Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A-Ygmtk3JGUehszGro71p8Yxu6Y.roa
File: A-Ygmtk3JGUehszGro71p8Yxu6Y.roa (raw, json)
Hash identifier: 2H5KhPpRynBiJ34Gov+dCj3JAI7+YrCBVe6StOWFDek=
Subject key identifier: 03:E6:20:9A:D9:37:24:65:1E:86:CC:C6:AE:8E:F5:A7:C6:31:BB:A6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A56DA9D75946BF888A52EDB2AC3FC2DF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A-Ygmtk3JGUehszGro71p8Yxu6Y.roa
Signing time: Thu 12 Jan 2023 10:01:45 +0000
ROA not before: Thu 12 Jan 2023 10:01:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:6d:a9:d7:59:46:bf:88:8a:52:ed:b2:ac:3f:c2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 10:01:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03e6209ad93724651e86ccc6ae8ef5a7c631bba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:54:a1:c2:a5:da:d0:f7:4e:65:a7:4f:01:
a5:b6:67:ea:99:d3:40:3d:2a:30:b3:6a:90:1f:b7:
46:39:c9:76:8c:48:78:18:6f:68:84:e3:71:98:4b:
f6:47:55:2d:5d:64:98:5c:10:3a:fd:f5:a4:b8:54:
b9:36:98:ed:a2:a1:19:1b:b5:39:60:46:1f:ce:2c:
85:2d:c0:b7:5b:7f:38:43:b0:61:8d:40:a8:c1:98:
38:8b:8a:ef:f4:bc:aa:ac:bd:eb:33:4f:cb:3e:cd:
87:c1:13:a2:16:69:03:39:08:d3:90:4f:4c:85:68:
11:b8:77:3f:7b:d9:18:57:b5:08:0e:94:ce:b9:09:
0b:6f:ac:06:54:fb:c1:37:26:a4:f4:54:80:80:a0:
3d:ed:38:14:71:81:78:8d:af:f9:99:a2:8d:d9:77:
3e:ae:bd:05:2d:17:8b:91:92:bd:ad:cf:71:e0:f6:
17:e2:99:2b:07:43:5b:91:15:56:f8:8c:bf:4d:94:
e5:17:f5:b9:49:86:6b:d9:e9:15:fb:8a:2c:14:d5:
42:8f:ea:ab:42:3f:87:28:cc:8c:64:ca:46:95:e0:
82:61:d9:7c:ae:27:66:c3:85:03:da:22:02:14:88:
1f:a3:8f:a2:9e:a0:9b:38:b7:11:06:5c:a0:aa:28:
c7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E6:20:9A:D9:37:24:65:1E:86:CC:C6:AE:8E:F5:A7:C6:31:BB:A6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A-Ygmtk3JGUehszGro71p8Yxu6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.37.0/24
194.87.177.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
03:7c:0a:e5:21:e5:98:77:aa:b3:12:f7:18:ef:1e:3d:4d:19:
32:f7:ef:43:7b:80:25:e5:d4:04:8b:f2:2a:e3:97:4c:ab:10:
b0:51:21:83:86:46:6a:ee:3c:3c:8f:27:f2:fe:0a:9f:12:a5:
84:ad:9a:d5:02:23:00:17:59:3a:dc:22:c2:6e:ab:b3:79:75:
12:2a:48:87:42:3e:cf:41:0b:be:08:71:43:1f:60:74:48:d0:
36:51:97:6f:87:73:68:fc:0b:e0:52:df:6f:2b:1e:fb:81:16:
cd:5c:7d:dc:40:33:91:9f:99:c6:30:81:77:cf:1d:83:a5:cf:
33:ab:fe:f6:44:45:ec:f9:37:84:bd:b5:4a:95:2b:6e:8e:d2:
d4:09:ea:af:00:d9:56:98:2d:eb:07:ad:9c:48:4c:5a:8b:48:
c2:f7:ad:a6:8f:2d:15:c0:ac:bd:02:95:77:f3:33:32:26:61:
07:3c:d6:5b:81:24:e6:49:b8:f2:20:af:22:7e:74:f4:d6:30:
52:d5:f3:01:c1:85:a7:f9:d2:97:4d:14:fd:f4:92:f6:86:15:
a4:2b:e1:80:23:8e:b3:36:85:50:bd:89:1c:77:54:0b:0e:c3:
84:a6:7a:c5:31:0e:ed:a5:c8:29:2b:62:be:3d:a3:bf:06:18:
1c:cd:db:cf
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYWlbanXWUa/iIpS7bKsP8LfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMTAwMTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U2MjA5YWQ5MzcyNDY1MWU4NmNjYzZhZThlZjVhN2M2MzFiYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupJUocKl2tD3TmWnTwGltmfqmdNA
PSows2qQH7dGOcl2jEh4GG9ohONxmEv2R1UtXWSYXBA6/fWkuFS5NpjtoqEZG7U5
YEYfziyFLcC3W384Q7BhjUCowZg4i4rv9LyqrL3rM0/LPs2HwROiFmkDOQjTkE9M
hWgRuHc/e9kYV7UIDpTOuQkLb6wGVPvBNyak9FSAgKA97TgUcYF4ja/5maKN2Xc+
rr0FLReLkZK9rc9x4PYX4pkrB0NbkRVW+Iy/TZTlF/W5SYZr2ekV+4osFNVCj+qr
Qj+HKMyMZMpGleCCYdl8ridmw4UD2iICFIgfo4+inqCbOLcRBlygqijHtQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAPmIJrZNyRlHobMxq6O9afGMbumMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQS1ZZ210azNKR1VlaHN6R3JvNzFwOFl4dTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAPkzoAwQA
PkzrAwQAwXwQAwQAwXxdAwQAwXzKAwQAwlcDAwQAwlcQAwQAwlcWAwQAwlclAwQA
wlexAwQA1MDTMA0GCSqGSIb3DQEBCwUAA4IBAQADfArlIeWYd6qzEvcY7x49TRky
9+9De4Al5dQEi/Iq45dMqxCwUSGDhkZq7jw8jyfy/gqfEqWErZrVAiMAF1k63CLC
bquzeXUSKkiHQj7PQQu+CHFDH2B0SNA2UZdvh3No/AvgUt9vKx77gRbNXH3cQDOR
n5nGMIF3zx2Dpc8zq/72REXs+TeEvbVKlStujtLUCeqvANlWmC3rB62cSExai0jC
962mjy0VwKy9ApV38zMyJmEHPNZbgSTmSbjyIK8ifnT01jBS1fMBwYWn+dKXTRT9
9JL2hhWkK+GAI46zNoVQvYkcd1QLDsOEpnrFMQ7tpcgpK2K+PaO/BhgczdvP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:57 2023 by rpki-client on console-fra.rpki-client.org