Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H8ZcUV77K7AhqqdRrpgBbHLqHPQ.roa
File: H8ZcUV77K7AhqqdRrpgBbHLqHPQ.roa (raw, json)
Hash identifier: dNpDLbOAa3AAWhcnaLnNuKB/tyOLktWaYXNrv25nXPo=
Subject key identifier: 1F:C6:5C:51:5E:FB:2B:B0:21:AA:A7:51:AE:98:01:6C:72:EA:1C:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D22C0694AA34B6E48F172542F34E1EA8E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H8ZcUV77K7AhqqdRrpgBbHLqHPQ.roa
Signing time: Fri 19 Jan 2024 17:24:11 +0000
ROA not before: Fri 19 Jan 2024 17:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:22:c0:69:4a:a3:4b:6e:48:f1:72:54:2f:34:e1:ea:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 17:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fc65c515efb2bb021aaa751ae98016c72ea1cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:11:f9:fa:77:d4:4e:4b:b8:f5:b0:9c:b0:b4:
81:68:c2:5a:3b:31:30:dd:fa:05:cd:9e:bd:87:70:
07:40:ed:ce:65:be:8f:66:d5:dc:54:5c:89:92:ff:
8c:a1:e2:d7:ed:29:0f:22:2a:06:a4:68:33:9b:d1:
26:f4:58:f8:3d:3f:cf:48:40:bd:b4:77:d6:38:68:
86:a8:dc:89:54:91:71:10:fe:3b:49:39:f7:cd:42:
c1:b3:75:a4:af:b6:94:e5:4b:3d:d8:d2:e0:65:c7:
65:9a:c4:1f:1e:a6:93:94:90:26:e1:62:88:0f:fb:
85:cc:a2:97:af:32:3a:d3:f5:26:17:80:83:1a:08:
09:76:87:a6:5f:89:32:fb:5b:64:cf:2e:da:bd:f9:
46:e0:94:ae:0f:f8:0d:86:1d:4f:ea:a6:72:97:db:
8f:3f:bf:96:63:f8:b4:4d:9d:c4:81:50:21:4c:83:
82:ca:f2:e3:a9:61:16:9f:fc:f3:af:31:38:56:9f:
1c:36:6b:36:4f:0d:ad:d9:5b:a7:06:1f:d7:a4:c8:
99:5d:d2:40:a1:ab:5e:2f:e9:70:cb:96:04:61:c6:
87:0e:77:29:d4:98:3c:62:7b:f9:1e:fd:6d:2e:47:
75:0c:32:5a:08:de:bf:88:47:54:65:72:7e:74:37:
1e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C6:5C:51:5E:FB:2B:B0:21:AA:A7:51:AE:98:01:6C:72:EA:1C:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H8ZcUV77K7AhqqdRrpgBbHLqHPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.40.0/24
194.87.76.0/24
194.87.81.0/24
194.87.88.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.87.245.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
00:76:c1:cc:b2:6a:b6:6e:47:33:d7:3f:35:41:97:bf:56:17:
d5:ec:9e:c5:f3:b8:9f:d8:f8:b5:91:f8:50:2a:30:e8:29:a6:
67:e5:b2:d7:d5:66:52:a6:87:38:e3:e5:b7:90:56:16:37:4f:
9e:a2:fd:c4:52:06:4c:b5:4a:ac:7e:7d:37:96:f5:b5:b2:08:
3c:c0:6c:31:ea:2c:c5:6d:19:73:dd:74:b1:89:99:18:92:21:
f1:47:77:b3:73:46:a2:16:a2:79:e6:e6:99:5e:7b:f0:12:d1:
56:e6:3b:c7:f1:93:b1:fa:f6:f3:b5:cc:f8:9f:1b:8e:c4:29:
27:04:4e:82:a9:7b:54:7a:37:e1:7b:9d:19:dc:2f:8c:48:6f:
c2:13:84:7f:c8:35:02:97:25:4d:85:f7:e3:f6:67:c7:09:b7:
f4:ed:96:c5:62:97:88:69:da:0a:27:3a:75:c5:4d:4b:ba:33:
cd:11:5f:59:a9:54:4f:9d:d0:a9:6f:23:15:60:54:b3:ac:31:
ef:6d:5f:8b:3d:c5:9f:0e:79:e5:df:81:b4:dd:74:c1:d7:b4:
99:0b:61:a3:d2:2d:71:b5:5b:35:73:0d:f5:66:0e:05:31:18:
2c:c4:77:f8:27:5e:33:b5:fa:14:9b:e4:98:aa:68:68:24:d3:
6d:37:15:a8
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAY0iwGlKo0tuSPFyVC804eqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE5MTcyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM2NWM1MTVlZmIyYmIwMjFhYWE3NTFhZTk4MDE2YzcyZWExY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBH5+nfUTku49bCcsLSBaMJaOzEw
3foFzZ69h3AHQO3OZb6PZtXcVFyJkv+MoeLX7SkPIioGpGgzm9Em9Fj4PT/PSEC9
tHfWOGiGqNyJVJFxEP47STn3zULBs3Wkr7aU5Us92NLgZcdlmsQfHqaTlJAm4WKI
D/uFzKKXrzI60/UmF4CDGggJdoemX4ky+1tkzy7avflG4JSuD/gNhh1P6qZyl9uP
P7+WY/i0TZ3EgVAhTIOCyvLjqWEWn/zzrzE4Vp8cNms2Tw2t2VunBh/XpMiZXdJA
oateL+lwy5YEYcaHDncp1Jg8Ynv5Hv1tLkd1DDJaCN6/iEdUZXJ+dDceLwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFB/GXFFe+yuwIaqnUa6YAWxy6hz0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSDhaY1VWNzdLN0FocXFkUnJwZ0JiSExxSFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCCAQwEAgABMIIB
BAMEAD5M4wMEALlICgMEAMB8twMEAMF8LwMEAMF8XwMEAMF8yjAMAwQAwjopAwQA
wjoqAwQAwjpCAwQAwjqaAwQAwlcaAwQAwlcoAwQAwldMAwQAwldRAwQAwldYAwQA
wleAAwQAwleVAwQAwleXAwQAwleqAwQAwlesAwQAwle7AwQAwle+AwQAwlfJAwQA
wlfXAwQAwlfgAwQAwlflAwQAwlfnAwQAwlf1AwQAwochAwQAwzo2AwQAwzo8AwQA
wzo/AwQAw4UCAwQAw4UZAwQAw4UbAwQAw4VIAwQAw4VUAwQAw4XAAwQA1MABAwQA
1MDWAwQA1MDeAwQA1MENAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQAAdsHMsmq2
bkcz1z81QZe/VhfV7J7F87if2Pi1kfhQKjDoKaZn5bLX1WZSpoc44+W3kFYWN0+e
ov3EUgZMtUqsfn03lvW1sgg8wGwx6izFbRlz3XSxiZkYkiHxR3ezc0aiFqJ55uaZ
XnvwEtFW5jvH8ZOx+vbztcz4nxuOxCknBE6CqXtUejfhe50Z3C+MSG/CE4R/yDUC
lyVNhffj9mfHCbf07ZbFYpeIadoKJzp1xU1LujPNEV9ZqVRPndCpbyMVYFSzrDHv
bV+LPcWfDnnl34G03XTB17SZC2Gj0i1xtVs1cw31Zg4FMRgsxHf4J14ztfoUm+SY
qmhoJNNtNxWo
-----END CERTIFICATE-----
Generated at Sat Jan 20 07:16:20 2024 by rpki-client on console-fra.rpki-client.org