Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SQ0tMD4aO2QNSYlabbeqjfHGffw.roa
File: SQ0tMD4aO2QNSYlabbeqjfHGffw.roa (raw, json)
Hash identifier: 4XmOioY+A20TBah6x9rkZhEmLgKWtrlVnWLtFSt8dl8=
Subject key identifier: 49:0D:2D:30:3E:1A:3B:64:0D:49:89:5A:6D:B7:AA:8D:F1:C6:7D:FC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190E45CCAAAF463FE75594B64E95F2F90A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SQ0tMD4aO2QNSYlabbeqjfHGffw.roa
Signing time: Wed 24 Jul 2024 10:50:04 +0000
ROA not before: Wed 24 Jul 2024 10:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.17.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
194.58.66.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Jul 2024 07:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:5c:ca:aa:f4:63:fe:75:59:4b:64:e9:5f:2f:90:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 24 10:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=490d2d303e1a3b640d49895a6db7aa8df1c67dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:34:46:0a:51:70:6a:6d:cf:03:60:2c:2c:48:
02:11:fa:7f:50:46:10:0d:9b:26:65:b9:f7:8a:37:
25:5e:19:9b:39:a3:44:d5:39:32:90:25:85:fc:f1:
1c:82:ff:a6:67:9a:82:95:d7:e4:cf:38:a2:c0:c6:
83:cd:59:f4:39:57:d6:6d:1f:be:15:9c:77:f0:33:
1a:29:f2:97:47:1f:73:02:8a:9f:f4:e7:7b:66:ce:
9f:2e:db:70:6a:27:a8:cb:e4:64:01:7f:bc:3e:ef:
35:ec:a2:8c:b2:93:dd:77:fe:29:66:f5:83:c6:7b:
61:95:ff:de:ac:61:6d:80:5b:1c:bb:cd:7d:92:93:
a5:f9:bf:f5:0f:70:1f:03:60:61:2f:c4:48:72:88:
7d:c3:da:d4:8c:04:5f:c3:0f:ee:23:7f:7f:5e:f2:
30:27:bd:31:bf:62:c5:45:eb:77:40:92:bf:f3:7d:
87:14:b4:64:32:d0:03:b6:97:56:3f:0e:64:32:07:
6f:55:45:47:58:36:4c:3d:f5:85:37:55:3c:cb:36:
1e:3b:0e:0c:56:8d:35:9b:dd:32:f9:3b:50:44:45:
a6:ac:8f:98:27:20:68:7d:88:8c:22:d7:bc:2f:16:
1b:20:25:33:68:a6:ef:cf:e0:c6:9c:61:27:0d:f7:
d5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0D:2D:30:3E:1A:3B:64:0D:49:89:5A:6D:B7:AA:8D:F1:C6:7D:FC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SQ0tMD4aO2QNSYlabbeqjfHGffw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
193.124.36.0/24
193.124.47.0/24
193.124.204.0/24
194.58.41.0/24
194.58.44.0/24
194.58.56.0/23
194.58.66.0/24
194.58.155.0/24
194.58.223.0/24
194.87.44.0/24
194.87.49.0/24
194.87.51.0-194.87.52.255
194.87.54.0/23
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.128.0/24
194.87.130.0/24
194.87.133.0/24
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.233.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0-195.58.38.255
195.58.63.0/24
195.133.9.0/24
195.133.15.0/24
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.39.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.215.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.1.0/24
212.193.5.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
8f:76:f2:a3:23:9a:e4:3b:db:6e:47:1b:c5:a3:0c:b3:cd:2b:
2b:70:d7:07:6d:75:44:01:2b:38:3f:28:89:d2:ec:45:e6:79:
67:12:25:68:3e:d1:aa:b8:bb:28:df:e1:7c:cd:e9:fc:a6:64:
31:53:e0:ff:36:a4:26:01:14:fb:a2:e7:47:37:3c:4c:86:0e:
3a:ba:db:1f:c3:ea:81:c6:ca:77:53:db:ee:dd:7c:aa:37:9d:
53:5f:81:8c:64:69:a2:5c:8a:ee:45:62:ad:2c:6c:26:af:79:
be:b7:cb:fa:38:a3:b8:57:24:bb:7b:7a:b6:c0:ce:f2:fa:84:
8f:7a:28:4b:69:51:29:9c:2e:06:2b:8e:21:10:25:86:e2:58:
b1:02:79:cd:60:36:e4:92:8c:f2:c4:5d:5c:33:be:46:e6:fa:
2e:40:b3:de:0f:17:04:ed:e3:9d:20:90:5f:09:59:3e:ed:8d:
15:75:5f:5a:a5:ea:53:22:64:c1:08:4c:a7:2c:22:63:31:97:
9c:ea:8f:d8:bf:6b:24:62:0b:95:21:a1:81:96:ad:6e:98:d0:
89:3b:7d:b4:59:77:84:ce:7f:3e:f3:1a:32:a0:d1:27:80:7e:
10:0c:c8:5e:60:ae:d2:4b:81:b1:87:32:c1:d8:43:85:57:ec:
eb:ac:9a:88
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgISAZDkXMqq9GP+dVlLZOlfL5CgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzI0MTA1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBkMmQzMDNlMWEzYjY0MGQ0OTg5NWE2ZGI3YWE4ZGYxYzY3ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTRGClFwam3PA2AsLEgCEfp/UEYQ
DZsmZbn3ijclXhmbOaNE1TkykCWF/PEcgv+mZ5qCldfkzziiwMaDzVn0OVfWbR++
FZx38DMaKfKXRx9zAoqf9Od7Zs6fLttwaieoy+RkAX+8Pu817KKMspPdd/4pZvWD
xnthlf/erGFtgFscu819kpOl+b/1D3AfA2BhL8RIcoh9w9rUjARfww/uI39/XvIw
J70xv2LFRet3QJK/832HFLRkMtADtpdWPw5kMgdvVUVHWDZMPfWFN1U8yzYeOw4M
Vo01m90y+TtQREWmrI+YJyBofYiMIte8LxYbICUzaKbvz+DGnGEnDffV3wIDAQAB
o4IDuzCCA7cwHQYDVR0OBBYEFEkNLTA+GjtkDUmJWm23qo3xxn38MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1EwdE1ENGFPMlFOU1lsYWJiZXFqZkhHZmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzwYIKwYBBQUHAQcBAf8EggG+MIIBujCCAaAEAgABMIIB
mAMEAMF8EQMEAMF8JAMEAMF8LwMEAMF8zAMEAMI6KQMEAMI6LAMEAcI6OAMEAMI6
QgMEAMI6mwMEAMI63wMEAMJXLAMEAMJXMTAMAwQAwlczAwQAwlc0AwQBwlc2MAwD
BADCV1MDBADCV1QDBADCV2gDBADCV3MDBADCV4ADBADCV4IDBADCV4UDBADCV4oD
BADCV4wDBADCV48DBADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74DBADCV8gD
BADCV8oDBADCV9ADBADCV9cDBAHCV9wDBADCV+IDBADCV+kDBADCV/oDBADChyYD
BADCh2kDBADDOiIwDAMEAsM6JAMEAMM6JgMEAMM6PwMEAMOFCQMEAMOFDwMEAMOF
EgMEAMOFFQMEAMOFGQMEAMOFGwMEAMOFHgMEAMOFJwMEAcOFMgMEAMOFPwMEAMOF
SQMEAMOFUQMEAcOFXAMEAMOFwgMEANTAAQMEANTA1wMEANTA3wMEANTA9gMEANTA
+AMEANTBAQMEANTBBQMEANTBGAMEANTBHjAUBAIAAjAOAwUDKgFXwAMFAyoM/0Aw
DQYJKoZIhvcNAQELBQADggEBAI928qMjmuQ7225HG8WjDLPNKytw1wdtdUQBKzg/
KInS7EXmeWcSJWg+0aq4uyjf4XzN6fymZDFT4P82pCYBFPui50c3PEyGDjq62x/D
6oHGyndT2+7dfKo3nVNfgYxkaaJciu5FYq0sbCaveb63y/o4o7hXJLt7erbAzvL6
hI96KEtpUSmcLgYrjiEQJYbiWLECec1gNuSSjPLEXVwzvkbm+i5As94PFwTt450g
kF8JWT7tjRV1X1ql6lMiZMEITKcsImMxl5zqj9i/ayRiC5UhoYGWrW6Y0Ik7fbRZ
d4TOfz7zGjKg0SeAfhAMyF5grtJLgbGHMsHYQ4VX7Ousmog=
-----END CERTIFICATE-----
Generated at Fri Jul 26 10:04:39 2024 by rpki-client on console-ams.rpki-client.org