Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T1qG4xQpv3eJpXH1EcOd44o5lCY.roa
File: T1qG4xQpv3eJpXH1EcOd44o5lCY.roa (raw, json)
Hash identifier: mLNYZM8DUahHiMz4dmsKF6OmktUFiqENabS+Wv7ghe4=
Subject key identifier: 4F:5A:86:E3:14:29:BF:77:89:A5:71:F5:11:C3:9D:E3:8A:39:94:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01919F262590A4EA99F523D55DBC30E9B69A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T1qG4xQpv3eJpXH1EcOd44o5lCY.roa
Signing time: Thu 29 Aug 2024 17:19:22 +0000
ROA not before: Thu 29 Aug 2024 17:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 07:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9f:26:25:90:a4:ea:99:f5:23:d5:5d:bc:30:e9:b6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 29 17:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f5a86e31429bf7789a571f511c39de38a399426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bf:3d:d6:a9:6f:b8:02:53:24:e4:bb:88:5a:
80:87:60:d4:9b:5b:6c:08:22:d4:cc:e9:0a:9b:81:
d8:83:dd:ee:1a:83:3f:32:84:7d:99:1b:3b:4d:0c:
62:3d:cf:db:61:62:46:b7:22:77:7d:06:e0:31:81:
ad:9d:2d:91:9e:de:55:d7:b0:12:3c:a9:bf:80:2a:
e2:8d:b5:88:ee:bb:2c:94:0a:a5:e1:ab:42:0b:ad:
10:78:7b:06:e5:85:c5:02:18:f3:ff:52:e0:1f:6b:
c0:1c:46:37:2d:eb:0f:3b:2a:b1:86:11:7d:8d:2b:
e8:f9:ad:da:46:19:6e:30:df:a7:4f:76:7b:3d:10:
38:b3:60:97:75:23:03:5f:5b:7b:ec:28:34:9b:0a:
8c:3a:64:79:e3:18:c0:9d:cf:d4:e7:b5:0c:22:29:
90:b9:c2:6a:d3:36:51:a3:09:02:5d:aa:4d:5d:83:
8f:c9:c7:c3:2f:40:79:f0:4f:5b:b4:d0:70:c0:be:
81:4b:79:fb:23:ca:ac:94:d1:2d:a4:b3:53:27:22:
96:cd:9e:22:6d:78:27:12:54:d5:58:58:a3:2d:27:
b3:13:67:9e:4c:8f:e2:08:e1:f8:fc:2a:09:18:96:
c4:5d:2b:50:43:f6:2d:61:e3:db:24:c9:e2:5f:5d:
26:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5A:86:E3:14:29:BF:77:89:A5:71:F5:11:C3:9D:E3:8A:39:94:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T1qG4xQpv3eJpXH1EcOd44o5lCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.39.0-194.58.40.255
194.58.44.0/23
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.18.0/24
194.87.39.0/24
194.87.47.0/24
194.87.189.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
Signature Algorithm: sha256WithRSAEncryption
08:39:37:23:eb:c7:4c:91:94:36:b0:4b:68:77:8d:01:96:17:
96:0d:c8:20:0e:1b:ac:6b:20:1a:ed:a0:bf:0d:38:6b:98:20:
69:53:e1:bf:11:35:fa:cf:67:07:72:a8:f7:70:21:42:d5:6a:
92:ad:81:ed:39:ed:ec:ea:68:00:32:e8:50:2f:37:c0:4e:a4:
8f:ab:b3:97:8e:96:6a:7e:83:01:cf:3a:7b:71:7a:56:c6:92:
83:1c:55:4d:f9:10:a5:30:ef:50:df:c9:ce:83:4f:95:14:07:
03:33:dd:19:33:2c:f2:b8:94:7e:30:c8:9c:f9:46:c1:c5:d6:
fc:04:74:80:d0:ef:a8:da:25:7c:9a:a7:2a:ba:0f:43:7d:8d:
51:87:ec:46:3a:28:98:18:31:44:46:b8:18:0b:54:f7:20:f0:
29:f1:3b:f1:3e:da:b7:5f:18:58:04:42:d2:d4:9e:72:b9:37:
5b:fb:6a:48:88:58:25:b4:dc:87:ae:39:e5:74:28:6b:29:a2:
99:21:77:75:10:ea:d5:d2:5e:d5:9c:91:06:c3:0f:3d:e4:21:
f3:1d:7b:d8:17:c2:ef:c8:4e:25:a6:67:ab:82:de:9b:b1:34:
78:f7:8c:26:91:e3:ce:df:fd:4d:41:f9:e0:d9:d4:ee:be:fa:
12:e8:7c:22
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZGfJiWQpOqZ9SPVXbww6baaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI5MTcxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjVhODZlMzE0MjliZjc3ODlhNTcxZjUxMWMzOWRlMzhhMzk5NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr891qlvuAJTJOS7iFqAh2DUm1ts
CCLUzOkKm4HYg93uGoM/MoR9mRs7TQxiPc/bYWJGtyJ3fQbgMYGtnS2Rnt5V17AS
PKm/gCrijbWI7rsslAql4atCC60QeHsG5YXFAhjz/1LgH2vAHEY3LesPOyqxhhF9
jSvo+a3aRhluMN+nT3Z7PRA4s2CXdSMDX1t77Cg0mwqMOmR54xjAnc/U57UMIimQ
ucJq0zZRowkCXapNXYOPycfDL0B58E9btNBwwL6BS3n7I8qslNEtpLNTJyKWzZ4i
bXgnElTVWFijLSezE2eeTI/iCOH4/CoJGJbEXStQQ/YtYePbJMniX10mfwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFE9ahuMUKb93iaVx9RHDneOKOZQmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDFxRzR4UXB2M2VKcFhIMUVjT2Q0NG81bENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADC
OiIwDAMEAMI6JwMEAMI6KAMEAcI6LAMEAMI6QgMEAMI6RAMEAMJXCgMEAMJXEgME
AMJXJwMEAMJXLwMEAMJXvQMEAMJXxgMEAMJX4wMEAMJX5gMEAMOFQwMEAMOFXAME
AdTADAMEANTADwMEANTA1wMEANTA3QMEANTA3zAMAwQA1MEBAwQA1MECMA0GCSqG
SIb3DQEBCwUAA4IBAQAIOTcj68dMkZQ2sEtod40BlheWDcggDhusayAa7aC/DThr
mCBpU+G/ETX6z2cHcqj3cCFC1WqSrYHtOe3s6mgAMuhQLzfATqSPq7OXjpZqfoMB
zzp7cXpWxpKDHFVN+RClMO9Q38nOg0+VFAcDM90ZMyzyuJR+MMic+UbBxdb8BHSA
0O+o2iV8mqcqug9DfY1Rh+xGOiiYGDFERrgYC1T3IPAp8TvxPtq3XxhYBELS1J5y
uTdb+2pIiFgltNyHrjnldChrKaKZIXd1EOrV0l7VnJEGww895CHzHXvYF8LvyE4l
pmergt6bsTR494wmkePO3/1NQfng2dTuvvoS6Hwi
-----END CERTIFICATE-----
Generated at Fri Aug 30 09:04:40 2024 by rpki-client on console-fra.rpki-client.org