Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KOgaPDySVHrDQzNE9hPBbaRF-48.roa
File: KOgaPDySVHrDQzNE9hPBbaRF-48.roa (raw, json)
Hash identifier: lkS/y9qlEf80RZuC7UaMsRQ1BFZGm3p3Pln0+YazOq0=
Subject key identifier: 28:E8:1A:3C:3C:92:54:7A:C3:43:33:44:F6:13:C1:6D:A4:45:FB:8F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D587D8DDCB45EF2D09A70CECDE2F11CBE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KOgaPDySVHrDQzNE9hPBbaRF-48.roa
Signing time: Tue 30 Jan 2024 03:50:39 +0000
ROA not before: Tue 30 Jan 2024 03:50:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 07:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:58:7d:8d:dc:b4:5e:f2:d0:9a:70:ce:cd:e2:f1:1c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 30 03:50:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28e81a3c3c92547ac3433344f613c16da445fb8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b7:1d:65:b4:92:8e:1c:c9:1d:29:c0:e7:f2:
82:0e:06:9a:79:d9:5e:ff:0a:a8:3f:c1:a7:c9:9e:
3f:3e:56:ac:1b:ff:e8:74:db:b8:64:b5:df:b8:7b:
8f:11:fd:24:95:94:7e:02:76:4c:ff:df:4b:2f:7b:
d2:f0:7c:36:25:79:88:77:05:26:c3:4e:ac:0b:05:
e0:0d:60:77:62:2d:97:63:68:62:74:50:72:90:33:
a6:86:e4:a5:35:25:2f:48:0c:09:ad:02:21:92:4d:
1d:5f:74:ca:43:6a:a2:60:c0:f5:1f:cd:76:9a:b8:
28:68:5e:01:d3:90:9b:07:de:e7:e7:f0:a1:60:78:
4f:66:91:bf:6b:a4:dd:b6:bf:3f:a7:4e:14:c4:30:
57:d5:8d:99:21:4b:56:4d:0e:a6:64:22:26:ba:cd:
2e:b5:bf:ae:a7:18:d7:db:44:d0:ef:2a:c9:b6:63:
08:19:cb:22:0d:d2:84:93:e1:ea:93:55:de:94:1e:
dc:b8:4b:e3:76:58:7e:3c:c8:1c:f2:b1:66:02:69:
09:27:61:60:b7:ff:db:73:2e:40:dc:a6:d3:00:c1:
68:ac:a1:d1:6d:20:17:0e:b3:24:d1:8a:f3:6b:61:
50:de:b3:7b:e5:41:cc:49:60:4c:5e:3d:dd:95:76:
82:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E8:1A:3C:3C:92:54:7A:C3:43:33:44:F6:13:C1:6D:A4:45:FB:8F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KOgaPDySVHrDQzNE9hPBbaRF-48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.5.0/24
193.124.7.0/24
193.124.47.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.32.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.18.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/23
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:92:29:86:d0:b7:47:82:82:31:9a:8f:27:aa:d3:03:e7:eb:
11:d3:58:a9:5b:5c:16:7a:e6:8f:29:40:ee:29:a1:8e:79:04:
f3:85:95:b3:fe:18:cd:44:a3:ba:c3:e8:d2:92:69:c5:d0:4b:
d3:7d:d0:d9:ef:7b:cb:6d:86:ad:9f:6e:50:6f:53:0c:31:d3:
a9:3a:ef:3e:19:19:2f:01:3c:0c:2c:46:e6:17:02:42:04:16:
d0:7b:a7:6c:1f:99:4e:b9:13:09:83:f3:37:3d:34:e4:9c:b4:
66:3d:22:d0:42:a9:36:3f:3d:1b:ad:22:e9:84:15:7c:de:d9:
9d:f3:ba:af:b6:75:8a:87:ef:d6:fa:bc:03:05:29:c7:02:15:
69:48:91:19:f9:74:0a:34:ce:b2:47:a2:2c:10:b7:2a:31:0b:
22:ac:93:c3:d9:6f:10:7d:d2:4c:09:cf:b0:ee:87:08:b3:66:
5a:73:ac:5e:fb:1f:b9:af:3e:65:be:a1:60:ae:93:35:cb:55:
9b:ed:23:49:a7:76:fb:c4:53:d7:f6:a0:54:43:df:30:12:81:
a5:8c:a9:9a:82:a4:21:87:23:66:d1:28:07:58:de:00:79:f2:
67:69:0b:9c:95:92:00:76:0a:6e:2b:ae:b6:25:cf:b2:7a:1f:
9a:ac:a2:f5
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAY1YfY3ctF7y0Jpwzs3i8Ry+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTMwMDM1MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU4MWEzYzNjOTI1NDdhYzM0MzMzNDRmNjEzYzE2ZGE0NDVmYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLcdZbSSjhzJHSnA5/KCDgaaedle
/wqoP8GnyZ4/PlasG//odNu4ZLXfuHuPEf0klZR+AnZM/99LL3vS8Hw2JXmIdwUm
w06sCwXgDWB3Yi2XY2hidFBykDOmhuSlNSUvSAwJrQIhkk0dX3TKQ2qiYMD1H812
mrgoaF4B05CbB97n5/ChYHhPZpG/a6Tdtr8/p04UxDBX1Y2ZIUtWTQ6mZCImus0u
tb+upxjX20TQ7yrJtmMIGcsiDdKEk+Hqk1XelB7cuEvjdlh+PMgc8rFmAmkJJ2Fg
t//bcy5A3KbTAMForKHRbSAXDrMk0Yrza2FQ3rN75UHMSWBMXj3dlXaCNQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFCjoGjw8klR6w0MzRPYTwW2kRfuPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS09nYVBEeVNWSHJEUXpORTloUEJiYVJGLTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAD5M4wMEALlICgMEAMB8twMEAMF8BQMEAMF8BwMEAMF8LwMEAMF8XwMEAMF8
yAMEAMF8yjAMAwQAwjopAwQAwjoqAwQAwjpCAwQAwjqaAwQAwlcaAwQAwlcgAwQA
wldMAwQAwldRAwQAwleAAwQAwleVAwQAwleXAwQAwleqAwQAwlesAwQAwle7AwQA
wle+AwQAwlfJAwQAwlfXAwQAwlfgAwQAwlflAwQAwlfnAwQAwocSAwQAwochAwQA
wzo2AwQAwzo8AwQAwzo/AwQAw4UCAwQAw4UZAwQAw4UbAwQAw4VIAwQBw4VUAwQA
w4XAAwQA1MABAwQA1MDWAwQA1MENAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQAO
kimG0LdHgoIxmo8nqtMD5+sR01ipW1wWeuaPKUDuKaGOeQTzhZWz/hjNRKO6w+jS
kmnF0EvTfdDZ73vLbYatn25Qb1MMMdOpOu8+GRkvATwMLEbmFwJCBBbQe6dsH5lO
uRMJg/M3PTTknLRmPSLQQqk2Pz0brSLphBV83tmd87qvtnWKh+/W+rwDBSnHAhVp
SJEZ+XQKNM6yR6IsELcqMQsirJPD2W8QfdJMCc+w7ocIs2Zac6xe+x+5rz5lvqFg
rpM1y1Wb7SNJp3b7xFPX9qBUQ98wEoGljKmagqQhhyNm0SgHWN4AefJnaQuclZIA
dgpuK662Jc+yeh+arKL1
-----END CERTIFICATE-----
Generated at Thu Feb 1 10:39:40 2024 by rpki-client on console-ams.rpki-client.org