Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-UEK_a3jffmJyJkBchkPRP0Y3TY.roa
File: 1-UEK_a3jffmJyJkBchkPRP0Y3TY.roa (raw, json)
Hash identifier: YXbELO2YAtiAHiS5aSIVoiZDltq2bj/UDqFCowIihqk=
Subject key identifier: F9:41:0A:FD:AD:E3:7D:F9:89:C8:99:01:72:19:0F:44:FD:18:DD:36
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01910D77DCF36DB8ECA52613BF3620374C03
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-UEK_a3jffmJyJkBchkPRP0Y3TY.roa
Signing time: Thu 01 Aug 2024 10:24:04 +0000
ROA not before: Thu 01 Aug 2024 10:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 10:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:77:dc:f3:6d:b8:ec:a5:26:13:bf:36:20:37:4c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 1 10:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9410afdade37df989c8990172190f44fd18dd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:40:01:59:a5:a5:2d:65:b2:ae:f8:1f:13:48:
bf:d4:3f:7c:a0:dc:8c:c6:1d:54:db:01:bf:62:b2:
21:b7:75:60:81:b7:8a:f7:af:62:9c:b4:9d:3a:b1:
52:cf:f4:be:43:91:a6:03:ce:d3:fc:f7:76:ba:1e:
10:6e:f5:ef:07:c1:f2:f9:e3:77:00:85:15:f6:f6:
a4:87:e0:db:53:f1:65:0c:89:7d:dc:4d:c4:c0:00:
ed:23:43:b5:6a:58:c0:6c:ce:3b:20:e9:a3:e5:4f:
11:d6:e9:1e:5b:6f:5d:6e:00:f9:75:fb:22:4b:82:
87:8d:c1:ef:07:ba:27:e9:3a:92:f8:ec:c1:f8:aa:
c3:a1:d7:5e:d7:b0:e6:76:9f:b0:7b:c6:6a:56:33:
81:9c:e4:e9:23:36:da:d1:e4:94:33:bb:64:36:64:
31:d3:f7:b3:69:69:60:c4:dc:04:bf:46:af:73:da:
89:6a:66:4c:1c:74:d8:0d:52:8f:36:a3:34:eb:e9:
93:60:e7:1f:f8:eb:74:2b:ab:29:5a:cd:d4:d0:b6:
b0:30:3c:11:22:ff:de:21:87:51:c9:77:2a:0a:ab:
6f:d7:e7:d8:76:fa:8d:ea:41:5a:e1:ca:9e:e0:cf:
5f:78:24:13:fa:73:77:f3:58:61:92:18:74:50:a2:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:41:0A:FD:AD:E3:7D:F9:89:C8:99:01:72:19:0F:44:FD:18:DD:36
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-UEK_a3jffmJyJkBchkPRP0Y3TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
185.72.8.0/24
192.124.176.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.40.0/24
194.58.68.0/24
194.87.10.0/24
194.87.39.0/24
194.87.47.0/24
194.87.189.0/24
194.87.198.0/24
194.87.227.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.221.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d7:99:da:f8:55:e5:86:e1:ba:c1:90:8f:49:56:90:3f:6b:
dc:e9:b9:01:7c:8a:59:e3:6f:6e:9a:8c:9b:60:6b:86:1d:cd:
87:66:01:40:08:4f:f1:31:7c:ce:4f:90:ed:dc:c7:f3:dd:36:
b3:17:df:ad:9f:69:77:21:cc:d6:8a:c4:e0:6d:77:39:53:c4:
ee:a8:13:2b:81:1d:01:da:e9:07:0b:aa:0f:84:9f:ef:81:de:
1c:4f:65:54:69:1b:13:63:40:5f:31:98:0c:0c:b0:fc:01:e1:
08:ca:fb:cc:28:49:2b:fc:c4:54:e1:59:e3:92:f7:5d:74:65:
94:5b:ac:1b:5e:ee:ec:b8:90:02:f3:83:2c:ff:03:c8:8c:64:
ed:6e:fa:c1:16:4a:5d:59:a6:fb:19:aa:b3:ea:c4:09:0a:ae:
12:a5:d2:80:1d:fe:60:bb:71:33:56:cd:fd:70:44:7d:d2:41:
41:4b:b4:72:51:39:1e:8c:e1:31:df:51:b4:c6:22:0b:25:6f:
71:34:09:16:ff:5a:ec:89:c4:58:b2:63:36:5c:c1:93:3d:8b:
15:17:ea:04:bb:fc:1d:22:70:5b:4c:aa:f9:c1:28:f7:1f:cd:
1d:6e:04:3e:44:f8:16:53:df:8a:17:d2:92:55:93:b7:ec:4f:
37:55:96:49
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZENd9zzbbjspSYTvzYgN0wDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODAxMTAyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQxMGFmZGFkZTM3ZGY5ODljODk5MDE3MjE5MGY0NGZkMThkZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0ABWaWlLWWyrvgfE0i/1D98oNyM
xh1U2wG/YrIht3VggbeK969inLSdOrFSz/S+Q5GmA87T/Pd2uh4QbvXvB8Hy+eN3
AIUV9vakh+DbU/FlDIl93E3EwADtI0O1aljAbM47IOmj5U8R1ukeW29dbgD5dfsi
S4KHjcHvB7on6TqS+OzB+KrDodde17Dmdp+we8ZqVjOBnOTpIzba0eSUM7tkNmQx
0/ezaWlgxNwEv0avc9qJamZMHHTYDVKPNqM06+mTYOcf+Ot0K6spWs3U0LawMDwR
Iv/eIYdRyXcqCqtv1+fYdvqN6kFa4cqe4M9feCQT+nN381hhkhh0UKKb7QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPlBCv2t4335iciZAXIZD0T9GN02MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1VRUtfYTNqZmZtSnlKa0JjaGtQUlAwWTNUWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAD5M
6gMEALlICAMEAMB8sAMEAMF8FgMEAMF8KQMEAMF8LgMEAMI6IgMEAMI6KAMEAMI6
RAMEAMJXCgMEAMJXJwMEAMJXLwMEAMJXvQMEAMJXxgMEAMJX4wMEAMOFXAMEAdTA
DAMEANTADwMEANTA3QMEANTBAjANBgkqhkiG9w0BAQsFAAOCAQEASdeZ2vhV5Ybh
usGQj0lWkD9r3Om5AXyKWeNvbpqMm2Brhh3Nh2YBQAhP8TF8zk+Q7dzH8902sxff
rZ9pdyHM1orE4G13OVPE7qgTK4EdAdrpBwuqD4Sf74HeHE9lVGkbE2NAXzGYDAyw
/AHhCMr7zChJK/zEVOFZ45L3XXRllFusG17u7LiQAvODLP8DyIxk7W76wRZKXVmm
+xmqs+rECQquEqXSgB3+YLtxM1bN/XBEfdJBQUu0clE5HozhMd9RtMYiCyVvcTQJ
Fv9a7InEWLJjNlzBkz2LFRfqBLv8HSJwW0yq+cEo9x/NHW4EPkT4FlPfihfSklWT
t+xPN1WWSQ==
-----END CERTIFICATE-----
Generated at Fri Aug 2 14:56:25 2024 by rpki-client on console-ams.rpki-client.org