Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2OKr5MyqJoxrR2XJjx9_y5FS6fI.roa
File: 2OKr5MyqJoxrR2XJjx9_y5FS6fI.roa (raw, json)
Hash identifier: 0PjNcZGe1wP63uiv/kRrDoNsOlaqjrHt9ZFPV5iIiTg=
Subject key identifier: D8:E2:AB:E4:CC:AA:26:8C:6B:47:65:C9:8F:1F:7F:CB:91:52:E9:F2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D77D22205CD585F146C18F18378FECF84
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2OKr5MyqJoxrR2XJjx9_y5FS6fI.roa
Signing time: Mon 05 Feb 2024 05:51:16 +0000
ROA not before: Mon 05 Feb 2024 05:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 62.76.227.0/24 maxlen: 24
62.76.233.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 05:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:d2:22:05:cd:58:5f:14:6c:18:f1:83:78:fe:cf:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 05:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8e2abe4ccaa268c6b4765c98f1f7fcb9152e9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:da:4a:40:ad:ea:8f:32:a2:ce:e1:1d:d4:
d8:8b:ac:f8:fd:56:f1:10:eb:1c:9b:3b:b6:07:c2:
17:2f:1e:a0:10:c9:62:f0:69:32:0a:a2:c7:3a:97:
22:61:93:f5:ca:e3:d2:68:30:56:8a:2f:07:70:a6:
16:c5:38:01:f6:a6:59:a4:bd:fe:2d:57:66:cd:69:
0e:79:fc:be:e7:de:3d:e6:f6:88:c5:5d:5d:c7:76:
13:26:f2:a2:8c:17:79:b8:fd:4e:13:bf:bc:af:30:
36:ad:da:73:76:ee:94:5c:bc:b5:07:bd:39:52:2d:
3f:60:8f:d3:54:4c:81:a9:7c:0b:2c:bb:dc:e6:f1:
6f:2e:03:bf:aa:4e:15:38:eb:67:35:40:88:8b:83:
a9:e3:83:e0:a3:87:3e:0c:28:d4:0f:15:a8:7e:04:
f8:91:79:d4:b5:af:50:2d:7c:94:9a:91:16:e5:ee:
90:11:93:b8:ec:33:62:a7:9e:06:34:43:56:85:66:
b0:a1:44:67:31:e0:93:3c:07:e6:3c:32:c0:00:30:
0d:8f:b9:81:e9:c5:6f:4e:e8:83:f7:5c:ea:46:da:
e5:9e:9b:67:47:2d:0b:21:81:fc:d6:c1:e1:3f:0a:
9a:8a:0c:96:f8:13:a4:63:db:e4:9d:af:c0:ff:fd:
85:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E2:AB:E4:CC:AA:26:8C:6B:47:65:C9:8F:1F:7F:CB:91:52:E9:F2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2OKr5MyqJoxrR2XJjx9_y5FS6fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
62.76.233.0/24
185.72.10.0/24
192.124.180.0/24
192.124.188.0/24
192.124.190.0/24
192.124.209.0/24
193.124.4.0/24
193.124.36.0/24
194.58.41.0/24
194.58.44.0/24
194.58.223.0/24
194.87.24.0/24
194.87.33.0/24
194.87.44.0/24
194.87.52.0/24
194.87.54.0/23
194.87.76.0/24
194.87.83.0-194.87.84.255
194.87.90.0/24
194.87.104.0/24
194.87.115.0/24
194.87.128.0/24
194.87.130.0/24
194.87.138.0/24
194.87.161.0/24
194.87.178.0/24
194.87.187.0/24
194.87.200.0/24
194.87.208.0/24
194.87.220.0/23
194.87.224.0/24
194.87.226.0/24
194.87.229.0/24
194.87.231.0/24
194.87.233.0/24
194.87.250.0/24
194.135.33.0/24
195.58.38.0/24
195.133.18.0/24
195.133.27.0/24
195.133.31.0/24
195.133.35.0/24
195.133.73.0/24
212.192.8.0/24
212.192.242.0/24
212.192.248.0/24
212.193.1.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
89:77:9f:1d:6c:72:00:4b:5d:b9:95:1e:ae:62:7c:93:17:8e:
13:f9:c1:3f:ea:ea:99:d4:0a:74:53:3a:2f:00:6d:e2:29:4f:
5b:de:17:73:c2:e6:0f:e5:71:cb:a8:af:04:07:c2:77:bc:70:
3d:28:a8:6a:3d:91:ed:f5:1c:0c:4d:ce:33:4f:e7:f4:58:8b:
36:28:25:6c:54:b6:2b:85:e9:a3:2b:2f:4a:22:3a:18:58:b5:
a1:57:97:60:ea:a0:37:57:28:5c:a9:d7:e9:2e:7c:1f:b1:78:
0b:0a:90:92:22:62:fc:72:80:24:d9:2d:dd:9e:88:83:f9:8a:
41:95:8b:a2:e7:98:f2:36:2e:b0:26:28:41:86:8f:ec:65:58:
37:88:4c:fb:87:f9:e9:71:c3:33:f7:b4:5e:f3:d6:f4:be:fd:
fc:c2:72:3f:e4:ee:2c:60:c2:59:15:21:8e:30:be:43:02:9a:
5b:ef:90:6c:34:f0:1a:97:f1:89:03:a7:49:3e:76:a6:78:3d:
46:f7:6c:69:05:f1:8b:85:fe:d7:3b:0d:2f:75:20:14:e8:2b:
e5:b7:74:6d:be:0e:83:93:bd:41:4d:06:6e:8a:f2:d8:e8:74:
83:29:dc:92:ef:89:c0:60:45:d6:d6:ee:e0:d8:26:38:c0:b1:
ee:46:4d:59
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAY130iIFzVhfFGwY8YN4/s+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDU1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGUyYWJlNGNjYWEyNjhjNmI0NzY1Yzk4ZjFmN2ZjYjkxNTJlOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkbaSkCt6o8yos7hHdTYi6z4/Vbx
EOscmzu2B8IXLx6gEMli8GkyCqLHOpciYZP1yuPSaDBWii8HcKYWxTgB9qZZpL3+
LVdmzWkOefy+59495vaIxV1dx3YTJvKijBd5uP1OE7+8rzA2rdpzdu6UXLy1B705
Ui0/YI/TVEyBqXwLLLvc5vFvLgO/qk4VOOtnNUCIi4Op44Pgo4c+DCjUDxWofgT4
kXnUta9QLXyUmpEW5e6QEZO47DNip54GNENWhWawoURnMeCTPAfmPDLAADANj7mB
6cVvTuiD91zqRtrlnptnRy0LIYH81sHhPwqaigyW+BOkY9vkna/A//2FxwIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFNjiq+TMqiaMa0dlyY8ff8uRUunyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMk9LcjVNeXFKb3hyUjJYSmp4OV95NUZTNmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjCCATYEAgABMIIB
LgMEAD5M4wMEAD5M6QMEALlICgMEAMB8tAMEAMB8vAMEAMB8vgMEAMB80QMEAMF8
BAMEAMF8JAMEAMI6KQMEAMI6LAMEAMI63wMEAMJXGAMEAMJXIQMEAMJXLAMEAMJX
NAMEAcJXNgMEAMJXTDAMAwQAwldTAwQAwldUAwQAwldaAwQAwldoAwQAwldzAwQA
wleAAwQAwleCAwQAwleKAwQAwlehAwQAwleyAwQAwle7AwQAwlfIAwQAwlfQAwQB
wlfcAwQAwlfgAwQAwlfiAwQAwlflAwQAwlfnAwQAwlfpAwQAwlf6AwQAwochAwQA
wzomAwQAw4USAwQAw4UbAwQAw4UfAwQAw4UjAwQAw4VJAwQA1MAIAwQA1MDyAwQA
1MD4AwQA1MEBAwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQCJd58dbHIAS125lR6u
YnyTF44T+cE/6uqZ1Ap0UzovAG3iKU9b3hdzwuYP5XHLqK8EB8J3vHA9KKhqPZHt
9RwMTc4zT+f0WIs2KCVsVLYrhemjKy9KIjoYWLWhV5dg6qA3VyhcqdfpLnwfsXgL
CpCSImL8coAk2S3dnoiD+YpBlYui55jyNi6wJihBho/sZVg3iEz7h/npccMz97Re
89b0vv38wnI/5O4sYMJZFSGOML5DAppb75BsNPAal/GJA6dJPnameD1G92xpBfGL
hf7XOw0vdSAU6Cvlt3Rtvg6Dk71BTQZuivLY6HSDKdyS74nAYEXW1u7g2CY4wLHu
Rk1Z
-----END CERTIFICATE-----
Generated at Mon Feb 5 08:56:36 2024 by rpki-client on console-ams.rpki-client.org