Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R--SnYfAjWqwiwQ1c7msZYP5eBM.roa
File: R--SnYfAjWqwiwQ1c7msZYP5eBM.roa (raw, json)
Hash identifier: XzKNPtv2TgrNEI88VYcAx2EryPw+Njlx2WEtp2A0dH4=
Subject key identifier: 47:EF:92:9D:87:C0:8D:6A:B0:8B:04:35:73:B9:AC:65:83:F9:78:13
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185FCE959659F4D6D89B648E17273A34110
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R--SnYfAjWqwiwQ1c7msZYP5eBM.roa
Signing time: Sun 29 Jan 2023 09:43:48 +0000
ROA not before: Sun 29 Jan 2023 09:43:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jan 2023 14:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fc:e9:59:65:9f:4d:6d:89:b6:48:e1:72:73:a3:41:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 29 09:43:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47ef929d87c08d6ab08b043573b9ac6583f97813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:df:5c:1d:e7:77:b5:d0:25:de:cb:fd:df:
39:0f:32:24:d9:95:6c:5a:6f:a6:1f:ee:9f:b5:51:
b3:12:6d:f9:e3:f9:82:ab:25:52:0b:bd:05:73:c9:
ca:21:97:57:16:25:a5:bb:4d:2e:c5:3d:fa:c1:bc:
fc:87:2a:01:ce:83:39:4f:bd:54:aa:e4:ae:a5:d9:
6b:24:8e:16:89:6b:cf:f7:19:0a:26:2d:b1:31:21:
11:09:8e:c6:88:a0:e2:53:4f:7f:8d:a7:69:60:27:
18:28:5f:56:14:4a:47:3c:45:8e:e0:a5:f8:1d:2b:
36:a4:df:30:fa:27:b6:fb:b5:57:17:ba:4d:23:61:
48:ee:bc:56:9c:9a:53:ce:dd:5f:98:0a:0b:79:47:
5b:93:7b:c7:89:46:fd:c5:12:43:89:53:84:3d:2a:
22:53:c1:b7:20:54:a7:31:0d:a6:b9:45:5b:b1:b9:
65:b7:58:2c:eb:b8:e1:8e:d2:b4:fa:66:e0:1d:0d:
cd:22:a8:03:c6:67:6a:9e:a4:0b:d7:ad:a3:a9:06:
7b:4b:4b:7a:84:fb:c2:42:e6:d8:69:4c:18:af:ab:
b8:3e:8a:ed:c0:f4:77:6c:30:a8:3f:39:94:e4:6e:
8c:c7:80:0c:73:e4:10:eb:ae:10:61:40:bd:bb:3a:
34:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:EF:92:9D:87:C0:8D:6A:B0:8B:04:35:73:B9:AC:65:83:F9:78:13
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R--SnYfAjWqwiwQ1c7msZYP5eBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
193.124.93.0/24
194.87.36.0/23
195.58.54.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d4:28:83:92:85:f0:48:fc:7c:88:c8:4e:7c:64:15:e9:6c:
61:8e:07:c8:4c:fd:19:53:b0:c3:7d:ef:5e:f3:a3:32:0e:01:
21:18:0d:3a:39:ec:90:1e:7f:05:a0:c3:fa:6d:cf:88:b7:5a:
bc:93:00:eb:62:84:a7:cb:59:08:e0:eb:ce:ec:bb:6b:c1:72:
cf:01:60:43:82:d6:50:d4:53:43:f9:71:7a:8c:46:bf:7d:d0:
cb:85:43:2d:f5:74:82:e5:8c:63:fc:b1:dd:f8:e5:1e:8d:dd:
28:e9:a0:09:27:2d:55:34:d6:bb:ac:72:8d:f5:a2:bb:6f:55:
4a:3e:ca:3e:0e:58:23:5a:14:02:70:54:ad:b4:7b:34:0f:bd:
78:53:ed:c2:f0:41:1a:e2:1a:9d:1a:96:87:43:ce:6c:78:81:
f8:93:6c:83:c9:3b:88:d0:85:29:46:73:6e:a5:8a:b5:0c:b9:
33:e2:54:fe:9d:31:fd:dd:c8:72:ca:f0:17:5f:8e:08:66:ed:
89:9f:af:fa:5f:bc:cd:8a:50:fb:44:21:dc:40:36:18:a0:6d:
0d:f3:a7:72:01:60:48:8a:08:f8:d3:9a:b2:ca:4b:93:e4:24:
f8:49:e7:8d:88:eb:d0:f8:71:35:2f:5e:48:f0:3c:98:d1:c4:
7a:29:a9:22
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYX86Vlln01tibZI4XJzo0EQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI5MDk0MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2VmOTI5ZDg3YzA4ZDZhYjA4YjA0MzU3M2I5YWM2NTgzZjk3ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnzfXB3nd7XQJd7L/d85DzIk2ZVs
Wm+mH+6ftVGzEm354/mCqyVSC70Fc8nKIZdXFiWlu00uxT36wbz8hyoBzoM5T71U
quSupdlrJI4WiWvP9xkKJi2xMSERCY7GiKDiU09/jadpYCcYKF9WFEpHPEWO4KX4
HSs2pN8w+ie2+7VXF7pNI2FI7rxWnJpTzt1fmAoLeUdbk3vHiUb9xRJDiVOEPSoi
U8G3IFSnMQ2muUVbsbllt1gs67jhjtK0+mbgHQ3NIqgDxmdqnqQL162jqQZ7S0t6
hPvCQubYaUwYr6u4PortwPR3bDCoPzmU5G6Mx4AMc+QQ664QYUC9uzo0XQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEfvkp2HwI1qsIsENXO5rGWD+XgTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUi0tU25ZZkFqV3F3aXdRMWM3bXNaWVA1ZUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkzoAwQA
PkzrAwQAwXxdAwQBwlckAwQAwzo2AwQA1MDTMA0GCSqGSIb3DQEBCwUAA4IBAQB2
1CiDkoXwSPx8iMhOfGQV6WxhjgfITP0ZU7DDfe9e86MyDgEhGA06OeyQHn8FoMP6
bc+It1q8kwDrYoSny1kI4OvO7LtrwXLPAWBDgtZQ1FND+XF6jEa/fdDLhUMt9XSC
5Yxj/LHd+OUejd0o6aAJJy1VNNa7rHKN9aK7b1VKPso+DlgjWhQCcFSttHs0D714
U+3C8EEa4hqdGpaHQ85seIH4k2yDyTuI0IUpRnNupYq1DLkz4lT+nTH93chyyvAX
X44IZu2Jn6/6X7zNilD7RCHcQDYYoG0N86dyAWBIigj405qyykuT5CT4SeeNiOvQ
+HE1L15I8DyY0cR6Kaki
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org