Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DnQGEPrv823A5a81tFTll_2gVXU.roa
File: DnQGEPrv823A5a81tFTll_2gVXU.roa (raw, json)
Hash identifier: 29uevvF+pcQSu1bgc26eRhqy5Ex7RKxg8cWnRq9MdFc=
Subject key identifier: 0E:74:06:10:FA:EF:F3:6D:C0:E5:AF:35:B4:54:E5:97:FD:A0:55:75
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188D3EA8F1DAF16A641B22703B5884CE4B1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DnQGEPrv823A5a81tFTll_2gVXU.roa
Signing time: Mon 19 Jun 2023 13:49:04 +0000
ROA not before: Mon 19 Jun 2023 13:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
193.124.124.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.22.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.247.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
192.124.170.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:ea:8f:1d:af:16:a6:41:b2:27:03:b5:88:4c:e4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 19 13:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e740610faeff36dc0e5af35b454e597fda05575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:fd:8c:ae:f6:b6:fb:34:7b:e3:6b:09:22:
68:45:48:3f:77:d3:df:24:84:08:08:25:81:10:23:
ab:e7:02:f4:01:d0:7c:b7:db:56:90:68:52:fc:c9:
42:a1:6f:d1:8d:6a:ac:4a:e0:c0:a5:b9:63:9b:76:
13:1e:04:d2:54:cb:0e:9b:31:05:0a:4c:34:8f:69:
91:cb:6f:e5:97:f6:bf:4e:14:a1:50:de:08:b5:cd:
3f:53:58:d0:86:40:0f:53:f7:43:d1:8b:c7:5a:a5:
5b:e5:f1:32:bc:cd:b7:45:9d:65:42:24:bf:95:33:
00:cd:cd:3c:c2:89:c5:8c:2e:c6:fb:be:06:44:88:
48:61:58:b8:f3:c5:ca:68:a9:07:22:19:2c:81:c3:
28:19:c4:a7:4f:7d:fa:4c:1b:8b:f9:6f:9b:39:b2:
99:d4:81:1a:c2:6a:6c:af:10:25:74:cf:80:24:f6:
49:82:72:83:82:3f:bc:c2:0f:c3:33:8e:2d:c3:a1:
99:21:c1:12:ef:af:c7:a8:fb:cb:b6:03:f9:ac:d5:
18:c5:8d:66:ba:34:44:7d:21:59:f9:5e:3f:d4:b7:
0b:26:b9:11:1c:2a:55:d2:2f:cd:9d:b0:c9:c1:c5:
26:39:5b:c6:b8:42:94:be:9b:a4:41:b1:d9:e5:84:
a6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:74:06:10:FA:EF:F3:6D:C0:E5:AF:35:B4:54:E5:97:FD:A0:55:75
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DnQGEPrv823A5a81tFTll_2gVXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.170.0/24
192.124.178.0/24
192.124.181.0/24
192.124.189.0-192.124.191.255
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.16.0/24
193.124.49.0/24
193.124.80.0/24
193.124.90.0/24
193.124.124.0/24
193.124.133.0/24
193.124.200.0-193.124.202.255
193.124.204.0/24
194.58.38.0/24
194.58.42.0/24
194.58.47.0/24
194.58.59.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0-194.87.27.255
194.87.36.0/23
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.105.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.160.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.176.0/23
194.87.179.0/24
194.87.181.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.22.0/24
195.133.30.0/24
195.133.35.0/24
195.133.74.0/24
195.133.84.0/23
195.133.194.0/23
212.192.8.0/24
212.192.10.0/24
212.192.223.0/24
212.192.241.0/24
212.192.244.0/24
212.192.247.0-212.192.251.255
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:62:48:44:05:47:5d:36:5f:ac:eb:7a:45:80:85:2a:98:92:
2e:1c:5f:20:2b:01:15:c0:ac:1c:82:7d:89:03:cf:a1:a1:a6:
b2:e5:28:82:9c:9d:c2:91:7c:dd:2b:0e:38:05:1c:e3:06:d4:
24:cb:2d:f3:bd:f7:cf:bf:a9:a0:f8:d3:6f:14:de:ef:7d:53:
18:c8:80:c0:54:c9:c0:d2:d9:23:a2:14:27:1b:57:d0:f4:95:
0e:00:d8:c3:d3:83:1a:b2:99:3d:b2:01:5c:16:05:fc:1d:a7:
90:02:78:8e:a2:7b:1e:0c:a9:b9:40:d5:72:dc:6b:eb:96:aa:
93:c6:ca:fe:c0:75:7a:5f:4a:4c:66:cd:4f:8b:04:5c:53:af:
3c:04:f9:75:22:ec:ac:d8:9c:77:c2:dc:7a:c7:69:26:b0:76:
ca:9b:ce:d0:16:07:5e:a1:60:78:c9:97:d5:6e:4c:a3:f1:a8:
2c:91:e1:1b:ce:7c:ee:12:c8:30:c8:a8:91:0d:94:1c:f4:48:
cb:f2:81:37:5e:b4:60:ba:da:20:ea:3f:20:aa:cc:43:d0:fa:
1d:71:f7:c5:ce:b8:29:2c:3d:c8:ec:52:09:b6:1a:08:5b:60:
42:56:06:36:b8:15:8b:fe:19:b6:78:7a:8c:42:3a:31:67:80:
b2:67:d9:7c
-----BEGIN CERTIFICATE-----
MIIHDzCCBfegAwIBAgISAYjT6o8drxamQbInA7WITOSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjE5MTM0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc0MDYxMGZhZWZmMzZkYzBlNWFmMzViNDU0ZTU5N2ZkYTA1NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXv9jK72tvs0e+NrCSJoRUg/d9Pf
JIQICCWBECOr5wL0AdB8t9tWkGhS/MlCoW/RjWqsSuDApbljm3YTHgTSVMsOmzEF
Ckw0j2mRy2/ll/a/ThShUN4Itc0/U1jQhkAPU/dD0YvHWqVb5fEyvM23RZ1lQiS/
lTMAzc08wonFjC7G+74GRIhIYVi488XKaKkHIhksgcMoGcSnT336TBuL+W+bObKZ
1IEawmpsrxAldM+AJPZJgnKDgj+8wg/DM44tw6GZIcES76/HqPvLtgP5rNUYxY1m
ujREfSFZ+V4/1LcLJrkRHCpV0i/NnbDJwcUmOVvGuEKUvpukQbHZ5YSmgQIDAQAB
o4IEGzCCBBcwHQYDVR0OBBYEFA50BhD67/NtwOWvNbRU5Zf9oFV1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRG5RR0VQcnY4MjNBNWE4MXRGVGxsXzJnVlhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICLwYIKwYBBQUHAQcBAf8EggIeMIICGjCCAhYEAgABMIIC
DgMEAD5M4QMEAT5M5gMEAMB8qgMEAMB8sgMEAMB8tTAMAwQAwHy9AwQGwHyAAwQA
wXwDAwQAwXwGAwQAwXwIAwQAwXwQAwQAwXwxAwQAwXxQAwQAwXxaAwQAwXx8AwQA
wXyFMAwDBAPBfMgDBADBfMoDBADBfMwDBADCOiYDBADCOioDBADCOi8DBADCOjsD
BADCOpoDBADCOt8wDAMEAMJXAQMEAsJXAAMEAMJXBzAMAwQAwlcLAwQAwlcMAwQA
wlcQAwQAwlcSMAwDBAHCVxYDBALCVxgDBAHCVyQDBADCVysDBADCVzgDBADCV0kD
BADCV04DBADCV1MDBADCV2kDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IwDAMEAMJX
hQMEA8JXgAMEAMJXoAMEAMJXogMEAMJXpgMEAMJXqAMEAMJXrAMEAcJXsAMEAMJX
swMEAMJXtQMEAMJXuwMEAMJXvgMEAMJXyAMEAMJXygMEAMJXzAMEAMJX3gMEAMJX
8AMEAMJX8zAMAwQAwocXAwQAwocYAwQAwocuAwQAwzokAwQAwzo2AwQBwzo6AwQB
wzo+AwQAw4UAAwQAw4UWAwQAw4UeAwQAw4UjAwQAw4VKAwQBw4VUAwQBw4XCAwQA
1MAIAwQA1MAKAwQA1MDfAwQA1MDxAwQA1MD0MAwDBADUwPcDBALUwPgDBADUwQ8w
DQYJKoZIhvcNAQELBQADggEBACpiSEQFR102X6zrekWAhSqYki4cXyArARXArByC
fYkDz6GhprLlKIKcncKRfN0rDjgFHOMG1CTLLfO998+/qaD4028U3u99UxjIgMBU
ycDS2SOiFCcbV9D0lQ4A2MPTgxqymT2yAVwWBfwdp5ACeI6iex4MqblA1XLca+uW
qpPGyv7AdXpfSkxmzU+LBFxTrzwE+XUi7KzYnHfC3HrHaSawdsqbztAWB16hYHjJ
l9VuTKPxqCyR4RvOfO4SyDDIqJENlBz0SMvygTdetGC62iDqPyCqzEPQ+h1x98XO
uCksPcjsUgm2GghbYEJWBja4FYv+GbZ4eoxCOjFngLJn2Xw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org