Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qm89QTk79HfyTCJSoPzCHXyTugM.roa
File: Qm89QTk79HfyTCJSoPzCHXyTugM.roa (raw, json)
Hash identifier: CRmX/OFfRF1LjkfM9dgP2GMf//4YDXPyeAO9NMP8L1s=
Subject key identifier: 42:6F:3D:41:39:3B:F4:77:F2:4C:22:52:A0:FC:C2:1D:7C:93:BA:03
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AB3936AA57D5F5D48EEE5FD377E8C09AB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qm89QTk79HfyTCJSoPzCHXyTugM.roa
Signing time: Wed 20 Sep 2023 17:11:37 +0000
ROA not before: Wed 20 Sep 2023 17:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 09:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:93:6a:a5:7d:5f:5d:48:ee:e5:fd:37:7e:8c:09:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 20 17:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=426f3d41393bf477f24c2252a0fcc21d7c93ba03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:87:bd:ff:b8:b8:0b:3b:94:79:5d:5f:5b:0c:
5d:30:e6:1a:bb:c1:9f:fd:9f:19:75:94:9a:8b:6d:
e8:cc:87:e1:57:c4:d7:bb:4d:bc:b6:6d:a7:fd:2e:
62:48:9e:44:2b:c9:28:ed:58:63:bf:af:e1:53:a7:
d4:34:38:fd:a5:68:d0:a6:76:4d:8c:2c:d1:3b:e6:
c0:39:a8:04:d9:6b:d7:53:7d:1e:23:ea:83:66:cd:
3c:e9:84:16:4a:87:9c:03:ee:70:1b:f5:86:50:bb:
46:cf:40:95:df:5d:7f:e2:7c:91:f9:0f:66:c3:3e:
61:33:ff:7a:c6:64:69:16:36:f7:3a:f1:21:94:74:
64:3e:b7:e2:fb:f7:88:04:a9:e7:3d:32:e6:ab:b8:
b1:73:9a:f5:34:0d:59:19:45:8b:c1:1c:70:5d:25:
e0:38:46:e0:15:f9:e1:e7:e7:78:c1:aa:e3:62:9c:
74:5a:ab:38:c6:13:e3:43:43:67:22:fd:f9:da:c5:
bf:ba:c0:84:27:34:ab:6a:45:6a:0b:06:a2:39:7d:
2c:6b:48:63:a0:31:85:87:e0:af:dc:8c:05:11:cf:
b3:48:ce:ac:03:0a:b5:5a:a4:23:62:23:f2:f7:54:
20:03:f4:6c:a3:45:08:6d:0d:a8:73:c8:51:33:3d:
d8:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6F:3D:41:39:3B:F4:77:F2:4C:22:52:A0:FC:C2:1D:7C:93:BA:03
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qm89QTk79HfyTCJSoPzCHXyTugM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.11.0/24
192.124.181.0/24
195.133.18.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d2:ba:bf:7e:7a:68:2d:29:dc:d2:84:c6:48:54:5e:95:42:
64:19:11:0e:9a:16:d1:22:e9:9f:d8:94:a7:10:1a:41:68:67:
3a:90:ff:b7:8b:ff:00:65:a0:31:8a:1a:ba:da:7f:7c:6a:d2:
ed:8c:90:83:d7:f1:70:2e:76:28:ee:29:33:72:43:1c:c8:f7:
11:2b:ef:85:db:9d:d1:ff:f2:14:6f:00:ff:ea:67:dd:3f:67:
b2:3b:87:1e:94:2a:b8:d5:95:97:ac:54:7a:e3:45:df:e6:a5:
41:71:b0:56:0f:3d:6a:63:70:3f:51:f5:fc:3a:83:7e:be:d6:
19:91:95:94:03:37:92:8d:69:bd:9b:05:0c:6e:c1:aa:3e:bf:
f8:65:7f:88:bd:07:a8:64:4a:8d:f1:dd:9f:e4:3b:87:69:ea:
62:bd:ee:f6:9c:34:9c:bc:d9:0a:22:25:f4:4a:c0:39:9e:e6:
1e:cc:48:85:78:f4:72:d7:04:9b:d3:7f:68:ac:ac:31:f1:4a:
42:5b:df:e8:e2:ec:83:f5:8b:0b:b9:4a:84:9c:62:87:92:dd:
6e:74:6f:ff:c7:4b:cd:7b:04:27:3d:b2:34:4c:d4:69:4d:df:
a4:6f:03:2f:6b:44:cc:3c:49:f5:34:ae:39:96:46:10:d9:c3:
19:fc:39:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqzk2qlfV9dSO7l/Td+jAmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTIwMTcxMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZmM2Q0MTM5M2JmNDc3ZjI0YzIyNTJhMGZjYzIxZDdjOTNiYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIe9/7i4CzuUeV1fWwxdMOYau8Gf
/Z8ZdZSai23ozIfhV8TXu028tm2n/S5iSJ5EK8ko7Vhjv6/hU6fUNDj9pWjQpnZN
jCzRO+bAOagE2WvXU30eI+qDZs086YQWSoecA+5wG/WGULtGz0CV311/4nyR+Q9m
wz5hM/96xmRpFjb3OvEhlHRkPrfi+/eIBKnnPTLmq7ixc5r1NA1ZGUWLwRxwXSXg
OEbgFfnh5+d4warjYpx0Wqs4xhPjQ0NnIv352sW/usCEJzSrakVqCwaiOX0sa0hj
oDGFh+Cv3IwFEc+zSM6sAwq1WqQjYiPy91QgA/Rso0UIbQ2oc8hRMz3YgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEJvPUE5O/R38kwiUqD8wh18k7oDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUW04OVFUazc5SGZ5VENKU29QekNIWHlUdWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzjAwQA
uUgLAwQAwHy1AwQAw4USMA0GCSqGSIb3DQEBCwUAA4IBAQCZ0rq/fnpoLSnc0oTG
SFRelUJkGREOmhbRIumf2JSnEBpBaGc6kP+3i/8AZaAxihq62n98atLtjJCD1/Fw
LnYo7ikzckMcyPcRK++F253R//IUbwD/6mfdP2eyO4celCq41ZWXrFR640Xf5qVB
cbBWDz1qY3A/UfX8OoN+vtYZkZWUAzeSjWm9mwUMbsGqPr/4ZX+IvQeoZEqN8d2f
5DuHaepive72nDScvNkKIiX0SsA5nuYezEiFePRy1wSb039orKwx8UpCW9/o4uyD
9YsLuUqEnGKHkt1udG//x0vNewQnPbI0TNRpTd+kbwMva0TMPEn1NK45lkYQ2cMZ
/Dlx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org