Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/39joHkRqMp3d5HtwLLQoO9qGTOQ.roa
File: 39joHkRqMp3d5HtwLLQoO9qGTOQ.roa (raw, json)
Hash identifier: fH1OO5r1Nvj5KBABTUuD87o6iZN22iu2TTAqR9QtphQ=
Subject key identifier: DF:D8:E8:1E:44:6A:32:9D:DD:E4:7B:70:2C:B4:28:3B:DA:86:4C:E4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AA23052AA3CD4A630614728A98F30F03E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/39joHkRqMp3d5HtwLLQoO9qGTOQ.roa
Signing time: Sun 17 Sep 2023 08:09:50 +0000
ROA not before: Sun 17 Sep 2023 08:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36113
IP address blocks: 62.76.230.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
212.192.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:30:52:aa:3c:d4:a6:30:61:47:28:a9:8f:30:f0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 17 08:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfd8e81e446a329ddde47b702cb4283bda864ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d8:3c:a2:e2:8b:8b:c8:bd:f0:6a:59:95:8b:
b5:80:a0:28:ba:23:c1:fb:0c:23:b2:38:64:2a:2c:
c9:58:95:2c:b9:7b:a3:67:04:b3:f4:fa:86:89:7d:
fb:54:23:c6:d2:b3:a4:cc:bb:f0:08:5d:f2:98:90:
58:e8:1c:0d:87:cb:02:9c:e6:b3:35:27:5b:0a:4a:
64:1c:5a:4e:eb:82:11:12:27:4d:00:57:07:f6:6e:
9c:15:72:4a:79:6c:bd:c5:de:c7:15:88:c4:01:cd:
05:d2:7f:fa:70:be:3a:3b:f5:f5:f3:48:10:67:b4:
a6:34:42:95:fb:9d:96:c5:48:5b:a0:ff:a5:42:ec:
1e:29:63:04:38:e2:45:eb:64:5b:84:a2:eb:51:80:
70:24:08:ac:77:f4:ef:94:36:c5:bf:ad:58:1b:3e:
6e:4e:e6:be:a4:f4:af:a1:fb:16:17:5a:90:19:9b:
5d:71:f5:10:e2:48:17:53:2d:79:3c:9e:e9:22:af:
29:ba:4a:dd:66:e3:30:62:10:9b:b6:07:1e:fc:04:
67:e9:04:e4:6d:a9:4a:dc:6f:d0:f4:a3:4d:26:26:
31:31:29:46:c6:91:c8:50:7b:70:ed:06:9d:75:13:
d8:14:b3:fa:ad:76:21:f8:a4:f9:81:d5:93:d0:13:
42:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D8:E8:1E:44:6A:32:9D:DD:E4:7B:70:2C:B4:28:3B:DA:86:4C:E4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/39joHkRqMp3d5HtwLLQoO9qGTOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.58.41.0/24
194.87.140.0/23
194.135.30.0/24
195.133.81.0/24
195.133.194.0/24
212.192.244.0/24
212.192.255.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ab:52:4b:25:b5:4f:64:b2:5a:31:36:df:49:2c:4e:6b:ac:
08:d9:9f:0d:e2:15:5a:be:1c:57:a5:5e:01:72:b4:38:8f:eb:
ae:9b:9c:f0:62:50:e5:67:9c:18:5f:02:f9:cd:e8:59:34:c8:
94:df:8f:d4:fd:72:92:9b:19:aa:5d:60:d7:7e:0e:87:28:20:
96:78:f8:33:29:a6:d9:19:82:59:76:3d:6d:db:9d:28:c0:71:
52:cc:88:70:0a:e5:0c:ac:67:de:74:1c:8f:8d:ff:43:05:4d:
87:64:67:06:80:92:79:e4:cf:f9:f9:a6:b7:f6:e8:68:2f:2c:
a3:d3:6e:14:b3:bd:b1:9f:db:4e:77:36:ec:ec:02:fa:37:cb:
ea:61:10:d8:a6:b8:b1:05:0f:26:0d:62:d9:19:28:7a:e2:91:
ba:19:5b:82:65:22:5f:c5:45:8b:06:90:40:e3:08:dc:1a:57:
84:2b:f5:21:63:20:56:0d:08:7a:30:fe:a5:49:03:be:99:8a:
a9:59:73:fc:2c:10:32:85:8c:8a:5b:2b:d9:33:47:f0:47:5a:
ca:4c:3d:7c:49:57:c7:e4:1a:c7:eb:13:9e:62:c7:53:f8:e6:
7f:d9:1b:e4:d1:49:75:b1:17:9f:bb:c4:6b:2e:ec:47:c1:75:
05:aa:97:46
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYqiMFKqPNSmMGFHKKmPMPA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE3MDgwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQ4ZTgxZTQ0NmEzMjlkZGRlNDdiNzAyY2I0MjgzYmRhODY0Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndg8ouKLi8i98GpZlYu1gKAouiPB
+wwjsjhkKizJWJUsuXujZwSz9PqGiX37VCPG0rOkzLvwCF3ymJBY6BwNh8sCnOaz
NSdbCkpkHFpO64IREidNAFcH9m6cFXJKeWy9xd7HFYjEAc0F0n/6cL46O/X180gQ
Z7SmNEKV+52WxUhboP+lQuweKWMEOOJF62RbhKLrUYBwJAisd/TvlDbFv61YGz5u
Tua+pPSvofsWF1qQGZtdcfUQ4kgXUy15PJ7pIq8pukrdZuMwYhCbtgce/ARn6QTk
balK3G/Q9KNNJiYxMSlGxpHIUHtw7QaddRPYFLP6rXYh+KT5gdWT0BNClQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN/Y6B5EajKd3eR7cCy0KDvahkzkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzlqb0hrUnFNcDNkNUh0d0xMUW9POXFHVE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPkzmAwQA
wjopAwQBwleMAwQAwoceAwQAw4VRAwQAw4XCAwQA1MD0AwQA1MD/MA0GCSqGSIb3
DQEBCwUAA4IBAQCKq1JLJbVPZLJaMTbfSSxOa6wI2Z8N4hVavhxXpV4BcrQ4j+uu
m5zwYlDlZ5wYXwL5zehZNMiU34/U/XKSmxmqXWDXfg6HKCCWePgzKabZGYJZdj1t
250owHFSzIhwCuUMrGfedByPjf9DBU2HZGcGgJJ55M/5+aa39uhoLyyj024Us72x
n9tOdzbs7AL6N8vqYRDYprixBQ8mDWLZGSh64pG6GVuCZSJfxUWLBpBA4wjcGleE
K/UhYyBWDQh6MP6lSQO+mYqpWXP8LBAyhYyKWyvZM0fwR1rKTD18SVfH5BrH6xOe
YsdT+OZ/2Rvk0Ul1sRefu8RrLuxHwXUFqpdG
-----END CERTIFICATE-----
Generated at Sun Sep 17 14:32:00 2023 by rpki-client on console-ams.rpki-client.org