Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G13BRU6AdZnd_VoDwAWq75fBfB0.roa
File: G13BRU6AdZnd_VoDwAWq75fBfB0.roa (raw, json)
Hash identifier: vQtqBp9cj8QbsZKanMWwTGlwYrFaXcO4byf07q28glA=
Subject key identifier: 1B:5D:C1:45:4E:80:75:99:DD:FD:5A:03:C0:05:AA:EF:97:C1:7C:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188D3C505BACAC783E56B3BA18D43A9A628
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G13BRU6AdZnd_VoDwAWq75fBfB0.roa
Signing time: Mon 19 Jun 2023 13:08:04 +0000
ROA not before: Mon 19 Jun 2023 13:08:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
193.124.124.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.22.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.247.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
192.124.170.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:c5:05:ba:ca:c7:83:e5:6b:3b:a1:8d:43:a9:a6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 19 13:08:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b5dc1454e807599ddfd5a03c005aaef97c17c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:75:aa:f0:df:0b:b5:9d:19:54:82:ed:5b:3b:
55:1c:1a:e9:55:13:a3:bd:65:5f:ce:45:f3:52:cb:
40:43:78:8f:35:6c:60:94:aa:9b:0d:ee:a6:f8:e1:
14:42:13:7e:5e:f2:f8:19:3b:ea:dd:fd:39:75:14:
7e:1f:d6:d0:ef:40:19:ee:a1:fa:14:b3:e6:27:e2:
d1:57:de:b4:ca:cc:a2:b5:35:4f:91:13:6d:1f:14:
c1:12:f0:7d:c7:a0:af:f7:58:4f:44:d1:88:f9:92:
9c:f4:50:e9:01:bb:56:a9:3f:18:fe:3a:e3:80:5c:
b3:2d:d3:69:83:9f:de:ae:04:9c:c3:a7:5e:ea:3f:
9d:ea:73:5e:d9:f4:6f:78:b5:06:5d:81:09:25:81:
3f:1c:4a:f4:99:d8:34:3c:ef:c7:7d:bc:90:7b:6d:
f7:02:0a:30:68:09:08:5e:e5:b7:84:59:69:1d:c8:
84:9d:2d:27:fa:d0:c3:82:69:4b:ad:97:87:5c:2a:
c8:9c:94:c8:6e:d7:ef:57:39:ea:73:ec:4d:07:2c:
d4:03:53:e1:a8:1c:37:9e:96:d5:91:d0:d2:cb:d7:
a4:10:27:72:83:1d:52:e5:0a:fb:c7:4b:7c:23:a4:
f0:ed:dd:1e:4c:5d:09:28:bb:e1:e7:8d:65:45:f1:
15:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5D:C1:45:4E:80:75:99:DD:FD:5A:03:C0:05:AA:EF:97:C1:7C:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G13BRU6AdZnd_VoDwAWq75fBfB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.170.0/24
192.124.178.0/24
192.124.181.0/24
192.124.189.0-192.124.191.255
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.16.0/24
193.124.49.0/24
193.124.80.0/24
193.124.90.0/24
193.124.124.0/24
193.124.133.0/24
193.124.200.0-193.124.202.255
193.124.204.0/24
194.58.38.0/24
194.58.42.0/24
194.58.47.0/24
194.58.59.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0-194.87.27.255
194.87.36.0/23
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.105.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.160.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.176.0/23
194.87.179.0/24
194.87.181.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.22.0/24
195.133.30.0/24
195.133.35.0/24
195.133.74.0/24
195.133.84.0/23
195.133.194.0/23
212.192.8.0/24
212.192.10.0/24
212.192.241.0/24
212.192.244.0/24
212.192.247.0-212.192.251.255
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:1e:2f:5f:ba:b0:40:92:96:75:6e:3e:f7:04:3b:7f:f6:0c:
38:01:15:fc:13:69:d7:a9:a2:64:72:22:44:7c:8c:c2:b6:a6:
38:42:97:24:0a:bd:e6:d6:b5:6a:8a:2b:61:2a:c3:be:61:a9:
95:ff:3c:7f:cd:d9:6c:99:ec:12:39:48:70:6c:96:05:64:c8:
dc:86:23:23:13:93:51:69:f7:36:0e:3e:cf:fa:c2:89:9f:21:
75:1a:ac:cb:7a:49:15:45:3e:ac:33:33:a5:81:21:83:ed:c0:
a6:5d:7d:43:6e:7c:c6:78:70:14:ce:68:4b:bf:c2:7d:76:b6:
47:56:7b:80:16:0e:fd:dc:7b:9a:4e:57:ad:27:8f:23:1e:f8:
16:99:4d:39:c6:f3:c8:58:70:63:e6:f5:af:34:de:84:a9:9d:
df:65:66:c2:8a:10:5c:07:96:94:89:a3:36:c3:39:fb:1e:25:
f2:cc:43:72:e5:f4:68:2c:77:37:81:04:40:c5:1f:ab:8f:2f:
8d:74:b2:96:59:2e:f8:0c:9a:ec:3b:d8:37:3f:11:34:f4:5b:
47:22:4d:9e:2f:5b:9e:f1:67:7b:58:50:72:58:14:40:7b:f4:
af:13:12:e1:ba:db:b7:40:77:c8:9a:74:79:07:2c:af:4c:ec:
e3:05:c6:2d
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgISAYjTxQW6yseD5Ws7oY1DqaYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjE5MTMwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjVkYzE0NTRlODA3NTk5ZGRmZDVhMDNjMDA1YWFlZjk3YzE3YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3Wq8N8LtZ0ZVILtWztVHBrpVROj
vWVfzkXzUstAQ3iPNWxglKqbDe6m+OEUQhN+XvL4GTvq3f05dRR+H9bQ70AZ7qH6
FLPmJ+LRV960ysyitTVPkRNtHxTBEvB9x6Cv91hPRNGI+ZKc9FDpAbtWqT8Y/jrj
gFyzLdNpg5/ergScw6de6j+d6nNe2fRveLUGXYEJJYE/HEr0mdg0PO/HfbyQe233
AgowaAkIXuW3hFlpHciEnS0n+tDDgmlLrZeHXCrInJTIbtfvVznqc+xNByzUA1Ph
qBw3npbVkdDSy9ekECdygx1S5Qr7x0t8I6Tw7d0eTF0JKLvh541lRfEVQwIDAQAB
o4IEFTCCBBEwHQYDVR0OBBYEFBtdwUVOgHWZ3f1aA8AFqu+XwXwdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzEzQlJVNkFkWm5kX1ZvRHdBV3E3NWZCZkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICKQYIKwYBBQUHAQcBAf8EggIYMIICFDCCAhAEAgABMIIC
CAMEAD5M4QMEAT5M5gMEAMB8qgMEAMB8sgMEAMB8tTAMAwQAwHy9AwQGwHyAAwQA
wXwDAwQAwXwGAwQAwXwIAwQAwXwQAwQAwXwxAwQAwXxQAwQAwXxaAwQAwXx8AwQA
wXyFMAwDBAPBfMgDBADBfMoDBADBfMwDBADCOiYDBADCOioDBADCOi8DBADCOjsD
BADCOpoDBADCOt8wDAMEAMJXAQMEAsJXAAMEAMJXBzAMAwQAwlcLAwQAwlcMAwQA
wlcQAwQAwlcSMAwDBAHCVxYDBALCVxgDBAHCVyQDBADCVysDBADCVzgDBADCV0kD
BADCV04DBADCV1MDBADCV2kDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IwDAMEAMJX
hQMEA8JXgAMEAMJXoAMEAMJXogMEAMJXpgMEAMJXqAMEAMJXrAMEAcJXsAMEAMJX
swMEAMJXtQMEAMJXuwMEAMJXvgMEAMJXyAMEAMJXygMEAMJXzAMEAMJX3gMEAMJX
8AMEAMJX8zAMAwQAwocXAwQAwocYAwQAwocuAwQAwzokAwQAwzo2AwQBwzo6AwQB
wzo+AwQAw4UAAwQAw4UWAwQAw4UeAwQAw4UjAwQAw4VKAwQBw4VUAwQBw4XCAwQA
1MAIAwQA1MAKAwQA1MDxAwQA1MD0MAwDBADUwPcDBALUwPgDBADUwQ8wDQYJKoZI
hvcNAQELBQADggEBAEweL1+6sECSlnVuPvcEO3/2DDgBFfwTadepomRyIkR8jMK2
pjhClyQKvebWtWqKK2Eqw75hqZX/PH/N2WyZ7BI5SHBslgVkyNyGIyMTk1Fp9zYO
Ps/6womfIXUarMt6SRVFPqwzM6WBIYPtwKZdfUNufMZ4cBTOaEu/wn12tkdWe4AW
Dv3ce5pOV60njyMe+BaZTTnG88hYcGPm9a803oSpnd9lZsKKEFwHlpSJozbDOfse
JfLMQ3Ll9GgsdzeBBEDFH6uPL410spZZLvgMmuw72Dc/ETT0W0ciTZ4vW57xZ3tY
UHJYFEB79K8TEuG627dAd8iadHkHLK9M7OMFxi0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:59 2023 by rpki-client on console-fra.rpki-client.org