Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/25i_OGtkSwKepBNERzJIpbcJ2UE.roa
File: 25i_OGtkSwKepBNERzJIpbcJ2UE.roa (raw, json)
Hash identifier: VJ3UM/0MQ1Wfg56HJOw8v/ApevLadLECh5YQ9dhrvHE=
Subject key identifier: DB:98:BF:38:6B:64:4B:02:9E:A4:13:44:47:32:48:A5:B7:09:D9:41
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01915A4FB8D66637C6DBF2BBBB8C8570C9F4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/25i_OGtkSwKepBNERzJIpbcJ2UE.roa
Signing time: Fri 16 Aug 2024 08:30:59 +0000
ROA not before: Fri 16 Aug 2024 08:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.44.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Aug 2024 09:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:4f:b8:d6:66:37:c6:db:f2:bb:bb:8c:85:70:c9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 16 08:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db98bf386b644b029ea41344473248a5b709d941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:39:a4:26:84:de:a6:fd:1e:54:e0:c1:fd:
19:05:74:f0:69:38:09:94:cf:6c:c4:27:88:f7:da:
4a:4b:10:20:5b:9b:28:b8:2f:08:d7:9e:7a:03:b5:
c7:41:19:e6:26:f1:62:e0:12:f0:14:51:e9:65:a1:
a5:70:80:b8:1e:61:e7:f8:70:22:37:11:ab:bb:6f:
6e:90:1a:9e:89:f5:de:00:23:4a:f2:8e:a1:02:5a:
62:83:51:b8:05:2b:31:99:ba:b5:a3:81:6b:2b:04:
d5:48:9b:89:dc:a9:a6:11:be:3c:fc:7e:5d:80:77:
25:ff:be:45:54:52:4d:98:cf:54:a6:7b:44:03:bc:
ac:79:d2:98:fb:69:6a:97:0c:5c:40:81:a2:7b:0d:
1c:06:97:36:7b:a7:7e:8a:4a:f1:ea:d2:da:a1:c0:
9f:90:90:1a:7d:da:29:a9:f7:61:01:e3:f6:2b:e5:
18:f9:75:c2:97:14:82:b0:07:1d:84:a2:1f:eb:b7:
4a:56:c3:67:77:b8:3a:a0:cf:5e:f7:49:d5:70:b9:
05:29:44:57:45:09:fe:9e:fb:c6:d5:1f:29:72:47:
47:7e:e1:c4:08:ca:b7:4e:46:89:a6:ba:a7:ff:1e:
dd:7f:16:56:1e:1e:bd:cd:97:1e:85:01:ef:31:77:
2c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:98:BF:38:6B:64:4B:02:9E:A4:13:44:47:32:48:A5:B7:09:D9:41
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/25i_OGtkSwKepBNERzJIpbcJ2UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.58.66.0/24
194.58.155.0/24
194.87.44.0/24
194.87.49.0/24
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/23
195.133.15.0/24
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
55:be:2c:f0:f3:33:c6:2b:ff:cc:ff:ff:39:68:e0:73:f9:c3:
46:2b:a4:5a:28:5b:dc:d4:18:cb:cc:1d:5d:7c:d9:36:8e:5e:
3a:28:5b:4c:bc:d1:32:b8:67:2a:ae:14:8d:90:be:a3:c6:b0:
72:1e:37:4c:51:81:a8:7f:70:ab:df:ef:55:af:7f:5f:16:36:
26:15:24:ff:41:b9:15:fe:3c:41:61:fb:59:5a:75:e6:c5:a2:
05:15:a6:a5:02:24:5c:f9:a6:36:2c:e1:7e:b2:89:01:b5:39:
4a:cb:4e:5d:ec:86:14:29:5a:7d:07:18:f5:18:eb:59:4d:06:
28:43:5a:d4:09:7e:d1:4b:f9:39:a1:8d:5a:81:d9:1b:b4:d4:
c7:0e:c1:73:fb:6c:a7:e9:1f:82:b3:69:b5:d0:54:e8:77:45:
3c:91:ad:c2:e1:6e:6a:c7:dc:07:40:5e:45:13:d6:01:e7:84:
7a:21:77:0a:9f:8f:11:11:03:67:ec:4e:39:83:4f:b0:70:98:
9a:0c:08:d9:72:8e:44:1f:64:cc:24:48:ac:38:7d:eb:11:a5:
06:c6:b7:46:97:3a:41:7c:5e:83:90:5c:07:aa:1a:e4:af:58:
b9:56:c5:5b:5a:4a:4d:c3:b3:44:fe:f1:b8:2d:59:8e:3b:a6:
a8:a3:97:ce
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZFaT7jWZjfG2/K7u4yFcMn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODE2MDgzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk4YmYzODZiNjQ0YjAyOWVhNDEzNDQ0NzMyNDhhNWI3MDlkOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKY5pCaE3qb9HlTgwf0ZBXTwaTgJ
lM9sxCeI99pKSxAgW5souC8I1556A7XHQRnmJvFi4BLwFFHpZaGlcIC4HmHn+HAi
NxGru29ukBqeifXeACNK8o6hAlpig1G4BSsxmbq1o4FrKwTVSJuJ3KmmEb48/H5d
gHcl/75FVFJNmM9UpntEA7ysedKY+2lqlwxcQIGiew0cBpc2e6d+ikrx6tLaocCf
kJAafdopqfdhAeP2K+UY+XXClxSCsAcdhKIf67dKVsNnd7g6oM9e90nVcLkFKURX
RQn+nvvG1R8pckdHfuHECMq3TkaJprqn/x7dfxZWHh69zZcehQHvMXcspQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFNuYvzhrZEsCnqQTREcySKW3CdlBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMjVpX09HdGtTd0tlcEJORVJ6SklwYmNKMlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCATIEAgABMIIB
KgMEAMI6LAMEAMI6QgMEAMI6mwMEAMJXLAMEAMJXMTAMAwQAwldTAwQAwldUAwQA
wldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YDBADCV4oDBADCV4wDBADCV48D
BADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74DBADCV8gDBADCV8oDBADCV9AD
BADCV9cDBAHCV9wDBADCV+IDBADCV/oDBADChyYDBADCh2kDBADDOiIDBAHDOiQD
BADDhQ8DBADDhRIDBADDhRUDBADDhRkDBADDhRsDBADDhR4DBAHDhTIDBADDhT8D
BADDhUkDBADDhVEDBAHDhVwDBADDhcIDBADUwAEDBADUwN8DBADUwPYDBADUwPgD
BADUwRgDBADUwR4wFAQCAAIwDgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUA
A4IBAQBVvizw8zPGK//M//85aOBz+cNGK6RaKFvc1BjLzB1dfNk2jl46KFtMvNEy
uGcqrhSNkL6jxrByHjdMUYGof3Cr3+9Vr39fFjYmFST/QbkV/jxBYftZWnXmxaIF
FaalAiRc+aY2LOF+sokBtTlKy05d7IYUKVp9Bxj1GOtZTQYoQ1rUCX7RS/k5oY1a
gdkbtNTHDsFz+2yn6R+Cs2m10FTod0U8ka3C4W5qx9wHQF5FE9YB54R6IXcKn48R
EQNn7E45g0+wcJiaDAjZco5EH2TMJEisOH3rEaUGxrdGlzpBfF6DkFwHqhrkr1i5
VsVbWkpNw7NE/vG4LVmOO6aoo5fO
-----END CERTIFICATE-----
Generated at Tue Aug 20 12:44:31 2024 by rpki-client on console-fra.rpki-client.org