Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IDSGnmCU5QVz2hfOBvQcHTEUCuc.roa
File: IDSGnmCU5QVz2hfOBvQcHTEUCuc.roa (raw, json)
Hash identifier: FJXHY+TlzLMgCZH2Ygo5VWaqTReT0hgBTsWU3yVPZDo=
Subject key identifier: 20:34:86:9E:60:94:E5:05:73:DA:17:CE:06:F4:1C:1D:31:14:0A:E7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019146526E6B458173CD123EF6FDEAC905A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IDSGnmCU5QVz2hfOBvQcHTEUCuc.roa
Signing time: Mon 12 Aug 2024 11:21:32 +0000
ROA not before: Mon 12 Aug 2024 11:21:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.44.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 15 Aug 2024 06:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:52:6e:6b:45:81:73:cd:12:3e:f6:fd:ea:c9:05:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 12 11:21:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2034869e6094e50573da17ce06f41c1d31140ae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:71:db:9b:14:eb:8e:fa:cd:cb:33:47:fc:67:
73:a6:60:b5:fb:0a:d4:f0:01:1a:29:da:1f:71:be:
65:dd:be:ef:d2:40:e1:92:58:44:a6:c9:d8:9b:e8:
b2:44:ab:f6:25:1d:61:8f:45:9e:c1:fd:b1:d0:58:
51:f5:7e:10:4a:7d:88:dc:51:63:57:4c:03:5c:aa:
c8:f9:fb:3f:1f:8a:c4:43:7f:42:88:2c:c2:b9:01:
ce:67:46:cb:f9:42:00:31:ed:01:fb:00:6b:c5:d4:
2a:af:81:8d:36:88:1a:de:b6:76:dc:a6:34:c5:42:
a3:9c:d2:f3:00:ba:02:3b:de:71:0f:3a:c2:3e:88:
04:0a:75:dc:d7:90:54:2f:83:d5:57:bd:2f:7b:09:
d6:ee:75:31:87:c7:22:d7:e8:40:8d:10:f3:bb:12:
0f:ca:dc:dc:15:28:a7:a4:31:27:5f:ab:4f:af:94:
ea:bb:a2:b8:24:35:2c:0f:b8:0d:8a:d7:ee:f8:c3:
a6:60:c2:61:96:df:79:21:60:fe:e6:b5:25:a4:61:
ee:e7:68:72:a0:5c:2a:93:31:31:86:d9:37:06:03:
0f:00:36:e3:d4:ce:e8:f4:84:56:c1:7c:77:c4:2f:
cb:a4:b1:25:85:02:c5:5d:3c:df:57:47:c5:1d:4a:
ef:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:34:86:9E:60:94:E5:05:73:DA:17:CE:06:F4:1C:1D:31:14:0A:E7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IDSGnmCU5QVz2hfOBvQcHTEUCuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.58.66.0/24
194.58.155.0/24
194.87.44.0/24
194.87.49.0/24
194.87.52.0/24
194.87.54.0/23
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/22
195.133.15.0/24
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.5.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
09:88:c2:63:68:02:ea:c5:b5:a9:ad:9a:f3:cb:9a:31:46:8d:
55:9f:76:63:e9:29:57:a0:b2:9a:2a:b2:7a:93:f0:b8:b6:cc:
d9:c0:01:48:cf:dc:ba:95:17:6d:b7:39:7f:67:c0:68:5e:da:
6b:0a:71:34:ca:a4:89:48:57:19:65:34:c9:35:1d:f1:2c:97:
fc:41:8a:b0:34:ec:cd:9e:ba:bc:60:5d:52:1a:a6:09:c6:e5:
bf:41:6e:a1:65:71:3c:80:73:f6:3e:70:a2:78:ab:5f:34:f9:
92:26:f8:61:6d:7d:6e:31:c6:c1:5c:12:51:d5:e8:d9:5c:41:
22:67:19:08:50:49:0d:f8:4b:a8:fe:76:fa:0f:64:a1:6f:e1:
d2:95:8e:b9:13:5d:66:25:79:5f:af:c3:18:02:bf:d0:bc:2b:
32:87:59:30:f5:5d:fe:30:7f:7c:ad:00:65:7e:7f:a8:b1:74:
3c:39:7c:dd:3e:69:11:8c:7d:34:c3:f0:20:77:5d:0a:80:c4:
91:80:3d:e1:05:4d:22:7e:8a:10:c8:1a:4f:1b:14:e7:c9:5f:
1d:ff:5a:18:27:cd:66:7a:ef:4c:96:e5:01:d4:a0:48:9a:10:
10:0c:0a:93:43:21:86:dd:43:92:7c:e2:5a:8e:6b:7b:04:2c:
51:14:4f:1e
-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgISAZFGUm5rRYFzzRI+9v3qyQWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODEyMTEyMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM0ODY5ZTYwOTRlNTA1NzNkYTE3Y2UwNmY0MWMxZDMxMTQwYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HHbmxTrjvrNyzNH/GdzpmC1+wrU
8AEaKdofcb5l3b7v0kDhklhEpsnYm+iyRKv2JR1hj0Wewf2x0FhR9X4QSn2I3FFj
V0wDXKrI+fs/H4rEQ39CiCzCuQHOZ0bL+UIAMe0B+wBrxdQqr4GNNoga3rZ23KY0
xUKjnNLzALoCO95xDzrCPogECnXc15BUL4PVV70vewnW7nUxh8ci1+hAjRDzuxIP
ytzcFSinpDEnX6tPr5Tqu6K4JDUsD7gNitfu+MOmYMJhlt95IWD+5rUlpGHu52hy
oFwqkzExhtk3BgMPADbj1M7o9IRWwXx3xC/LpLElhQLFXTzfV0fFHUrvCwIDAQAB
o4IDXzCCA1swHQYDVR0OBBYEFCA0hp5glOUFc9oXzgb0HB0xFArnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSURTR25tQ1U1UVZ6MmhmT0J2UWNIVEVVQ3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcwYIKwYBBQUHAQcBAf8EggFiMIIBXjCCAUQEAgABMIIB
PAMEAMI6LAMEAMI6QgMEAMI6mwMEAMJXLAMEAMJXMQMEAMJXNAMEAcJXNjAMAwQA
wldTAwQAwldUAwQAwldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YDBADCV4oD
BADCV4wDBADCV48DBADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74DBADCV8gD
BADCV8oDBADCV9ADBADCV9cDBAHCV9wDBADCV+IDBADCV/oDBADChyYDBADCh2kD
BADDOiIDBALDOiQDBADDhQ8DBADDhRIDBADDhRUDBADDhRkDBADDhRsDBADDhR4D
BAHDhTIDBADDhT8DBADDhUkDBADDhVEDBAHDhVwDBADDhcIDBADUwAEDBADUwN8D
BADUwPYDBADUwPgDBADUwQUDBADUwRgDBADUwR4wFAQCAAIwDgMFAyoBV8ADBQMq
DP9AMA0GCSqGSIb3DQEBCwUAA4IBAQAJiMJjaALqxbWprZrzy5oxRo1Vn3Zj6SlX
oLKaKrJ6k/C4tszZwAFIz9y6lRdttzl/Z8BoXtprCnE0yqSJSFcZZTTJNR3xLJf8
QYqwNOzNnrq8YF1SGqYJxuW/QW6hZXE8gHP2PnCieKtfNPmSJvhhbX1uMcbBXBJR
1ejZXEEiZxkIUEkN+Euo/nb6D2Shb+HSlY65E11mJXlfr8MYAr/QvCsyh1kw9V3+
MH98rQBlfn+osXQ8OXzdPmkRjH00w/Agd10KgMSRgD3hBU0ifooQyBpPGxTnyV8d
/1oYJ81meu9MluUB1KBImhAQDAqTQyGG3UOSfOJajmt7BCxRFE8e
-----END CERTIFICATE-----
Generated at Thu Aug 15 08:47:21 2024 by rpki-client on console-ams.rpki-client.org