Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G9_BZTlAymkfwibMoZyCjylKLW8.roa
File: G9_BZTlAymkfwibMoZyCjylKLW8.roa (raw, json)
Hash identifier: Er1t/NQbKdcNTfBJGPObGazLXWoYCnGp+LaEOkFB/OQ=
Subject key identifier: 1B:DF:C1:65:39:40:CA:69:1F:C2:26:CC:A1:9C:82:8F:29:4A:2D:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CFCD66F7B6C1D1B1D55F03A4053DCF2A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G9_BZTlAymkfwibMoZyCjylKLW8.roa
Signing time: Fri 12 Jan 2024 08:42:40 +0000
ROA not before: Fri 12 Jan 2024 08:42:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 212.193.13.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 15:33:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:d6:6f:7b:6c:1d:1b:1d:55:f0:3a:40:53:dc:f2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 08:42:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bdfc1653940ca691fc226cca19c828f294a2d6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c7:fd:39:b4:d1:97:18:4e:3c:10:df:b9:91:
e8:13:a6:a8:6f:a5:5b:fc:83:59:67:55:9c:84:f2:
d8:60:27:52:7a:6e:d3:77:b4:76:48:6e:6f:59:60:
50:08:78:93:2c:0b:ce:f5:18:01:91:f3:91:86:3a:
af:5e:d1:e7:7a:20:29:0c:f2:2e:9f:fe:30:d5:65:
69:8f:9c:63:55:7e:04:e8:83:6b:31:b6:df:52:b7:
37:fa:02:11:0c:14:d3:37:66:9e:1a:94:78:16:d3:
09:f9:89:d5:40:65:7e:b1:55:71:1f:d9:e8:e0:b7:
2e:26:32:79:53:a5:5a:8e:51:1c:57:38:6a:28:0c:
f3:dd:25:e8:84:b4:52:9c:e6:d2:9d:b8:ce:bf:b8:
d9:a8:b9:4b:df:ad:f2:1e:da:af:9a:45:5b:73:cf:
03:27:56:27:6d:37:22:8e:69:4e:60:02:51:6f:75:
4c:f8:f2:00:a1:f6:2c:4a:98:8f:ed:e6:e6:45:db:
e1:7b:20:57:a2:1e:79:0b:b4:ba:01:74:13:ea:99:
56:50:dd:03:02:65:7a:20:48:e3:22:ff:d6:03:d5:
a5:9e:a7:4d:fa:3a:f9:2f:58:ff:2d:60:f5:54:79:
5e:78:42:2c:3f:0f:30:30:79:b1:6d:74:88:62:2c:
e9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DF:C1:65:39:40:CA:69:1F:C2:26:CC:A1:9C:82:8F:29:4A:2D:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G9_BZTlAymkfwibMoZyCjylKLW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.42.0/24
194.58.66.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.190.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.74.0/24
195.133.84.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
75:e3:d4:c2:ac:ff:c7:ff:1f:c6:c4:f3:e5:13:75:07:26:49:
24:ed:42:c3:33:0f:14:27:58:ca:30:29:5e:15:b7:ca:e2:be:
d7:73:d8:3b:d9:9a:be:41:ef:42:8a:74:6b:51:6c:e4:64:4d:
4b:0b:bd:d7:cf:d3:9e:70:b2:4a:f5:9e:4e:6f:de:95:61:d2:
b0:dc:2c:77:37:4a:ba:64:ea:ae:03:17:d0:3a:c7:16:75:7e:
74:64:ae:9f:9a:ea:6f:6d:7b:d8:de:d4:4b:a7:fc:59:98:04:
f7:a3:5b:00:dc:dd:b4:f5:c0:3c:48:12:4a:a1:96:a8:0c:10:
33:a8:cc:d2:08:de:10:c0:31:5a:8d:e0:49:93:aa:43:9e:a9:
48:36:24:3e:d9:86:c7:3a:4e:07:4d:23:ef:46:75:45:0b:23:
60:96:30:03:db:17:7e:34:cb:7d:00:9d:5d:df:16:db:1c:4e:
87:9f:b6:5a:42:9b:01:25:0a:b5:be:97:ee:80:9d:42:24:99:
13:a2:5d:1e:40:c5:6a:0d:50:1a:01:fa:ad:a7:f9:3a:4e:b4:
2f:f1:71:f6:e6:dc:5c:9b:6f:2e:03:d9:62:bd:ac:e4:f5:77:
21:cd:78:05:4f:4f:28:92:f6:7d:2f:6a:f1:36:0d:d2:87:22:
27:23:4b:bb
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYz81m97bB0bHVXwOkBT3PKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTEyMDg0MjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRmYzE2NTM5NDBjYTY5MWZjMjI2Y2NhMTljODI4ZjI5NGEyZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsf9ObTRlxhOPBDfuZHoE6aob6Vb
/INZZ1WchPLYYCdSem7Td7R2SG5vWWBQCHiTLAvO9RgBkfORhjqvXtHneiApDPIu
n/4w1WVpj5xjVX4E6INrMbbfUrc3+gIRDBTTN2aeGpR4FtMJ+YnVQGV+sVVxH9no
4LcuJjJ5U6VajlEcVzhqKAzz3SXohLRSnObSnbjOv7jZqLlL363yHtqvmkVbc88D
J1YnbTcijmlOYAJRb3VM+PIAofYsSpiP7ebmRdvheyBXoh55C7S6AXQT6plWUN0D
AmV6IEjjIv/WA9WlnqdN+jr5L1j/LWD1VHleeEIsPw8wMHmxbXSIYizpmwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFBvfwWU5QMppH8ImzKGcgo8pSi1vMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzlfQlpUbEF5bWtmd2liTW9aeUNqeWxLTFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAA+
TOMDBAC5SAoDBADAfLcDBADBfC8DBADBfF8DBADBfMoDBADCOioDBADCOkIDBADC
VxoDBADCV0wDBADCV1EDBADCV4ADBADCV5UDBADCV6oDBADCV6wDBADCV74DBADC
V+ADBADCV+UDBADCV+cDBADChyEDBADDOjYDBADDOj8DBADDhQIDBADDhRkDBADD
hRsDBADDhUoDBADDhVQDBADUwAEDBADUwNYDBADUwN4DBADUwQ0DBADUwRkwDQYJ
KoZIhvcNAQELBQADggEBAHXj1MKs/8f/H8bE8+UTdQcmSSTtQsMzDxQnWMowKV4V
t8rivtdz2DvZmr5B70KKdGtRbORkTUsLvdfP055wskr1nk5v3pVh0rDcLHc3Srpk
6q4DF9A6xxZ1fnRkrp+a6m9te9je1Eun/FmYBPejWwDc3bT1wDxIEkqhlqgMEDOo
zNII3hDAMVqN4EmTqkOeqUg2JD7Zhsc6TgdNI+9GdUULI2CWMAPbF340y30AnV3f
FtscToeftlpCmwElCrW+l+6AnUIkmROiXR5AxWoNUBoB+q2n+TpOtC/xcfbm3Fyb
by4D2WK9rOT1dyHNeAVPTyiS9n0vavE2DdKHIicjS7s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:11 2024 by rpki-client on console-fra.rpki-client.org