Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KmUUINOIEATdww0YwbExlHBt4QA.roa
File: KmUUINOIEATdww0YwbExlHBt4QA.roa (raw, json)
Hash identifier: HtrGRMlCmoImcvRnqJBmd0ikVoupHeN0YOBN7f2jyHI=
Subject key identifier: 2A:65:14:20:D3:88:10:04:DD:C3:0D:18:C1:B1:31:94:70:6D:E1:00
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01918EF9369B1448C350C1358565FC1FE2A1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KmUUINOIEATdww0YwbExlHBt4QA.roa
Signing time: Mon 26 Aug 2024 13:56:22 +0000
ROA not before: Mon 26 Aug 2024 13:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.233.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.58.57.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Aug 2024 11:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:f9:36:9b:14:48:c3:50:c1:35:85:65:fc:1f:e2:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 26 13:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a651420d3881004ddc30d18c1b13194706de100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:eb:4d:2a:c8:81:39:02:3e:81:ef:b6:db:
ab:2f:16:df:1e:17:8d:c4:9f:fa:83:5f:f9:08:23:
29:93:7e:92:6f:8f:fe:c1:6e:b6:93:f9:6e:b3:52:
71:01:3f:9b:63:41:40:f5:a4:38:cb:1c:c4:f4:cb:
05:a0:47:41:59:54:20:d0:ee:90:0a:91:af:ed:8a:
4a:97:30:a5:bb:61:b8:5a:f9:ca:54:ad:ff:00:51:
f5:85:53:3a:57:f4:aa:b6:a2:94:45:38:8d:cf:b3:
2a:e3:f4:4c:dc:3d:aa:36:5c:9d:8f:59:1f:f6:74:
9b:a9:66:4a:fa:11:14:d2:c4:4d:ae:f4:a3:4e:47:
65:96:91:46:a0:c8:e4:d5:a5:01:f2:f7:f3:bf:b4:
24:00:e2:79:77:27:74:13:4d:3e:4b:5b:c1:23:2d:
9b:e2:2c:fc:aa:e2:9c:a8:67:c2:d7:6f:80:cd:78:
a9:81:d6:81:c4:22:fd:cc:1a:12:0d:a8:d1:04:49:
53:b6:92:33:e9:e8:c9:8b:f2:46:46:46:d0:9f:61:
c1:7d:dc:75:ac:3e:28:fa:db:4e:94:ba:db:8d:b1:
ee:ca:5b:87:ed:9d:e8:0c:ae:cb:05:69:f2:bc:f9:
99:6c:e4:91:c9:83:65:6f:ad:eb:ba:bf:2f:69:e2:
65:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:65:14:20:D3:88:10:04:DD:C3:0D:18:C1:B1:31:94:70:6D:E1:00
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KmUUINOIEATdww0YwbExlHBt4QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.233.0/24
193.124.47.0/24
194.58.57.0/24
194.58.155.0/24
194.87.26.0/23
194.87.44.0/24
194.87.49.0/24
194.87.76.0/24
194.87.82.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/23
195.133.14.0/23
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.217.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
4a:79:78:5e:0d:b9:71:9b:40:4f:02:9a:a9:3a:95:aa:48:31:
21:82:43:08:69:20:84:38:74:4b:d6:60:03:60:97:e2:33:da:
f4:da:b7:49:e9:c2:e5:01:88:55:80:e4:bc:29:f0:ca:5d:3c:
7a:c3:ad:d1:51:1c:df:76:a2:87:93:c1:7e:4d:1f:56:8f:91:
b7:69:15:f2:01:16:31:0d:cb:1a:58:b6:cc:29:0f:ae:31:7d:
26:23:7d:a7:2e:ce:81:e4:92:3d:11:d7:9a:9d:1d:a0:b6:95:
40:d6:90:e0:63:28:1b:ad:10:a0:0f:92:cb:04:ee:e9:8b:7e:
13:5e:53:e9:70:dc:cc:05:1d:0d:d8:73:c4:db:d7:4f:2f:da:
65:47:98:bf:c9:54:ca:c4:db:1b:f5:d5:55:db:58:50:4d:f8:
d7:c9:37:b1:4c:1f:09:39:49:be:f3:34:8a:2b:63:38:b3:c4:
76:ef:a7:d6:ea:7e:c6:bc:7e:60:f4:57:93:06:dd:87:bd:b6:
8d:b2:6b:d3:f7:c6:b0:7e:7e:da:2c:9a:78:30:5f:52:b1:87:
0d:ff:44:18:83:94:4c:79:30:22:1b:ab:84:b5:5e:79:a1:f5:
6b:74:82:ed:89:27:6a:c3:30:df:d3:6f:72:04:fb:42:15:a6:
e8:a1:3e:45
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZGO+TabFEjDUME1hWX8H+KhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI2MTM1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY1MTQyMGQzODgxMDA0ZGRjMzBkMThjMWIxMzE5NDcwNmRlMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOzrTSrIgTkCPoHvtturLxbfHheN
xJ/6g1/5CCMpk36Sb4/+wW62k/lus1JxAT+bY0FA9aQ4yxzE9MsFoEdBWVQg0O6Q
CpGv7YpKlzClu2G4WvnKVK3/AFH1hVM6V/SqtqKURTiNz7Mq4/RM3D2qNlydj1kf
9nSbqWZK+hEU0sRNrvSjTkdllpFGoMjk1aUB8vfzv7QkAOJ5dyd0E00+S1vBIy2b
4iz8quKcqGfC12+AzXipgdaBxCL9zBoSDajRBElTtpIz6ejJi/JGRkbQn2HBfdx1
rD4o+ttOlLrbjbHuyluH7Z3oDK7LBWnyvPmZbOSRyYNlb63rur8vaeJl4wIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFCplFCDTiBAE3cMNGMGxMZRwbeEAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS21VVUlOT0lFQVRkd3cwWXdiRXhsSEJ0NFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAUoEAgABMIIB
QgMEAD5M6QMEAMF8LwMEAMI6OQMEAMI6mwMEAcJXGgMEAMJXLAMEAMJXMQMEAMJX
TDAMAwQBwldSAwQAwldUAwQAwldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YD
BADCV4oDBADCV4wDBADCV48DBADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74D
BADCV8gDBADCV8oDBADCV9ADBADCV9cDBAHCV9wDBADCV+IDBADCV/oDBADChyYD
BADCh2kDBADDOiIDBAHDOiQDBAHDhQ4DBADDhRIDBADDhRUDBADDhRkDBADDhRsD
BADDhR4DBAHDhTIDBADDhT8DBADDhUkDBADDhVEDBAHDhVwDBADDhcIDBADUwAED
BADUwNkDBADUwN8DBADUwPYDBADUwPgDBADUwRgDBADUwR4wFAQCAAIwDgMFAyoB
V8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQBKeXheDblxm0BPApqpOpWqSDEh
gkMIaSCEOHRL1mADYJfiM9r02rdJ6cLlAYhVgOS8KfDKXTx6w63RURzfdqKHk8F+
TR9Wj5G3aRXyARYxDcsaWLbMKQ+uMX0mI32nLs6B5JI9EdeanR2gtpVA1pDgYygb
rRCgD5LLBO7pi34TXlPpcNzMBR0N2HPE29dPL9plR5i/yVTKxNsb9dVV21hQTfjX
yTexTB8JOUm+8zSKK2M4s8R276fW6n7GvH5g9FeTBt2HvbaNsmvT98awfn7aLJp4
MF9SsYcN/0QYg5RMeTAiG6uEtV55ofVrdILtiSdqwzDf029yBPtCFabooT5F
-----END CERTIFICATE-----
Generated at Wed Aug 28 14:17:30 2024 by rpki-client on console-ams.rpki-client.org