Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A_lFL9cw6SoIWzsgxcWFj9n9Qm0.roa
File: A_lFL9cw6SoIWzsgxcWFj9n9Qm0.roa (raw, json)
Hash identifier: dQR/DIiLpLi3w110jZAjuqFMH9rWIEEEWD96EDdvu24=
Subject key identifier: 03:F9:45:2F:D7:30:E9:2A:08:5B:3B:20:C5:C5:85:8F:D9:FD:42:6D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01857147638E3B998B17E53F3E480D961106
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A_lFL9cw6SoIWzsgxcWFj9n9Qm0.roa
Signing time: Mon 02 Jan 2023 06:59:42 +0000
ROA not before: Mon 02 Jan 2023 06:59:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.4.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:47:63:8e:3b:99:8b:17:e5:3f:3e:48:0d:96:11:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 06:59:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03f9452fd730e92a085b3b20c5c5858fd9fd426d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:97:d1:39:4b:b1:88:eb:1d:7e:fd:8d:4b:
1b:42:da:b8:ae:3b:20:9c:d0:bf:38:dc:b4:b1:70:
fd:6e:b5:ec:77:9c:4d:8d:d0:3d:60:75:83:79:d6:
bf:a8:66:73:1f:3e:e0:45:74:f5:56:02:38:de:b9:
60:29:70:1d:24:e4:4b:a0:54:46:9b:78:c9:ff:aa:
cb:1b:82:9d:d0:ba:51:5a:fb:e0:03:4d:16:8e:65:
4c:62:13:d1:58:c9:bf:50:fa:92:95:01:e9:36:73:
fd:44:14:af:15:55:2f:94:e7:04:1d:a5:09:03:7f:
1d:be:20:de:f2:ba:10:11:df:a7:39:cb:08:fa:6d:
db:08:63:93:31:88:69:92:53:17:69:3b:30:08:18:
46:de:84:f2:08:fc:a4:56:e1:78:2f:cd:44:08:09:
89:e3:94:66:d4:49:96:03:d8:3e:23:a8:fb:ed:58:
b2:96:70:49:29:eb:ae:b7:50:ab:42:ac:3e:ee:9f:
6a:84:74:a1:64:33:cd:38:a4:42:90:37:62:b7:63:
b1:5a:2e:fe:1c:b2:aa:85:ad:b7:e6:cb:7d:17:b2:
1c:13:3d:ff:ff:98:b1:50:36:db:f3:4a:7e:7f:57:
e8:b7:38:32:b4:19:58:80:77:f2:88:39:41:64:22:
b5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F9:45:2F:D7:30:E9:2A:08:5B:3B:20:C5:C5:85:8F:D9:FD:42:6D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A_lFL9cw6SoIWzsgxcWFj9n9Qm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0-193.124.4.255
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c7:df:36:c9:4f:a7:b6:fd:31:ca:66:e8:df:fe:73:89:a2:
76:0b:d4:a0:b4:dd:0a:56:fd:b8:df:27:17:58:20:9e:36:cc:
b8:f3:b0:a0:bb:a6:67:a3:c4:35:e7:ad:12:09:70:77:7c:cf:
40:d4:f1:77:65:77:ca:85:8f:f2:9e:3c:ee:8a:78:59:a7:9a:
0a:6e:ae:c2:28:ca:29:d6:b1:01:f2:6a:48:a1:cb:bf:cc:40:
25:76:81:f8:ba:eb:d9:ee:2b:bd:e3:5b:1f:20:04:f8:9f:f1:
c5:9e:65:7e:97:cc:15:49:84:ff:d2:f4:26:0a:f8:9f:79:b2:
0b:3c:a6:f6:d0:3b:b5:56:e9:60:7f:c2:75:0e:be:3d:1a:5a:
96:3e:1a:d0:bf:f9:ad:a0:c6:5f:b5:c6:45:93:82:de:46:de:
24:70:ce:04:e8:12:97:29:c4:45:89:28:ef:de:f6:68:9c:f6:
26:67:c5:62:13:21:41:48:33:4b:09:27:93:bb:e5:90:ec:4d:
02:d2:66:5c:49:5c:35:24:b8:34:ab:c8:c1:c6:0a:28:2a:00:
3f:54:48:3c:d4:cf:80:c3:64:e3:cd:2c:bc:02:bf:61:f7:65:
46:7b:a3:19:cd:6a:ce:ac:fd:82:0b:31:60:0c:0e:ba:85:71:
22:ea:4a:3b
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAYVxR2OOO5mLF+U/PkgNlhEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAyMDY1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Y5NDUyZmQ3MzBlOTJhMDg1YjNiMjBjNWM1ODU4ZmQ5ZmQ0MjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHWX0TlLsYjrHX79jUsbQtq4rjsg
nNC/ONy0sXD9brXsd5xNjdA9YHWDeda/qGZzHz7gRXT1VgI43rlgKXAdJORLoFRG
m3jJ/6rLG4Kd0LpRWvvgA00WjmVMYhPRWMm/UPqSlQHpNnP9RBSvFVUvlOcEHaUJ
A38dviDe8roQEd+nOcsI+m3bCGOTMYhpklMXaTswCBhG3oTyCPykVuF4L81ECAmJ
45Rm1EmWA9g+I6j77ViylnBJKeuut1CrQqw+7p9qhHShZDPNOKRCkDdit2OxWi7+
HLKqha235st9F7IcEz3//5ixUDbb80p+f1fotzgytBlYgHfyiDlBZCK1tQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFAP5RS/XMOkqCFs7IMXFhY/Z/UJtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQV9sRkw5Y3c2U29JV3pzZ3hjV0ZqOW45UW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCAU4EAgABMIIB
RgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tDAMAwQAwXwDAwQAwXwEAwQAwXwGAwQA
wXwIAwQAwXwSAwQAwXyFAwQAwXzJAwQAwXzLAwQAwXzPAwQAwjomAwQAwjoqMAwD
BADCOi0DBATCOiADBADCOjsDBADCVwcDBALCVxgDBADCVzgDBADCV0wDBAHCV1ID
BADCV2gDBADCV3QDBADCV3YDBADCV3sDBADCV4gDBAHCV4oDBADCV5UDBADCV6MD
BADCV6UwDAMEAMJXqwMEAMJXrAMEAMJXsAMEAMJXtgMEAcJXxgMEAMJXygMEAcJX
0AMEAcJX3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQA
w4VeAwQAw4XDAwQB1MAAAwQA1MAKAwQA1MDeAwQA1MEAAwQA1MEMMA0GCSqGSIb3
DQEBCwUAA4IBAQBSx982yU+ntv0xymbo3/5ziaJ2C9SgtN0KVv243ycXWCCeNsy4
87Cgu6Zno8Q1560SCXB3fM9A1PF3ZXfKhY/ynjzuinhZp5oKbq7CKMop1rEB8mpI
ocu/zEAldoH4uuvZ7iu941sfIAT4n/HFnmV+l8wVSYT/0vQmCvifebILPKb20Du1
Vulgf8J1Dr49GlqWPhrQv/mtoMZftcZFk4LeRt4kcM4E6BKXKcRFiSjv3vZonPYm
Z8ViEyFBSDNLCSeTu+WQ7E0C0mZcSVw1JLg0q8jBxgooKgA/VEg81M+Aw2TjzSy8
Ar9h92VGe6MZzWrOrP2CCzFgDA66hXEi6ko7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org