Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/38C9dRNTbgHCM9VJ50z7voVRfCk.roa
File: 38C9dRNTbgHCM9VJ50z7voVRfCk.roa (raw, json)
Hash identifier: b/GGJ/rODPJ7di5f7uzsiSZxQFLQQvjcNo6V8n3YKBA=
Subject key identifier: DF:C0:BD:75:13:53:6E:01:C2:33:D5:49:E7:4C:FB:BE:85:51:7C:29
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D15A0C51A387D4639F4CFB07512267144
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/38C9dRNTbgHCM9VJ50z7voVRfCk.roa
Signing time: Wed 17 Jan 2024 04:14:34 +0000
ROA not before: Wed 17 Jan 2024 04:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 06:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:15:a0:c5:1a:38:7d:46:39:f4:cf:b0:75:12:26:71:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 17 04:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfc0bd7513536e01c233d549e74cfbbe85517c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e5:e9:eb:49:29:7c:fc:0f:38:03:7f:b5:c5:
e8:8a:63:a0:2d:a1:3b:e0:85:0e:b8:1c:a1:11:51:
ce:02:8c:5b:68:fb:9e:43:77:fd:cf:f8:cd:95:06:
90:7d:77:cb:3f:4d:e6:eb:b6:45:57:74:92:16:4a:
4f:7c:a3:37:50:f7:06:b6:a7:89:0a:77:67:f6:33:
17:89:13:50:d1:d0:cd:bb:ea:ef:1f:43:40:a3:a5:
a2:40:83:a8:c3:39:f7:e6:e3:4b:ed:a4:06:ab:f6:
db:c1:31:34:43:e8:6a:a4:4c:43:0d:e9:b3:cd:99:
53:5f:5d:d1:f1:c6:dc:8e:0b:7e:a6:77:f8:71:03:
25:f6:91:7c:80:d6:30:86:24:f4:05:38:9b:b3:d1:
82:5e:62:46:a7:b4:28:8e:df:c2:95:af:6f:02:e1:
5c:d5:de:d7:00:e7:1a:70:3f:1d:b1:ce:71:78:fa:
fc:57:06:e5:14:54:a4:00:75:4c:3d:59:89:6c:b8:
0a:84:41:7f:8e:16:45:55:f2:68:41:2e:25:3d:75:
03:5a:ce:88:7d:c3:65:4f:7d:60:d2:71:f6:86:e3:
11:0e:92:11:02:e7:20:0c:87:d5:36:2a:1b:e3:de:
ed:70:0a:40:0b:25:29:e4:b5:ee:e6:e8:cb:0a:bc:
21:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C0:BD:75:13:53:6E:01:C2:33:D5:49:E7:4C:FB:BE:85:51:7C:29
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/38C9dRNTbgHCM9VJ50z7voVRfCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.42.0/24
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.88.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.87.245.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.74.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d1:6a:b5:1d:f7:6b:0b:00:93:d9:37:90:36:b9:92:57:d7:
c5:1e:a8:e4:fd:2a:8e:72:0d:da:90:38:78:d8:b8:d2:0a:60:
15:e8:5a:58:c4:f3:38:1c:8a:0b:5c:ea:27:ed:d8:53:c3:47:
47:86:db:a0:15:6f:d1:2f:a1:d1:f2:81:c1:b5:cc:ee:88:a9:
95:e8:a1:cc:9b:a4:7a:dc:d7:40:83:50:ce:2a:bf:b8:78:a7:
21:71:16:e1:c3:0e:47:66:f2:82:15:a4:c3:87:73:03:a5:e4:
26:fe:d3:e4:50:36:e9:25:d0:d4:94:a6:70:3e:99:ae:35:6c:
b9:27:59:c6:64:53:53:b2:1b:87:3b:e3:2d:f5:e5:67:2b:82:
c9:d3:1c:14:e9:60:48:06:d7:22:04:15:22:0a:d1:0d:b0:0d:
d7:09:23:31:bf:01:05:79:b5:53:91:c6:22:5c:9c:c5:22:f5:
cb:13:a9:b2:8c:60:fa:3b:55:c6:86:d4:ae:91:70:19:79:8f:
a9:3d:ec:16:d5:fc:44:27:24:c2:38:a0:20:d3:74:7a:36:3d:
28:41:40:9a:1a:51:09:3e:63:b2:77:93:88:57:c7:d4:bb:4d:
b4:87:9a:d3:7a:e3:02:37:51:fe:ae:95:ff:59:cc:db:64:14:
d3:a9:41:6d
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAY0VoMUaOH1GOfTPsHUSJnFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE3MDQxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmMwYmQ3NTEzNTM2ZTAxYzIzM2Q1NDllNzRjZmJiZTg1NTE3YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+Xp60kpfPwPOAN/tcXoimOgLaE7
4IUOuByhEVHOAoxbaPueQ3f9z/jNlQaQfXfLP03m67ZFV3SSFkpPfKM3UPcGtqeJ
Cndn9jMXiRNQ0dDNu+rvH0NAo6WiQIOowzn35uNL7aQGq/bbwTE0Q+hqpExDDemz
zZlTX13R8cbcjgt+pnf4cQMl9pF8gNYwhiT0BTibs9GCXmJGp7Qojt/Cla9vAuFc
1d7XAOcacD8dsc5xePr8VwblFFSkAHVMPVmJbLgKhEF/jhZFVfJoQS4lPXUDWs6I
fcNlT31g0nH2huMRDpIRAucgDIfVNiob497tcApACyUp5LXu5ujLCrwhewIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFN/AvXUTU24BwjPVSedM+76FUXwpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzhDOWRSTlRiZ0hDTTlWSjUwejd2b1ZSZkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAA+TOMDBAC5SAoDBADAfLcDBADBfC8DBADBfF8DBADBfMoDBADCOioDBADCOkID
BADCOpoDBADCVxoDBADCV0wDBADCV1EDBADCV1gDBADCV4ADBADCV5UDBADCV5cD
BADCV6oDBADCV6wDBADCV7sDBADCV74DBADCV8kDBADCV9cDBADCV+ADBADCV+UD
BADCV+cDBADCV/UDBADChyEDBADDOjYDBADDOj8DBADDhQIDBADDhRkDBADDhRsD
BADDhUgDBADDhUoDBADDhVQDBADDhcADBADUwAEDBADUwNYDBADUwN4DBADUwQ0D
BADUwRkwDQYJKoZIhvcNAQELBQADggEBAEjRarUd92sLAJPZN5A2uZJX18UeqOT9
Ko5yDdqQOHjYuNIKYBXoWljE8zgcigtc6ift2FPDR0eG26AVb9EvodHygcG1zO6I
qZXoocybpHrc10CDUM4qv7h4pyFxFuHDDkdm8oIVpMOHcwOl5Cb+0+RQNukl0NSU
pnA+ma41bLknWcZkU1OyG4c74y315WcrgsnTHBTpYEgG1yIEFSIK0Q2wDdcJIzG/
AQV5tVORxiJcnMUi9csTqbKMYPo7VcaG1K6RcBl5j6k97BbV/EQnJMI4oCDTdHo2
PShBQJoaUQk+Y7J3k4hXx9S7TbSHmtN64wI3Uf6ulf9ZzNtkFNOpQW0=
-----END CERTIFICATE-----
Generated at Wed Jan 17 07:32:31 2024 by rpki-client on console-fra.rpki-client.org