:e5:e7:e7:70:b1:a7:d4:
0f:f5:66:3c:93:4b:3a:59:8e:7e:e3:43:18:91:8e:
56:e1:24:fc:b3:69:3a:40:2d:bd:5e:a2:3b:6c:cf:
62:d5:5f:00:35:2a:b9:2b:32:cf:c7:54:be:a5:9e:
5f:92:fe:93:b2:77:9c:6b:7a:54:e6:a0:6e:93:26:
7a:0e:0b:42:2b:45:2a:2d:16:b5:82:96:b5:b7:c5:
e7:04:7b:78:88:95:d3:89:42:69:90:15:b4:c3:ff:
f4:07:e1:c7:44:3c:71:d8:55:20:58:50:95:fe:1d:
30:7d:cb:4e:57:71:1f:40:7c:91:41:4a:97:47:68:
cf:1e:2b:db:5f:27:ee:ce:16:9b:12:f8:f7:df:da:
1b:f1:f3:d1:51:36:85:06:65:fe:85:8f:79:2a:ad:
6b:f0:e9:40:05:9f:90:fc:01:3b:72:0b:84:88:a3:
94:07:3e:8c:22:cb:67:f1:dc:50:71:4e:a2:b1:36:
23:77:3d:f8:02:3f:1a:ec:07:b9:b7:86:0e:fc:9a:
d4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E4:36:EE:52:25:F1:93:76:A8:C2:49:A9:59:8D:D7:B8:94:FF:18
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/TeQ27lIl8ZN2qMJJqVmN17iU_xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.144.0/24
62.60.147.0/24
62.60.160.0/22
213.176.0.0/24
213.176.7.0/24
Signature Algorithm: sha256WithRSAEncryption
51:32:f3:d4:d7:20:3f:5d:9e:d4:94:08:bf:58:62:d7:79:a7:
6f:9b:fd:3f:ac:0c:04:d2:a1:3a:f2:04:92:cc:39:cd:8c:9f:
f4:0d:ee:ec:bc:d8:1b:4e:52:74:83:d1:53:19:d0:c1:a3:e3:
d2:a9:95:9a:18:75:32:6e:33:a1:7d:e2:65:42:c4:47:cb:ba:
3d:cb:88:57:e8:0b:a4:b8:20:4e:f2:1c:1e:5f:32:16:66:03:
e7:91:72:92:4e:5f:5f:60:06:d1:02:0d:86:80:19:3f:cb:d1:
ee:9b:2f:2f:a6:d3:5b:a8:3b:e2:91:94:26:d5:76:24:9d:eb:
06:02:24:c9:26:b7:ff:ff:48:72:15:94:9e:44:e9:76:ab:a3:
85:07:24:67:98:16:6a:a0:a5:f5:57:7d:b0:df:cf:ea:53:b7:
95:57:a5:2d:e8:3a:27:16:ad:f4:67:5e:48:c7:c3:c5:6f:99:
86:63:4e:98:18:57:33:14:a4:b2:04:72:b4:bd:80:f1:56:fe:
33:4b:64:1b:e9:93:de:40:6e:0d:2b:69:f4:7e:d1:40:fb:39:
ea:af:57:a2:5c:bb:21:25:8a:b2:1c:7b:fd:84:0e:44:9b:e1:
a7:e6:f7:f4:97:5e:55:e9:0d:ab:fc:d9:80:e4:2c:6b:40:a5:
69:06:25:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3KVKl9dY1O1PkphcssGHWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjIxMDYyMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGU0MzZlZTUyMjVmMTkzNzZhOGMyNDlhOTU5OGRkN2I4OTRmZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYGVl9F1KXtxwI4ezigpZzs87VpV
rM5i4H4lBP+tcCFqMwGJmzg0PH4DvmH8i6p3g6xlxOXn53Cxp9QP9WY8k0s6WY5+
40MYkY5W4ST8s2k6QC29XqI7bM9i1V8ANSq5KzLPx1S+pZ5fkv6Tsneca3pU5qBu
kyZ6DgtCK0UqLRa1gpa1t8XnBHt4iJXTiUJpkBW0w//0B+HHRDxx2FUgWFCV/h0w
fctOV3EfQHyRQUqXR2jPHivbXyfuzhabEvj339ob8fPRUTaFBmX+hY95Kq1r8OlA
BZ+Q/AE7cguEiKOUBz6MIstn8dxQcU6isTYjdz34Aj8a7Ae5t4YO/JrUqQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE3kNu5SJfGTdqjCSalZjde4lP8YMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVGVRMjdsSWw4Wk4ycU1KSnFWbU4xN2lVX3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPjyKAwQA
PjyQAwQAPjyTAwQCPjygAwQA1bAAAwQA1bAHMA0GCSqGSIb3DQEBCwUAA4IBAQBR
MvPU1yA/XZ7UlAi/WGLXeadvm/0/rAwE0qE68gSSzDnNjJ/0De7svNgbTlJ0g9FT
GdDBo+PSqZWaGHUybjOhfeJlQsRHy7o9y4hX6AukuCBO8hweXzIWZgPnkXKSTl9f
YAbRAg2GgBk/y9Humy8vptNbqDvikZQm1XYknesGAiTJJrf//0hyFZSeROl2q6OF
ByRnmBZqoKX1V32w38/qU7eVV6Ut6DonFq30Z15Ix8PFb5mGY06YGFczFKSyBHK0
vYDxVv4zS2Qb6ZPeQG4NK2n0ftFA+znqr1eiXLshJYqyHHv9hA5Em+Gn5vf0l15V
6Q2r/NmA5CxrQKVpBiXO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org