Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5kpCP1KEJ9z5M5BzlBfl3GJ420s.roa
File: 5kpCP1KEJ9z5M5BzlBfl3GJ420s.roa (raw, json)
Hash identifier: UVCHlsg+fpizoJrqciX1D4DLiOjZjTOROAwmKiQRnv4=
Subject key identifier: E6:4A:42:3F:52:84:27:DC:F9:33:90:73:94:17:E5:DC:62:78:DB:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01870E99B549CC84EC8BF3C55624B89D7E85
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5kpCP1KEJ9z5M5BzlBfl3GJ420s.roa
Signing time: Thu 23 Mar 2023 13:12:46 +0000
ROA not before: Thu 23 Mar 2023 13:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.233.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
192.124.180.0/22 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:99:b5:49:cc:84:ec:8b:f3:c5:56:24:b8:9d:7e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 23 13:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e64a423f528427dcf93390739417e5dc6278db4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f0:05:76:f3:32:be:0e:8d:16:60:6c:ab:15:
a4:5a:00:23:68:3a:6d:ac:5a:9b:c7:ed:e6:a3:bf:
c3:ea:62:4f:a5:fc:38:11:e0:f9:91:32:e1:a2:d6:
9f:35:66:d1:ed:5e:36:ee:9a:b5:28:0c:22:96:00:
0e:3c:8c:39:84:02:2a:18:b5:63:f2:8b:9d:72:4b:
85:5d:12:8b:06:ab:56:09:71:d9:54:af:af:72:8b:
6d:aa:36:e2:8e:df:60:ac:4d:71:7a:e7:30:41:3e:
2d:7d:91:3d:07:81:ef:d2:2b:32:13:dd:3a:a7:e8:
c2:b1:33:31:bb:e5:12:98:f2:49:a7:b5:19:32:82:
d4:0e:69:04:8d:4c:16:c0:bc:df:41:8c:41:5b:86:
c0:f2:9d:91:7f:0d:f0:54:79:40:87:fd:ab:c8:28:
02:26:15:3f:e6:f1:2c:be:e2:40:d7:ca:12:a3:f7:
1a:89:64:6a:91:e8:c0:46:0b:4a:9e:ee:1b:16:5b:
9b:15:47:bf:f8:b6:48:55:21:55:0a:31:44:01:65:
ab:69:bd:eb:6c:4f:12:06:cf:e7:ff:44:ce:ee:71:
8f:f0:1e:b7:f7:99:6d:d2:7c:2d:34:54:c4:0b:e4:
7f:b3:09:0d:fc:30:1d:ff:cd:ce:82:ad:d9:eb:dd:
1d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4A:42:3F:52:84:27:DC:F9:33:90:73:94:17:E5:DC:62:78:DB:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5kpCP1KEJ9z5M5BzlBfl3GJ420s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
62.76.233.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.16.0/24
193.124.44.0/24
193.124.80.0/24
193.124.93.0/24
193.124.201.0/24
193.124.207.0/24
194.58.38.0-194.58.40.255
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.10.0-194.87.12.255
194.87.16.0/24
194.87.22.0/24
194.87.24.0/22
194.87.36.0/23
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.114.0/23
194.87.122.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.160.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.222.0/24
194.87.240.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/23
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.76.0/24
195.133.194.0/23
212.192.1.0/24
212.192.10.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a6:fb:44:3a:37:ca:3d:c8:d1:81:b7:61:a8:9f:7d:65:33:
2c:01:1e:46:c2:ba:fe:f4:46:47:fb:07:01:a8:c5:1a:87:26:
7d:5a:8e:59:1a:0d:ed:00:a7:6a:4f:b1:59:99:49:7a:55:86:
93:71:c9:9d:b1:5f:77:ae:f7:b2:3e:f9:36:3b:0a:5d:73:a3:
fb:24:d7:da:1c:27:a9:b4:78:1b:cd:59:94:cd:c7:40:0f:f5:
3d:80:64:f1:32:6d:c5:99:b0:bf:94:35:57:7a:03:9d:19:d8:
ed:82:05:17:8e:d0:5c:e9:63:13:47:ba:0b:64:b9:e5:ba:de:
9a:8c:d2:29:ed:ae:f9:cf:42:d5:bf:79:a1:e4:48:5b:0f:b4:
06:88:c3:14:4c:c1:97:e0:36:f4:a5:ed:a2:d5:db:0e:02:6c:
0a:6f:73:bd:dc:12:c5:92:18:2f:3d:96:5d:21:c5:f7:4b:fa:
c5:e3:19:b8:51:72:af:f8:b4:7c:69:c6:58:4d:5f:23:38:64:
02:af:f1:aa:97:5c:e2:ca:5d:3d:28:45:d3:4a:1c:96:1a:ac:
af:22:cd:cc:8b:75:f0:f0:b7:2e:73:be:80:23:64:6d:8e:33:
e8:27:e5:a2:1e:73:ba:e5:e6:54:4a:c5:06:57:7a:da:60:c2:
21:ad:c2:6d
-----BEGIN CERTIFICATE-----
MIIGnTCCBYWgAwIBAgISAYcOmbVJzITsi/PFViS4nX6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIzMTMxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRhNDIzZjUyODQyN2RjZjkzMzkwNzM5NDE3ZTVkYzYyNzhkYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PAFdvMyvg6NFmBsqxWkWgAjaDpt
rFqbx+3mo7/D6mJPpfw4EeD5kTLhotafNWbR7V427pq1KAwilgAOPIw5hAIqGLVj
8oudckuFXRKLBqtWCXHZVK+vcottqjbijt9grE1xeucwQT4tfZE9B4Hv0isyE906
p+jCsTMxu+USmPJJp7UZMoLUDmkEjUwWwLzfQYxBW4bA8p2Rfw3wVHlAh/2ryCgC
JhU/5vEsvuJA18oSo/caiWRqkejARgtKnu4bFlubFUe/+LZIVSFVCjFEAWWrab3r
bE8SBs/n/0TO7nGP8B6395lt0nwtNFTEC+R/swkN/DAd/83Ogq3Z690dAwIDAQAB
o4IDqTCCA6UwHQYDVR0OBBYEFOZKQj9ShCfc+TOQc5QX5dxieNtLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNWtwQ1AxS0VKOXo1TTVCemxCZmwzR0o0MjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvQYIKwYBBQUHAQcBAf8EggGsMIIBqDCCAaQEAgABMIIB
nAMEAD5M4QMEAT5M5gMEAD5M6QMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8
CAMEAMF8EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8yQMEAMF8zzAMAwQBwjomAwQA
wjooAwQAwjovAwQAwjo7AwQAwjpDAwQAwjqaMAwDBADCVwEDBALCVwADBADCVwcw
DAMEAcJXCgMEAMJXDAMEAMJXEAMEAMJXFgMEAsJXGAMEAcJXJAMEAMJXOAMEAMJX
SQMEAMJXUwMEAMJXaAMEAcJXcgMEAMJXegMEAcJXggMEAMJXigMEAMJXlQMEAMJX
oAMEAMJXpgMEAMJXqDAMAwQBwleqAwQAwlesAwQCwlewAwQAwle2AwQAwle7AwQA
wle+AwQAwlfIAwQAwlfKAwQAwlfeAwQAwlfwAwQAwocSAwQAwocXMAwDBADDOiMD
BADDOiQDBAHDOjIDBADDOjYDBADDOjgDBADDhQADBADDhRoDBADDhR4DBADDhSAD
BADDhSMDBADDhUwDBAHDhcIDBADUwAEDBADUwAowDQYJKoZIhvcNAQELBQADggEB
ADem+0Q6N8o9yNGBt2Gon31lMywBHkbCuv70Rkf7BwGoxRqHJn1ajlkaDe0Ap2pP
sVmZSXpVhpNxyZ2xX3eu97I++TY7Cl1zo/sk19ocJ6m0eBvNWZTNx0AP9T2AZPEy
bcWZsL+UNVd6A50Z2O2CBReO0FzpYxNHugtkueW63pqM0intrvnPQtW/eaHkSFsP
tAaIwxRMwZfgNvSl7aLV2w4CbApvc73cEsWSGC89ll0hxfdL+sXjGbhRcq/4tHxp
xlhNXyM4ZAKv8aqXXOLKXT0oRdNKHJYarK8izcyLdfDwty5zvoAjZG2OM+gn5aIe
c7rl5lRKxQZXetpgwiGtwm0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-ams.rpki-client.org