Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4oZ5JoHHMpWLn7xv-8gi7LfjEqE.roa
File: 4oZ5JoHHMpWLn7xv-8gi7LfjEqE.roa (raw, json)
Hash identifier: WRFxdcCzkP+j7i333HSfyYdf6To0AZcfkqiXvRMpNFY=
Subject key identifier: E2:86:79:26:81:C7:32:95:8B:9F:BC:6F:FB:C8:22:EC:B7:E3:12:A1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018626144B4DE3987CFB38CB52EF40350396
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4oZ5JoHHMpWLn7xv-8gi7LfjEqE.roa
Signing time: Mon 06 Feb 2023 09:35:09 +0000
ROA not before: Mon 06 Feb 2023 09:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:14:4b:4d:e3:98:7c:fb:38:cb:52:ef:40:35:03:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 6 09:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e286792681c732958b9fbc6ffbc822ecb7e312a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9e:ff:dc:e7:60:91:b9:85:30:8d:07:05:6b:
5d:8f:d1:6a:5b:97:cf:04:84:62:4c:55:3a:72:bc:
14:cf:3a:41:21:f2:73:43:5c:a0:62:f7:58:69:0e:
77:78:33:93:40:93:f1:7d:68:d2:31:d5:52:32:f9:
b0:67:3c:60:36:8a:4c:0b:88:2d:04:49:a4:88:62:
46:ce:b2:3c:1a:ef:b2:b4:ab:cd:4f:cf:ae:20:cf:
3e:fd:89:1e:f9:37:28:b4:0c:ae:ec:9b:4c:5e:de:
dc:3b:ce:94:3b:2c:f0:8d:b8:db:18:11:52:6b:8f:
6e:12:3d:02:cf:ae:ce:9e:a2:1d:0d:80:43:65:aa:
c0:a1:da:39:99:2e:9b:41:8c:3d:46:36:55:d3:8e:
2c:3a:5a:c6:3e:08:d2:bf:8f:6d:e3:b9:0b:16:4d:
3a:c3:90:4a:21:74:14:68:be:84:12:ff:66:47:f5:
2f:de:3f:42:6e:5f:fe:38:f9:52:22:4f:af:30:fe:
ed:ab:c1:c5:b6:a8:db:d0:95:87:63:53:cc:52:21:
20:2f:29:84:c7:8c:6d:e6:0c:d1:4b:56:13:0e:51:
48:dc:78:37:9f:e5:70:18:90:aa:e5:f7:c4:01:55:
07:93:1c:b0:27:47:44:25:19:6c:36:c2:d0:ed:36:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:86:79:26:81:C7:32:95:8B:9F:BC:6F:FB:C8:22:EC:B7:E3:12:A1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4oZ5JoHHMpWLn7xv-8gi7LfjEqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
194.87.36.0/23
195.58.54.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:da:d8:9e:bf:f4:e4:a8:7e:d8:77:d5:ee:77:d1:59:36:01:
38:be:6e:51:1e:47:c2:69:fb:3c:d7:b5:12:ce:41:8a:19:52:
23:be:c0:18:90:66:3a:f8:4f:2d:9b:d5:55:15:08:4a:6b:72:
d1:05:16:5d:c4:35:e3:36:74:9f:86:50:c7:ff:28:47:6a:ce:
92:74:81:8f:37:92:3a:c0:9e:6b:08:6e:d7:23:87:67:58:70:
b5:a2:b9:06:34:52:61:59:6e:15:1f:b3:e0:15:0d:70:59:9a:
80:cf:77:11:ec:87:c1:78:6b:55:27:a7:36:43:8c:57:ba:e0:
50:99:14:0e:25:4e:f3:2f:ac:ac:d2:59:8d:bd:da:39:37:00:
f4:58:e1:53:d6:32:5c:d9:88:37:b3:5e:64:e6:62:41:dc:f2:
57:06:73:52:ab:d4:0a:72:b8:19:16:b2:be:b4:60:a0:69:c2:
04:2d:74:10:61:72:cf:26:6b:b5:31:c3:a5:e5:e2:01:54:d2:
89:26:63:83:2c:71:fd:45:fc:c6:d7:8f:8e:c7:8e:3b:ff:b7:
1a:da:36:0d:49:26:dd:19:a5:fd:a9:b8:ef:c9:e3:41:81:2f:
26:4d:5a:5e:cd:12:d5:2f:da:c4:d0:31:4b:b2:7a:53:b9:a5:
21:a1:a3:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYmFEtN45h8+zjLUu9ANQOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA2MDkzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjg2NzkyNjgxYzczMjk1OGI5ZmJjNmZmYmM4MjJlY2I3ZTMxMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ7/3OdgkbmFMI0HBWtdj9FqW5fP
BIRiTFU6crwUzzpBIfJzQ1ygYvdYaQ53eDOTQJPxfWjSMdVSMvmwZzxgNopMC4gt
BEmkiGJGzrI8Gu+ytKvNT8+uIM8+/Yke+TcotAyu7JtMXt7cO86UOyzwjbjbGBFS
a49uEj0Cz67OnqIdDYBDZarAodo5mS6bQYw9RjZV044sOlrGPgjSv49t47kLFk06
w5BKIXQUaL6EEv9mR/Uv3j9Cbl/+OPlSIk+vMP7tq8HFtqjb0JWHY1PMUiEgLymE
x4xt5gzRS1YTDlFI3Hg3n+VwGJCq5ffEAVUHkxywJ0dEJRlsNsLQ7TY1qwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOKGeSaBxzKVi5+8b/vIIuy34xKhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNG9aNUpvSEhNcFdMbjd4di04Z2k3TGZqRXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzoAwQA
PkzrAwQBwlckAwQAwzo2MA0GCSqGSIb3DQEBCwUAA4IBAQAK2tiev/TkqH7Yd9Xu
d9FZNgE4vm5RHkfCafs817USzkGKGVIjvsAYkGY6+E8tm9VVFQhKa3LRBRZdxDXj
NnSfhlDH/yhHas6SdIGPN5I6wJ5rCG7XI4dnWHC1orkGNFJhWW4VH7PgFQ1wWZqA
z3cR7IfBeGtVJ6c2Q4xXuuBQmRQOJU7zL6ys0lmNvdo5NwD0WOFT1jJc2Yg3s15k
5mJB3PJXBnNSq9QKcrgZFrK+tGCgacIELXQQYXLPJmu1McOl5eIBVNKJJmODLHH9
RfzG14+Ox447/7ca2jYNSSbdGaX9qbjvyeNBgS8mTVpezRLVL9rE0DFLsnpTuaUh
oaOW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org