Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Q73PeF-dlpamuYQ3-RIoRUCm9Q.roa
File: 0Q73PeF-dlpamuYQ3-RIoRUCm9Q.roa (raw, json)
Hash identifier: XmiH4CEVHYKEt+jB2eW/A0NdRyHAoZ4NGuv0oS3TBJQ=
Subject key identifier: D1:0E:F7:3D:E1:7E:76:5A:5A:9A:E6:10:DF:E4:48:A1:15:02:9B:D4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018586CB3927F6DEF9F326415A44CB5A6DA2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Q73PeF-dlpamuYQ3-RIoRUCm9Q.roa
Signing time: Fri 06 Jan 2023 11:15:43 +0000
ROA not before: Fri 06 Jan 2023 11:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:cb:39:27:f6:de:f9:f3:26:41:5a:44:cb:5a:6d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 6 11:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d10ef73de17e765a5a9ae610dfe448a115029bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:89:92:16:c8:bb:71:d3:d9:b5:9e:b1:ff:a1:
ee:cc:63:6e:b3:a7:09:02:1a:91:a1:e3:f5:c2:3d:
37:3f:b5:23:fe:34:d8:47:83:3a:3c:2f:ee:ed:9f:
2c:db:33:2c:35:56:77:6a:9f:70:20:25:a3:be:01:
3e:db:3e:69:61:b6:fe:57:6c:99:73:37:07:04:74:
9e:7c:b2:fb:e8:65:92:7a:0a:82:20:a7:25:66:39:
18:40:98:90:7b:62:ef:50:6e:6e:01:36:48:ff:83:
27:9d:3d:bc:0b:68:c2:89:f9:9f:5d:33:17:4f:38:
f3:f6:52:a8:2b:05:5c:42:87:76:a5:b0:93:70:dc:
92:e4:18:50:fd:00:b5:d1:04:84:d9:ca:da:e7:e6:
b9:27:fd:be:7f:95:a2:59:a1:4d:09:9a:10:1d:ca:
a3:e7:b9:f0:b9:fb:e3:14:0d:ac:fd:b0:cf:02:d5:
25:e8:8b:fc:5c:35:eb:06:8e:fd:08:70:90:2d:5f:
fa:77:2f:8e:bf:f8:23:36:47:f7:96:14:f9:08:4f:
0f:63:76:32:34:9f:12:d1:98:70:e3:ca:cf:21:ea:
fa:4e:90:10:ea:17:1f:b1:ba:14:3f:24:e6:15:69:
55:88:f6:ec:fd:dd:de:c3:06:a0:c3:51:4a:5d:5c:
47:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0E:F7:3D:E1:7E:76:5A:5A:9A:E6:10:DF:E4:48:A1:15:02:9B:D4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Q73PeF-dlpamuYQ3-RIoRUCm9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.41.0/24
193.124.45.0/24
193.124.125.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/23
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.6.0/24
194.87.24.0/22
194.87.36.0/24
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.190.0/24
194.87.198.0-194.87.200.255
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.30.0/24
212.192.222.0/24
212.193.0.0/24
212.193.8.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
39:04:19:fc:ba:8e:16:b0:fe:3f:98:c7:06:cc:40:bb:5a:69:
1c:82:d0:06:8d:62:d3:70:e3:5b:9d:59:8a:f4:c9:33:51:0c:
3c:91:5d:5a:53:ed:e0:b5:1e:12:6e:c7:b5:22:e7:00:e6:cd:
c7:8d:ea:f9:79:02:12:e1:63:19:ad:c6:c4:81:cd:4a:5b:29:
4d:45:7d:fc:ff:ee:68:19:45:a6:91:4a:66:58:1c:8e:5e:6b:
ab:31:a8:69:bb:7d:fc:f3:b4:69:1e:39:8b:f0:b4:6d:3e:7d:
20:be:8e:74:12:80:3f:37:f4:55:70:a0:48:7e:67:52:35:82:
4c:e6:24:9f:9a:69:db:d9:57:85:97:2c:91:63:41:a2:f3:ca:
00:5a:17:dc:d1:61:97:65:e3:ec:65:c8:30:a5:68:94:76:2e:
fc:b9:57:27:54:c4:9e:d4:3a:ac:c4:43:6a:66:28:e8:3a:a0:
1f:f0:35:b0:33:74:f8:f3:24:b7:e2:5c:0b:59:b7:09:f7:1d:
e1:f2:0f:f4:47:a0:2d:54:1a:b2:4c:99:63:d2:b4:61:6e:e6:
b1:28:d9:b3:61:0a:39:f9:e5:39:23:1c:32:71:1e:6b:d6:74:
6a:eb:da:59:d2:c6:f3:23:ef:07:07:3a:86:38:69:39:ab:57:
30:b0:42:2e
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAYWGyzkn9t758yZBWkTLWm2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA2MTExNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBlZjczZGUxN2U3NjVhNWE5YWU2MTBkZmU0NDhhMTE1MDI5YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnImSFsi7cdPZtZ6x/6HuzGNus6cJ
AhqRoeP1wj03P7Uj/jTYR4M6PC/u7Z8s2zMsNVZ3ap9wICWjvgE+2z5pYbb+V2yZ
czcHBHSefLL76GWSegqCIKclZjkYQJiQe2LvUG5uATZI/4MnnT28C2jCifmfXTMX
Tzjz9lKoKwVcQod2pbCTcNyS5BhQ/QC10QSE2cra5+a5J/2+f5WiWaFNCZoQHcqj
57nwufvjFA2s/bDPAtUl6Iv8XDXrBo79CHCQLV/6dy+Ov/gjNkf3lhT5CE8PY3Yy
NJ8S0Zhw48rPIer6TpAQ6hcfsboUPyTmFWlViPbs/d3ewwagw1FKXVxH8QIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFNEO9z3hfnZaWprmEN/kSKEVApvUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMFE3M1BlRi1kbHBhbXVZUTMtUklvUlVDbTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCCAXIEAgABMIIB
agMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8EgMEAMF8KQMEAMF8LQMEAMF8fQMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8
zwMEAcI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcGAwQCwlcYAwQA
wlckAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwld0AwQAwld2AwQAwld7AwQA
wleIAwQBwleKAwQAwleVAwQAwlejAwQAwlelMAwDBADCV6sDBADCV6wDBADCV7AD
BADCV74wDAMEAcJXxgMEAMJXyAMEAcJX0AMEAcJX3gMEAMJX6QMEAMM6MjAMAwQC
wzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VeAwQAw4XDAwQB1MAAAwQA1MAKAwQA
1MAeAwQA1MDeAwQA1MEAAwQA1MEIAwQA1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQA5
BBn8uo4WsP4/mMcGzEC7WmkcgtAGjWLTcONbnVmK9MkzUQw8kV1aU+3gtR4Sbse1
IucA5s3Hjer5eQIS4WMZrcbEgc1KWylNRX38/+5oGUWmkUpmWByOXmurMahpu338
87RpHjmL8LRtPn0gvo50EoA/N/RVcKBIfmdSNYJM5iSfmmnb2VeFlyyRY0Gi88oA
Whfc0WGXZePsZcgwpWiUdi78uVcnVMSe1DqsxENqZijoOqAf8DWwM3T48yS34lwL
WbcJ9x3h8g/0R6AtVBqyTJlj0rRhbuaxKNmzYQo5+eU5IxwycR5r1nRq69pZ0sbz
I+8HBzqGOGk5q1cwsEIu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:53 2023 by rpki-client on console-fra.rpki-client.org