Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Gss8qMbdPQjPVLT7m6IlVym2sOo.roa
File: Gss8qMbdPQjPVLT7m6IlVym2sOo.roa (raw, json)
Hash identifier: +BLEeXxqce/dyTss/OzihzunnX9Po+gys0oLZJ2PucE=
Subject key identifier: 1A:CB:3C:A8:C6:DD:3D:08:CF:54:B4:FB:9B:A2:25:57:29:B6:B0:EA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D06284CCF87E32F9E9F0CC62C19F3907F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Gss8qMbdPQjPVLT7m6IlVym2sOo.roa
Signing time: Sun 14 Jan 2024 04:08:40 +0000
ROA not before: Sun 14 Jan 2024 04:08:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 212.193.13.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 10:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:28:4c:cf:87:e3:2f:9e:9f:0c:c6:2c:19:f3:90:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 14 04:08:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1acb3ca8c6dd3d08cf54b4fb9ba2255729b6b0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:81:84:44:42:0f:5c:ee:a4:04:f7:29:0b:56:
48:a8:46:83:e8:1f:57:df:e5:20:f8:35:41:fa:c4:
93:da:62:65:68:3e:a1:72:5e:e8:0f:8f:4e:f3:d9:
8f:07:30:b8:d6:90:4c:f5:7a:e7:9d:a8:28:42:b1:
84:f7:f9:8b:fe:4e:95:c8:94:61:3c:7b:ad:a0:11:
62:52:cf:1c:0c:b9:6a:3f:0b:e1:aa:9f:30:82:5a:
f2:54:22:af:dd:ab:74:bb:09:e0:1b:d6:83:42:bd:
ad:01:0f:a6:c7:34:1a:0e:9e:d3:28:f6:3c:4f:6c:
86:43:45:4e:70:31:8d:a4:d9:7d:47:63:94:a8:c2:
fc:48:1d:a6:61:df:29:88:79:fe:27:3a:5b:21:9c:
bf:6c:d6:84:2c:fe:70:ee:62:92:02:89:ee:46:b6:
ad:0c:de:ee:72:b4:6d:56:a5:68:58:88:72:2d:2a:
26:58:3d:a0:c6:09:5d:a0:1a:fa:97:79:8a:7c:98:
a5:c9:00:ac:7c:29:7e:76:66:53:ee:11:75:24:86:
68:1a:fc:05:9d:f8:c9:68:40:65:30:84:48:d8:79:
92:fa:4c:73:98:d5:06:20:bd:43:fa:6d:3b:69:12:
ea:bc:f7:04:be:74:6a:b0:85:84:be:af:37:29:b1:
12:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:CB:3C:A8:C6:DD:3D:08:CF:54:B4:FB:9B:A2:25:57:29:B6:B0:EA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Gss8qMbdPQjPVLT7m6IlVym2sOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.42.0/24
194.58.66.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.74.0/24
195.133.84.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
03:4b:71:34:66:8b:62:46:38:b8:41:da:55:17:da:f8:39:d4:
cd:79:e1:17:9e:10:b5:85:a9:6b:9b:54:39:49:4c:eb:81:71:
0e:62:e2:44:1b:01:d2:25:f7:7c:f8:f1:9f:22:71:1e:21:ad:
15:8d:21:ce:f5:89:fd:11:a5:f2:3c:70:97:a6:af:02:de:06:
50:73:99:61:3c:c3:7a:1b:fd:88:6e:10:79:c8:0f:3f:37:78:
46:1d:33:7f:22:a9:52:1e:4f:20:e4:58:bb:cd:ea:c8:2d:c8:
87:b2:49:f4:58:3d:f9:65:fd:cb:1c:29:d2:2a:12:e4:39:3c:
4e:39:d9:e7:7b:7d:8a:a9:2d:c1:16:6b:0e:3f:04:b9:d5:dc:
6a:64:4c:09:bb:c3:6e:65:33:aa:97:ae:b5:e9:1d:dc:7a:dc:
0e:d9:e7:d8:86:36:29:ab:86:9e:0e:1f:54:e8:a6:5b:79:74:
62:d5:6d:5e:8f:84:76:f5:f6:42:a9:00:a3:dd:cc:53:fc:02:
be:57:0c:ca:e3:25:5a:12:d2:e7:bf:0b:98:08:90:ae:f8:d2:
aa:26:df:4d:ba:07:d5:2d:f5:40:78:d4:ae:dc:00:05:66:33:
fe:5a:00:f7:37:27:60:e5:0c:d7:1e:1e:99:34:54:61:f5:b6:
09:a8:ae:3a
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY0GKEzPh+Mvnp8MxiwZ85B/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE0MDQwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWNiM2NhOGM2ZGQzZDA4Y2Y1NGI0ZmI5YmEyMjU1NzI5YjZiMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIGEREIPXO6kBPcpC1ZIqEaD6B9X
3+Ug+DVB+sST2mJlaD6hcl7oD49O89mPBzC41pBM9XrnnagoQrGE9/mL/k6VyJRh
PHutoBFiUs8cDLlqPwvhqp8wglryVCKv3at0uwngG9aDQr2tAQ+mxzQaDp7TKPY8
T2yGQ0VOcDGNpNl9R2OUqML8SB2mYd8piHn+JzpbIZy/bNaELP5w7mKSAonuRrat
DN7ucrRtVqVoWIhyLSomWD2gxgldoBr6l3mKfJilyQCsfCl+dmZT7hF1JIZoGvwF
nfjJaEBlMIRI2HmS+kxzmNUGIL1D+m07aRLqvPcEvnRqsIWEvq83KbESwwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFBrLPKjG3T0Iz1S0+5uiJVcptrDqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR3NzOHFNYmRQUWpQVkxUN202SWxWeW0yc09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAA+
TOMDBAC5SAoDBADAfLcDBADBfC8DBADBfF8DBADBfMoDBADCOioDBADCOkIDBADC
VxoDBADCV0wDBADCV1EDBADCV4ADBADCV5UDBADCV6oDBADCV6wDBADCV7sDBADC
V74DBADCV9cDBADCV+ADBADCV+UDBADCV+cDBADChyEDBADDOjYDBADDOj8DBADD
hQIDBADDhRkDBADDhRsDBADDhUoDBADDhVQDBADUwAEDBADUwNYDBADUwN4DBADU
wQ0DBADUwRkwDQYJKoZIhvcNAQELBQADggEBAANLcTRmi2JGOLhB2lUX2vg51M15
4ReeELWFqWubVDlJTOuBcQ5i4kQbAdIl93z48Z8icR4hrRWNIc71if0RpfI8cJem
rwLeBlBzmWE8w3ob/YhuEHnIDz83eEYdM38iqVIeTyDkWLvN6sgtyIeySfRYPfll
/cscKdIqEuQ5PE452ed7fYqpLcEWaw4/BLnV3GpkTAm7w25lM6qXrrXpHdx63A7Z
59iGNimrhp4OH1Toplt5dGLVbV6PhHb19kKpAKPdzFP8Ar5XDMrjJVoS0ue/C5gI
kK740qom3026B9Ut9UB41K7cAAVmM/5aAPc3J2DlDNceHpk0VGH1tgmorjo=
-----END CERTIFICATE-----
Generated at Mon Jan 15 14:19:03 2024 by rpki-client on console-fra.rpki-client.org