Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T6MD1JtbFoN2S3yZXk05ZrQG9Lw.roa
File: T6MD1JtbFoN2S3yZXk05ZrQG9Lw.roa (raw, json)
Hash identifier: 51+lhEYL6bfQoNtgFGlE2m9jqdn9kMURy7rfc1CeD3Q=
Subject key identifier: 4F:A3:03:D4:9B:5B:16:83:76:4B:7C:99:5E:4D:39:66:B4:06:F4:BC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018728CBAE3B2148FCD3148012AAF8522D5C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T6MD1JtbFoN2S3yZXk05ZrQG9Lw.roa
Signing time: Tue 28 Mar 2023 15:17:29 +0000
ROA not before: Tue 28 Mar 2023 15:17:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212609
IP address blocks: 62.76.232.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.139.0/24 maxlen: 24
195.58.33.0/24 maxlen: 24
195.58.57.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:cb:ae:3b:21:48:fc:d3:14:80:12:aa:f8:52:2d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 28 15:17:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fa303d49b5b1683764b7c995e4d3966b406f4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:a7:70:2b:f1:da:df:cd:8a:00:c1:55:f1:
b0:50:ee:9d:74:7b:23:ba:96:9b:e5:e5:45:cb:0e:
bc:56:9b:bc:3b:98:7f:5f:e6:96:3b:13:84:be:82:
67:81:aa:fe:d4:21:56:ed:c5:66:a7:0a:84:3f:4e:
bb:25:52:8e:9c:0e:e5:68:f9:6b:79:28:7f:41:8a:
db:01:59:ec:d2:4b:e6:68:28:89:f6:4d:f5:f5:84:
65:65:42:fb:f0:a9:91:c3:43:48:2c:96:6a:64:bf:
0c:72:52:5d:ff:f6:fb:89:96:36:12:06:01:97:20:
4e:77:69:8e:25:54:53:05:14:e3:a6:4c:df:9b:38:
a9:2d:4c:ca:75:ce:27:3b:4a:70:57:af:f4:3e:fd:
9f:3d:61:5d:9d:72:c8:1b:8c:ec:e4:f7:61:aa:14:
32:b5:ef:33:63:45:72:a0:f3:5d:73:89:94:fe:98:
45:e6:9d:ce:94:2c:6c:7a:33:45:31:fb:e6:ce:20:
8c:c0:4e:76:02:04:53:be:71:a9:55:23:19:bf:81:
ec:53:8e:9e:e7:11:39:81:26:14:99:ca:38:5b:69:
59:a3:7d:f9:04:88:44:3f:64:f8:f7:44:97:eb:83:
30:0e:ca:44:25:74:c8:17:8a:fa:a1:d0:90:0d:58:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A3:03:D4:9B:5B:16:83:76:4B:7C:99:5E:4D:39:66:B4:06:F4:BC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T6MD1JtbFoN2S3yZXk05ZrQG9Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
193.124.206.0/24
194.87.125.0/24
194.87.139.0/24
195.58.33.0/24
195.58.57.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d5:ae:d4:ac:90:0a:7c:f5:0d:ae:42:2b:b9:d4:75:f2:7c:
ee:99:ad:9f:2e:b0:91:30:83:19:ef:6c:12:30:69:10:52:ec:
e9:d4:03:8c:59:96:90:a9:d8:80:a5:95:99:50:57:fc:7d:95:
35:08:01:7b:7e:9c:a0:19:6b:31:65:0b:6b:e7:c9:eb:4d:81:
dd:51:1e:86:26:54:da:65:e0:91:1d:49:4f:24:0c:2b:af:2c:
d8:2b:8e:36:f1:b2:dc:e7:a7:9a:e0:8f:c1:bc:fa:22:d1:83:
53:82:d4:05:6f:e0:d5:b3:5d:33:11:5c:36:df:e1:f9:6f:ff:
83:a8:bd:f5:3c:f7:49:a0:b2:bc:7f:b7:19:16:5b:7c:37:06:
c4:c9:d2:14:8d:ce:8d:1f:c8:64:25:ad:21:c6:5e:d6:35:22:
8c:a3:53:00:6c:9f:5f:17:18:db:00:4b:74:94:b3:6e:93:2a:
7f:dd:44:d4:ef:5f:11:c7:50:c9:d9:4f:fa:c8:04:57:e9:fa:
41:93:b3:8b:39:ff:6b:0c:b4:c0:ef:23:45:03:4c:bc:6c:ed:
8c:33:cf:c5:48:01:65:8e:fc:a8:58:14:91:21:0f:98:c9:82:
75:00:74:12:19:3e:01:4d:cc:c5:50:17:1c:7e:3a:b1:0b:b3:
db:6f:61:e7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcoy647IUj80xSAEqr4Ui1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI4MTUxNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmEzMDNkNDliNWIxNjgzNzY0YjdjOTk1ZTRkMzk2NmI0MDZmNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa+ncCvx2t/NigDBVfGwUO6ddHsj
upab5eVFyw68Vpu8O5h/X+aWOxOEvoJngar+1CFW7cVmpwqEP067JVKOnA7laPlr
eSh/QYrbAVns0kvmaCiJ9k319YRlZUL78KmRw0NILJZqZL8MclJd//b7iZY2EgYB
lyBOd2mOJVRTBRTjpkzfmzipLUzKdc4nO0pwV6/0Pv2fPWFdnXLIG4zs5PdhqhQy
te8zY0VyoPNdc4mU/phF5p3OlCxsejNFMfvmziCMwE52AgRTvnGpVSMZv4HsU46e
5xE5gSYUmco4W2lZo335BIhEP2T490SX64MwDspEJXTIF4r6odCQDVi8awIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE+jA9SbWxaDdkt8mV5NOWa0BvS8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDZNRDFKdGJGb04yUzN5WlhrMDVaclFHOUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkzoAwQA
wXzOAwQAwld9AwQAwleLAwQAwzohAwQAwzo5AwQA1MEJMA0GCSqGSIb3DQEBCwUA
A4IBAQAY1a7UrJAKfPUNrkIrudR18nzuma2fLrCRMIMZ72wSMGkQUuzp1AOMWZaQ
qdiApZWZUFf8fZU1CAF7fpygGWsxZQtr58nrTYHdUR6GJlTaZeCRHUlPJAwrryzY
K4428bLc56ea4I/BvPoi0YNTgtQFb+DVs10zEVw23+H5b/+DqL31PPdJoLK8f7cZ
Flt8NwbEydIUjc6NH8hkJa0hxl7WNSKMo1MAbJ9fFxjbAEt0lLNukyp/3UTU718R
x1DJ2U/6yARX6fpBk7OLOf9rDLTA7yNFA0y8bO2MM8/FSAFljvyoWBSRIQ+YyYJ1
AHQSGT4BTczFUBccfjqxC7Pbb2Hn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org