Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/24wvYGXmIBFeaVSVbTkdIIuPQP4.roa
File: 24wvYGXmIBFeaVSVbTkdIIuPQP4.roa (raw, json)
Hash identifier: 2MFTIGwZ6cEVeCZ1m59iqAQTWI3TaQqQ6HWegyLNxCk=
Subject key identifier: DB:8C:2F:60:65:E6:20:11:5E:69:54:95:6D:39:1D:20:8B:8F:40:FE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01917EA4E9F83606C00AC0175E1425382B22
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/24wvYGXmIBFeaVSVbTkdIIuPQP4.roa
Signing time: Fri 23 Aug 2024 09:50:22 +0000
ROA not before: Fri 23 Aug 2024 09:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.155.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Aug 2024 11:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:a4:e9:f8:36:06:c0:0a:c0:17:5e:14:25:38:2b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 23 09:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db8c2f6065e620115e6954956d391d208b8f40fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:74:f4:aa:9a:e3:31:32:e1:8f:32:16:8c:9f:
16:bf:6f:11:bd:9d:31:0e:d1:8e:de:81:f7:23:bb:
ea:e2:66:74:57:22:e8:a6:70:be:e9:eb:5d:10:7c:
c1:3d:91:32:ca:cd:4d:1d:83:f1:7a:a9:ea:92:31:
3c:6c:ca:89:66:f1:99:0b:76:12:06:83:c3:fc:5c:
9a:6e:1f:87:3d:4a:2b:38:31:6e:39:a0:30:67:17:
eb:95:09:8e:f2:49:99:2b:cc:c5:3c:60:a4:70:da:
af:1a:6e:6a:90:30:e7:da:38:52:95:88:98:47:57:
29:df:f8:0f:73:91:a3:1e:f4:90:e2:a1:06:d1:5f:
ba:71:b7:70:33:2c:7c:0e:04:73:e5:d6:a4:1c:38:
42:43:ae:27:45:93:c2:53:76:e5:9f:e8:40:43:ca:
cc:b0:8b:4a:31:d5:dc:4a:f7:d8:62:9f:92:29:ad:
49:92:d0:90:33:a1:05:ed:ac:b1:49:10:c1:ed:90:
33:5f:2f:62:ad:bd:c2:41:91:48:34:70:07:84:91:
e4:32:86:4e:d4:57:3e:a3:cd:35:21:f9:c6:02:8d:
42:16:ab:5e:2b:a9:5b:37:ae:8a:c7:d1:0b:58:2f:
8d:b9:45:fc:02:73:d2:8f:54:43:2e:4d:2b:7b:38:
e7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8C:2F:60:65:E6:20:11:5E:69:54:95:6D:39:1D:20:8B:8F:40:FE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/24wvYGXmIBFeaVSVbTkdIIuPQP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.155.0/24
194.87.26.0/23
194.87.44.0/24
194.87.49.0/24
194.87.76.0/24
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/23
195.133.14.0/23
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.217.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
36:a0:72:e5:fe:eb:09:01:83:be:bb:19:86:8a:b4:37:2f:93:
0a:c5:2b:da:f1:00:0f:77:ec:53:f6:0c:cf:50:2e:a1:27:d7:
8c:0c:79:c5:92:42:f5:30:d4:38:b6:81:b2:91:21:95:65:88:
79:2e:eb:64:a7:8e:42:a3:5f:67:c7:75:3a:00:35:d0:2c:f4:
94:d6:cc:16:6a:63:0b:e0:44:b2:24:34:ee:c0:bc:a8:ce:f0:
95:02:20:65:82:3e:2c:92:44:1b:6b:fb:08:82:71:dd:cd:54:
74:b5:a0:f6:5d:3b:be:81:b7:b2:e0:f0:41:06:27:3e:78:77:
a3:25:4b:5f:f6:7c:d0:0d:de:51:14:e1:9f:ef:01:ea:d4:83:
da:7c:e9:69:2f:fd:f1:74:60:10:e9:9d:85:7b:3b:2a:d9:fb:
be:ee:49:1e:63:c2:9e:12:47:08:98:c7:97:e5:66:c7:a7:04:
08:20:1b:0e:58:59:b3:f0:bd:cf:e5:ea:2e:e1:8e:86:3d:55:
c3:14:6e:b7:85:b4:36:09:71:8b:33:c1:e8:e0:9a:4d:70:f7:
a1:6d:2f:4f:a6:10:7e:b6:39:34:67:8b:04:ae:88:90:20:73:
02:7b:05:fb:26:a8:ae:3b:d7:52:64:33:b9:f5:ae:55:10:39:
cb:40:b4:0f
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZF+pOn4NgbACsAXXhQlOCsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODIzMDk1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhjMmY2MDY1ZTYyMDExNWU2OTU0OTU2ZDM5MWQyMDhiOGY0MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HT0qprjMTLhjzIWjJ8Wv28RvZ0x
DtGO3oH3I7vq4mZ0VyLopnC+6etdEHzBPZEyys1NHYPxeqnqkjE8bMqJZvGZC3YS
BoPD/Fyabh+HPUorODFuOaAwZxfrlQmO8kmZK8zFPGCkcNqvGm5qkDDn2jhSlYiY
R1cp3/gPc5GjHvSQ4qEG0V+6cbdwMyx8DgRz5dakHDhCQ64nRZPCU3bln+hAQ8rM
sItKMdXcSvfYYp+SKa1JktCQM6EF7ayxSRDB7ZAzXy9irb3CQZFINHAHhJHkMoZO
1Fc+o801IfnGAo1CFqteK6lbN66Kx9ELWC+NuUX8AnPSj1RDLk0rezjnNwIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFNuML2Bl5iARXmlUlW05HSCLj0D+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMjR3dllHWG1JQkZlYVZTVmJUa2RJSXVQUVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCATgEAgABMIIB
MAMEAMI6mwMEAcJXGgMEAMJXLAMEAMJXMQMEAMJXTDAMAwQAwldTAwQAwldUAwQA
wldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YDBADCV4oDBADCV4wDBADCV48D
BADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74DBADCV8gDBADCV8oDBADCV9AD
BADCV9cDBAHCV9wDBADCV+IDBADCV/oDBADChyYDBADCh2kDBADDOiIDBAHDOiQD
BAHDhQ4DBADDhRIDBADDhRUDBADDhRkDBADDhRsDBADDhR4DBAHDhTIDBADDhT8D
BADDhUkDBADDhVEDBAHDhVwDBADDhcIDBADUwAEDBADUwNkDBADUwN8DBADUwPYD
BADUwPgDBADUwRgDBADUwR4wFAQCAAIwDgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3
DQEBCwUAA4IBAQA2oHLl/usJAYO+uxmGirQ3L5MKxSva8QAPd+xT9gzPUC6hJ9eM
DHnFkkL1MNQ4toGykSGVZYh5Lutkp45Co19nx3U6ADXQLPSU1swWamML4ESyJDTu
wLyozvCVAiBlgj4skkQba/sIgnHdzVR0taD2XTu+gbey4PBBBic+eHejJUtf9nzQ
Dd5RFOGf7wHq1IPafOlpL/3xdGAQ6Z2Fezsq2fu+7kkeY8KeEkcImMeX5WbHpwQI
IBsOWFmz8L3P5eou4Y6GPVXDFG63hbQ2CXGLM8Ho4JpNcPehbS9PphB+tjk0Z4sE
roiQIHMCewX7JqiuO9dSZDO59a5VEDnLQLQP
-----END CERTIFICATE-----
Generated at Sat Aug 24 15:46:02 2024 by rpki-client on console-fra.rpki-client.org