Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ho4l3PYy2Xh3DhdqBs1PEenejWg.roa
File: Ho4l3PYy2Xh3DhdqBs1PEenejWg.roa (raw, json)
Hash identifier: otj3/GoExZYIwbjGHstnJB1ALp0gMJqIekhUtrOh/p8=
Subject key identifier: 1E:8E:25:DC:F6:32:D9:78:77:0E:17:6A:06:CD:4F:11:E9:DE:8D:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189E3B10D17F261B02F5DA6349B4E0B990E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ho4l3PYy2Xh3DhdqBs1PEenejWg.roa
Signing time: Fri 11 Aug 2023 08:22:58 +0000
ROA not before: Fri 11 Aug 2023 08:22:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:b1:0d:17:f2:61:b0:2f:5d:a6:34:9b:4e:0b:99:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 11 08:22:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e8e25dcf632d978770e176a06cd4f11e9de8d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:92:09:43:d0:a2:db:44:5e:48:28:5a:c1:5d:
12:53:92:c9:4f:9e:c6:e2:ec:1d:05:bc:06:82:d4:
11:82:90:72:c9:b9:99:d7:28:db:32:41:bc:2a:66:
c0:54:21:cd:73:3d:fa:75:0c:1b:cd:22:3a:d7:15:
2e:c5:df:d9:77:15:46:30:06:87:8b:1a:b5:9c:19:
91:10:3c:54:e9:76:94:06:03:a1:64:d5:03:62:81:
90:ba:e0:2a:2b:c0:c7:51:6a:e8:ab:24:ee:c4:1d:
1e:15:57:ce:03:04:42:33:43:90:f9:ac:e2:58:07:
42:ad:85:49:09:ed:e3:a8:3d:87:44:b5:87:36:d7:
4b:fe:a3:cb:c0:f1:ab:73:54:7e:ab:8f:6e:b7:cc:
36:90:3e:9f:1d:0c:b2:bc:25:98:bd:c2:c7:92:c3:
84:76:87:e1:bd:bb:d3:31:9a:ea:85:f3:be:c0:32:
6d:2a:fa:24:c3:07:31:30:b1:fd:a2:f1:d6:d6:08:
67:b9:45:fd:b8:ce:f9:6b:59:62:2b:e6:fc:3a:c8:
98:35:75:fd:21:04:6a:ab:5a:8a:35:05:87:2f:54:
64:44:fd:ba:eb:fe:5c:f4:f7:a4:9f:0b:79:31:75:
ac:d3:b3:4d:ae:53:2a:da:65:b6:81:cf:e5:b9:b1:
75:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8E:25:DC:F6:32:D9:78:77:0E:17:6A:06:CD:4F:11:E9:DE:8D:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ho4l3PYy2Xh3DhdqBs1PEenejWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
194.87.36.0/24
194.87.91.0/24
194.87.117.0/24
194.87.120.0/24
194.87.177.0/24
194.87.188.0/24
195.58.56.0/24
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c1:ce:eb:ed:74:77:d6:78:19:a7:43:3b:a3:aa:2a:9a:de:
fb:1c:c9:c4:93:b4:f0:e0:75:45:28:e2:69:55:11:bb:77:f7:
30:fa:9a:bd:85:a2:f9:a4:06:a0:8d:04:1d:b5:3f:c6:d0:a6:
d9:e1:8d:01:f1:f7:11:9c:66:3f:4a:ce:df:49:de:c4:2f:5f:
4a:bc:f6:41:5e:32:65:74:80:ef:5b:b7:d2:14:e5:29:27:07:
64:aa:93:7a:f6:15:4f:cf:21:9f:7e:29:ff:82:3d:74:e4:39:
40:0f:34:93:e4:d3:68:19:ab:32:3c:67:7c:15:da:3e:fe:17:
09:9c:dd:59:94:11:7e:75:a6:df:57:12:dc:b5:45:88:e2:5f:
0f:c9:49:89:d5:6c:71:ea:6d:b1:97:b4:b6:b6:d7:a2:78:26:
50:cd:7e:65:d9:83:a6:8e:40:6d:3d:03:ee:8c:af:d1:e3:a6:
f4:90:09:d6:ca:0b:0e:67:68:62:d9:3e:8b:f2:9f:61:cc:5a:
e6:fb:66:08:46:c3:46:9c:50:86:fd:19:07:67:ea:37:98:2e:
d9:70:c0:87:80:91:d3:97:37:29:7e:25:57:2e:41:cf:c2:24:
3c:ef:41:53:ca:5c:98:7e:1d:fa:07:9a:2a:e2:34:a4:2e:51:
4d:28:95:9c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYnjsQ0X8mGwL12mNJtOC5kOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODExMDgyMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThlMjVkY2Y2MzJkOTc4NzcwZTE3NmEwNmNkNGYxMWU5ZGU4ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpIJQ9Ci20ReSChawV0SU5LJT57G
4uwdBbwGgtQRgpByybmZ1yjbMkG8KmbAVCHNcz36dQwbzSI61xUuxd/ZdxVGMAaH
ixq1nBmREDxU6XaUBgOhZNUDYoGQuuAqK8DHUWroqyTuxB0eFVfOAwRCM0OQ+azi
WAdCrYVJCe3jqD2HRLWHNtdL/qPLwPGrc1R+q49ut8w2kD6fHQyyvCWYvcLHksOE
dofhvbvTMZrqhfO+wDJtKvokwwcxMLH9ovHW1ghnuUX9uM75a1liK+b8OsiYNXX9
IQRqq1qKNQWHL1RkRP266/5c9Peknwt5MXWs07NNrlMq2mW2gc/lubF1AwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFB6OJdz2Mtl4dw4XagbNTxHp3o1oMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSG80bDNQWXkyWGgzRGhkcUJzMVBFZW5laldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkziAwQA
wlckAwQAwldbAwQAwld1AwQAwld4AwQAwlexAwQAwle8AwQAwzo4AwQA1MAIMA0G
CSqGSIb3DQEBCwUAA4IBAQBowc7r7XR31ngZp0M7o6oqmt77HMnEk7Tw4HVFKOJp
VRG7d/cw+pq9haL5pAagjQQdtT/G0KbZ4Y0B8fcRnGY/Ss7fSd7EL19KvPZBXjJl
dIDvW7fSFOUpJwdkqpN69hVPzyGffin/gj105DlADzST5NNoGasyPGd8Fdo+/hcJ
nN1ZlBF+dabfVxLctUWI4l8PyUmJ1Wxx6m2xl7S2tteieCZQzX5l2YOmjkBtPQPu
jK/R46b0kAnWygsOZ2hi2T6L8p9hzFrm+2YIRsNGnFCG/RkHZ+o3mC7ZcMCHgJHT
lzcpfiVXLkHPwiQ870FTylyYfh36B5oq4jSkLlFNKJWc
-----END CERTIFICATE-----
Generated at Fri Aug 11 09:11:48 2023 by rpki-client on console-ams.rpki-client.org