Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HZSvp9-h_v3OVrTwgdUs_SKJOJM.roa
File: HZSvp9-h_v3OVrTwgdUs_SKJOJM.roa (raw, json)
Hash identifier: xCutLwE3cVfE6wyASfMJ4TzfJtELKiBaYEEW9ILii4c=
Subject key identifier: 1D:94:AF:A7:DF:A1:FE:FD:CE:56:B4:F0:81:D5:2C:FD:22:89:38:93
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019184EF53D6E3E7DDBAB79F0407277E1FBE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HZSvp9-h_v3OVrTwgdUs_SKJOJM.roa
Signing time: Sat 24 Aug 2024 15:09:22 +0000
ROA not before: Sat 24 Aug 2024 15:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 16:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:84:ef:53:d6:e3:e7:dd:ba:b7:9f:04:07:27:7e:1f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 24 15:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d94afa7dfa1fefdce56b4f081d52cfd22893893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6f:f7:86:76:d4:6e:5e:62:20:32:91:0e:db:
71:0f:74:26:11:19:cb:cd:af:20:cb:38:63:f0:d7:
ac:b0:60:70:6e:9f:de:d3:ae:6a:34:6f:23:ab:c6:
25:b3:e7:c0:a7:0a:98:54:f0:90:70:9d:3c:c4:a9:
2e:f4:0d:f1:9e:05:44:f1:84:20:67:70:47:6b:73:
de:d0:29:90:e4:3b:71:1d:22:34:f2:bc:03:d5:eb:
03:40:b0:69:8f:de:c5:15:c0:94:48:b8:73:f9:f9:
b6:9c:34:d4:7d:4b:29:c4:01:e6:27:35:a8:a4:81:
fe:75:7a:e7:3b:e7:ab:ea:41:ce:f7:f2:91:cb:b2:
f1:7e:1f:19:d9:90:d0:c9:6b:0a:50:55:8b:4c:3d:
90:80:80:5f:c9:a5:ff:c0:b6:e7:44:0c:85:c1:dc:
88:0e:94:46:ae:56:71:76:03:bc:1e:77:95:f1:9c:
24:81:6a:25:04:3e:2a:21:66:91:11:65:e2:f5:06:
4f:78:e9:c9:de:11:3c:66:0e:60:91:1c:f7:a5:d7:
db:1b:aa:38:d0:9b:af:a4:cc:24:91:33:7f:84:de:
f1:8e:19:da:2d:b8:69:72:78:f4:79:29:60:3f:af:
e0:0a:b5:2b:b3:bd:b4:c9:24:a2:8c:ca:a9:15:87:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:94:AF:A7:DF:A1:FE:FD:CE:56:B4:F0:81:D5:2C:FD:22:89:38:93
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HZSvp9-h_v3OVrTwgdUs_SKJOJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.40.0/24
194.58.44.0/23
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.18.0/24
194.87.39.0/24
194.87.47.0/24
194.87.189.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.193.1.0-212.193.2.255
Signature Algorithm: sha256WithRSAEncryption
45:8d:2b:00:3f:e7:b4:3b:09:3d:da:9c:66:7a:04:bc:39:3a:
e2:e0:d6:91:c3:4c:21:48:60:c6:cd:75:12:d0:3f:90:a0:40:
28:74:d8:c9:fb:6b:32:76:e6:b2:48:b9:68:d0:eb:01:8a:c9:
ea:47:24:36:5e:90:c4:03:37:63:34:0f:e4:3f:b4:f5:30:3f:
2c:1b:45:23:92:36:4a:12:b7:77:a9:92:86:55:d5:6a:07:ab:
be:5e:a6:2f:0f:24:18:ec:94:24:4d:2b:e9:86:bc:41:59:29:
88:5d:0b:47:a6:01:7a:d1:06:47:bd:9b:1e:bd:32:49:aa:34:
b7:b0:16:68:e4:56:4b:1f:7c:3e:fe:e5:1f:29:2b:a9:7d:92:
32:6a:3a:8d:2d:cf:41:08:a4:1f:d2:58:3c:10:cd:b8:e0:57:
61:b7:6e:9f:8f:90:ec:3d:b0:77:a6:04:74:5f:42:fd:49:d5:
b6:0f:14:b0:35:0f:6c:a1:7b:11:42:28:cd:b6:c8:86:01:6e:
27:0b:cd:16:9d:5c:85:47:df:d7:e8:c9:6f:65:24:19:22:fe:
e2:5f:62:fe:83:93:d7:6c:5e:e8:32:1c:8e:f4:c8:dd:2f:32:
14:23:b9:d1:23:04:e1:1d:a5:5b:b6:78:e4:ac:b5:dd:df:8d:
51:90:2b:ad
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZGE71PW4+fdurefBAcnfh++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI0MTUwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk0YWZhN2RmYTFmZWZkY2U1NmI0ZjA4MWQ1MmNmZDIyODkzODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2/3hnbUbl5iIDKRDttxD3QmERnL
za8gyzhj8NessGBwbp/e065qNG8jq8Yls+fApwqYVPCQcJ08xKku9A3xngVE8YQg
Z3BHa3Pe0CmQ5DtxHSI08rwD1esDQLBpj97FFcCUSLhz+fm2nDTUfUspxAHmJzWo
pIH+dXrnO+er6kHO9/KRy7Lxfh8Z2ZDQyWsKUFWLTD2QgIBfyaX/wLbnRAyFwdyI
DpRGrlZxdgO8HneV8ZwkgWolBD4qIWaREWXi9QZPeOnJ3hE8Zg5gkRz3pdfbG6o4
0JuvpMwkkTN/hN7xjhnaLbhpcnj0eSlgP6/gCrUrs720ySSijMqpFYfOaQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFB2Ur6ffof79zla08IHVLP0iiTiTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSFpTdnA5LWhfdjNPVnJUd2dkVXNfU0tKT0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADC
OiIDBADCOigDBAHCOiwDBADCOkIDBADCOkQDBADCVwoDBADCVxIDBADCVycDBADC
Vy8DBADCV70DBADCV8YDBADCV+MDBADCV+YDBADDhUMDBADDhVwDBAHUwAwDBADU
wA8DBADUwNcDBADUwN0wDAMEANTBAQMEANTBAjANBgkqhkiG9w0BAQsFAAOCAQEA
RY0rAD/ntDsJPdqcZnoEvDk64uDWkcNMIUhgxs11EtA/kKBAKHTYyftrMnbmski5
aNDrAYrJ6kckNl6QxAM3YzQP5D+09TA/LBtFI5I2ShK3d6mShlXVagervl6mLw8k
GOyUJE0r6Ya8QVkpiF0LR6YBetEGR72bHr0ySao0t7AWaORWSx98Pv7lHykrqX2S
Mmo6jS3PQQikH9JYPBDNuOBXYbdun4+Q7D2wd6YEdF9C/UnVtg8UsDUPbKF7EUIo
zbbIhgFuJwvNFp1chUff1+jJb2UkGSL+4l9i/oOT12xe6DIcjvTI3S8yFCO50SME
4R2lW7Z45Ky13d+NUZArrQ==
-----END CERTIFICATE-----
Generated at Thu Aug 29 18:38:15 2024 by rpki-client on console-ams.rpki-client.org