Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PaiDOGA408j--2qLJOpHdCO5juA.roa
File: PaiDOGA408j--2qLJOpHdCO5juA.roa (raw, json)
Hash identifier: f6JyQ28rq+txQHKfyDRI8nfOaEXq2wO/q1le7Lg1dro=
Subject key identifier: 3D:A8:83:38:60:38:D3:C8:FE:FB:6A:8B:24:EA:47:74:23:B9:8E:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A31BC02C6FA7AAE3C0794BBB25063D01D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PaiDOGA408j--2qLJOpHdCO5juA.roa
Signing time: Sat 26 Aug 2023 12:05:19 +0000
ROA not before: Sat 26 Aug 2023 12:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.34.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.119.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
212.193.31.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:bc:02:c6:fa:7a:ae:3c:07:94:bb:b2:50:63:d0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 26 12:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da883386038d3c8fefb6a8b24ea477423b98ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8f:22:fd:b5:3e:f8:b4:7b:1f:75:2c:31:fe:
07:35:b1:08:c3:7a:da:56:b5:07:18:cf:dc:08:3c:
34:e8:2f:70:bd:30:c9:9c:e0:91:d8:f5:ff:70:b0:
78:bf:b3:88:1a:69:2d:26:ee:f1:c4:f6:c2:85:49:
9e:89:b0:bd:e9:61:da:d3:59:8e:1e:68:0b:b9:26:
4a:20:d1:36:e5:a2:0e:c2:74:6e:fb:eb:72:7b:80:
3b:d5:9f:5b:60:2f:38:01:99:91:d7:d5:54:21:1c:
b8:8d:3a:3e:3c:c7:ef:6e:1a:68:f2:7d:c2:82:a6:
80:e2:f7:a9:08:25:9b:4a:7a:c5:d9:89:62:44:1c:
b1:8c:17:79:54:a0:ff:0b:90:8f:99:bd:93:61:2b:
f7:47:8e:1b:91:06:f6:3a:52:b4:62:34:5a:23:1d:
7e:d5:b2:4c:e7:16:bd:89:39:52:5b:d1:b0:b6:b6:
7c:1a:65:7d:bb:21:a3:12:cb:ec:fa:ee:f5:cd:63:
77:ca:a8:b8:15:b7:ec:2f:af:91:d4:8d:a1:85:df:
3f:d7:fc:bb:89:03:72:94:22:ae:ee:a4:e9:4f:47:
e1:04:23:6f:03:d4:73:9e:a2:ba:8c:88:1b:2d:04:
cc:1c:6a:65:ae:e4:d7:72:3c:ad:eb:41:87:29:4b:
f6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A8:83:38:60:38:D3:C8:FE:FB:6A:8B:24:EA:47:74:23:B9:8E:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PaiDOGA408j--2qLJOpHdCO5juA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.38.0/24
194.58.47.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.34.0/24
194.87.40.0/24
194.87.56.0/24
194.87.63.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.119.0/24
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.168.0/24
194.87.176.0/24
194.87.179.0-194.87.180.255
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/23
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.26.0/24
195.133.30.0/24
195.133.73.0/24
195.133.84.0/23
212.192.241.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:79:6a:79:1d:06:45:bc:88:ce:e6:89:90:7c:34:14:59:7a:
af:5c:6c:64:ef:71:55:ac:04:00:5c:c9:75:c2:a1:8e:27:09:
0e:5b:5a:7f:dc:1b:30:cc:3e:30:08:a6:84:0c:26:ef:e1:32:
be:04:89:e9:34:4e:45:e8:a6:7d:54:1d:0e:5d:df:da:dc:e5:
95:06:de:10:94:c6:3a:9a:8c:cc:ab:8b:19:94:1c:de:cf:10:
8e:a3:78:d8:9e:fe:cd:a4:29:38:a8:40:71:27:98:17:0e:d2:
63:21:86:88:53:1f:09:6d:3b:07:29:2a:44:25:ca:e6:f8:e8:
dc:b1:6a:76:0a:fb:2b:3b:dd:ab:22:c3:37:b7:21:d2:cf:34:
6e:56:75:9e:84:64:5c:95:f4:6f:d5:69:d7:22:f2:85:d6:43:
4f:7f:fc:c1:dc:81:9d:be:f8:5b:ca:3e:21:e0:a2:b2:ac:9e:
7c:66:cb:b1:9f:54:0a:52:64:2a:52:5e:1e:a7:38:a0:22:c8:
ea:e2:c3:74:65:e0:d2:02:d4:60:15:39:48:f7:b8:e5:ca:02:
25:e3:3a:52:1c:c4:0c:b8:bb:d2:30:81:b0:78:10:b5:21:33:
06:47:c1:db:de:7f:18:fe:f0:66:93:1e:41:47:97:02:84:be:
c9:ba:51:4e
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYoxvALG+nquPAeUu7JQY9AdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI2MTIwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE4ODMzODYwMzhkM2M4ZmVmYjZhOGIyNGVhNDc3NDIzYjk4ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI8i/bU++LR7H3UsMf4HNbEIw3ra
VrUHGM/cCDw06C9wvTDJnOCR2PX/cLB4v7OIGmktJu7xxPbChUmeibC96WHa01mO
HmgLuSZKINE25aIOwnRu++tye4A71Z9bYC84AZmR19VUIRy4jTo+PMfvbhpo8n3C
gqaA4vepCCWbSnrF2YliRByxjBd5VKD/C5CPmb2TYSv3R44bkQb2OlK0YjRaIx1+
1bJM5xa9iTlSW9GwtrZ8GmV9uyGjEsvs+u71zWN3yqi4FbfsL6+R1I2hhd8/1/y7
iQNylCKu7qTpT0fhBCNvA9RznqK6jIgbLQTMHGplruTXcjyt60GHKUv2LwIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFD2ogzhgONPI/vtqiyTqR3QjuY7gMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUGFpRE9HQTQwOGotLTJxTEpPcEhkQ081anVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAD5M4gMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
JgMEAMI6LwMEAMI6QwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQA
wlciAwQAwlcoAwQAwlc4AwQAwlc/AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQA
wld3AwQAwld6AwQAwld8AwQBwleCAwQBwleGAwQAwleXAwQAwleoAwQAwlewMAwD
BADCV7MDBADCV7QDBADCV74DBADCV8gDBADCV94DBADDOiQDBAHDOjYDBAHDOjoD
BAHDOj4DBADDhQADBAHDhQYDBADDhRoDBADDhR4DBADDhUkDBAHDhVQDBADUwPED
BADUwR8wDQYJKoZIhvcNAQELBQADggEBAHt5ankdBkW8iM7miZB8NBRZeq9cbGTv
cVWsBABcyXXCoY4nCQ5bWn/cGzDMPjAIpoQMJu/hMr4Eiek0TkXopn1UHQ5d39rc
5ZUG3hCUxjqajMyrixmUHN7PEI6jeNie/s2kKTioQHEnmBcO0mMhhohTHwltOwcp
KkQlyub46NyxanYK+ys73asiwze3IdLPNG5WdZ6EZFyV9G/Vadci8oXWQ09//MHc
gZ2++FvKPiHgorKsnnxmy7GfVApSZCpSXh6nOKAiyOriw3Rl4NIC1GAVOUj3uOXK
AiXjOlIcxAy4u9IwgbB4ELUhMwZHwdvefxj+8GaTHkFHlwKEvsm6UU4=
-----END CERTIFICATE-----
Generated at Sat Aug 26 12:57:20 2023 by rpki-client on console-ams.rpki-client.org