Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T8cBNJfLnKDuQhAcohN2qfo4J8o.roa
File: T8cBNJfLnKDuQhAcohN2qfo4J8o.roa (raw, json)
Hash identifier: olPyH+ZWVzEovVX1ynHZoGyZDQK+PrpwafRUbFrAol4=
Subject key identifier: 4F:C7:01:34:97:CB:9C:A0:EE:42:10:1C:A2:13:76:A9:FA:38:27:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191B12A91ECD22EBFC5D1BC996BF90DA90A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T8cBNJfLnKDuQhAcohN2qfo4J8o.roa
Signing time: Mon 02 Sep 2024 05:17:22 +0000
ROA not before: Mon 02 Sep 2024 05:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
212.193.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 15:12:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:2a:91:ec:d2:2e:bf:c5:d1:bc:99:6b:f9:0d:a9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 2 05:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fc7013497cb9ca0ee42101ca21376a9fa3827ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:65:26:c9:e1:81:09:1b:9a:43:84:80:4d:65:
5d:6c:eb:9c:f6:79:d8:73:6c:53:a8:51:eb:6f:b9:
9c:77:e6:6e:95:92:0a:78:b0:0d:69:3b:5b:11:1e:
ea:f7:a6:db:7e:8c:e0:1c:00:c3:26:5a:83:81:43:
d5:01:50:0c:d5:03:38:73:47:17:fa:f9:62:e3:6f:
9d:92:01:70:32:c4:dc:9b:ee:2b:3c:87:e4:77:ac:
d5:06:cb:93:db:17:14:82:94:26:7a:85:01:9e:5f:
13:8b:33:b6:90:e6:10:05:5e:d9:ca:67:b7:7b:4f:
6e:f2:d5:71:01:d4:ba:31:33:17:67:86:c6:b6:dd:
68:fe:91:ef:cf:d8:c0:e9:99:91:75:4c:8a:fb:e1:
35:53:81:34:6d:ff:a9:3d:7e:2d:fc:2f:0b:8f:53:
14:70:1a:4e:3d:01:05:53:8f:ac:4a:d8:d9:95:4f:
ce:0e:5a:0d:80:4e:7d:6c:4c:39:4f:bc:39:85:ff:
80:b4:b4:b4:ed:29:da:98:37:6d:8b:0d:07:db:e7:
bc:bf:17:c3:42:4c:75:51:4f:7f:94:ca:e7:c5:68:
26:0c:4b:50:19:02:f9:4d:2e:aa:19:36:41:59:b6:
09:36:07:99:10:2a:c4:b9:44:c6:cf:6d:cf:b9:12:
c1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C7:01:34:97:CB:9C:A0:EE:42:10:1C:A2:13:76:A9:FA:38:27:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T8cBNJfLnKDuQhAcohN2qfo4J8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
62.76.231.0/24
62.76.235.0/24
193.108.115.0/24
193.124.2.0/23
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.49.0/24
193.124.91.0/24
193.124.94.0/24
193.124.201.0/24
193.124.226.0/23
194.58.38.0/24
194.58.43.0/24
194.58.46.0/24
194.58.58.0-194.58.60.255
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.23.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/23
194.87.53.0/24
194.87.63.0/24
194.87.78.0/24
194.87.85.0/24
194.87.105.0/24
194.87.116.0/23
194.87.120.0/23
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.87.205.0/24
194.87.240.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.19.0/24
195.133.22.0/24
195.133.26.0/24
195.133.58.0/23
195.133.80.0/24
195.133.82.0/24
195.133.195.0/24
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
212.192.210.0/23
212.192.241.0/24
212.192.247.0/24
212.193.10.0/24
212.193.15.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:61:dc:5e:d7:ea:03:4c:cf:e6:02:87:c1:23:6a:60:71:4c:
44:1f:61:53:3d:db:22:f0:b0:39:93:d5:75:e4:82:35:41:ff:
a0:47:c1:86:59:2e:bc:20:25:34:08:85:e7:a6:74:27:8c:bd:
20:f4:f9:bc:b7:e2:c2:66:c6:3b:44:58:db:96:33:21:47:d4:
12:1f:de:f3:9a:43:55:97:df:0f:2e:60:45:35:5d:d4:9a:9e:
c9:a2:df:82:d8:de:76:2d:e8:33:b3:72:53:d6:79:ac:61:54:
08:2b:06:b2:96:33:c3:61:1e:48:88:b5:f2:57:5d:0e:49:29:
d1:c6:3c:91:cb:7b:7f:5e:d9:9e:00:94:ff:b2:63:cd:33:9a:
17:e8:14:86:7b:9e:0f:a5:f8:b4:be:ed:ef:2c:e9:84:26:5e:
c4:bd:00:e7:8a:34:1f:17:99:62:02:98:d9:a0:fa:32:30:bd:
63:f0:36:74:7a:94:f1:8c:ef:37:e6:1b:d4:29:72:0c:8d:b3:
1c:5c:61:32:de:dc:ce:b5:07:85:7f:6a:eb:2a:2e:69:b8:57:
41:df:16:5b:f6:c8:99:f5:60:69:bc:ad:2b:e0:b4:81:a8:81:
ae:e4:4e:a2:bd:0d:d7:f7:87:ca:49:16:cc:72:e8:f2:88:9c:
d8:d9:98:b3
-----BEGIN CERTIFICATE-----
MIIGnTCCBYWgAwIBAgISAZGxKpHs0i6/xdG8mWv5DakKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTAyMDUxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmM3MDEzNDk3Y2I5Y2EwZWU0MjEwMWNhMjEzNzZhOWZhMzgyN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWUmyeGBCRuaQ4SATWVdbOuc9nnY
c2xTqFHrb7mcd+ZulZIKeLANaTtbER7q96bbfozgHADDJlqDgUPVAVAM1QM4c0cX
+vli42+dkgFwMsTcm+4rPIfkd6zVBsuT2xcUgpQmeoUBnl8TizO2kOYQBV7Zyme3
e09u8tVxAdS6MTMXZ4bGtt1o/pHvz9jA6ZmRdUyK++E1U4E0bf+pPX4t/C8Lj1MU
cBpOPQEFU4+sStjZlU/ODloNgE59bEw5T7w5hf+AtLS07SnamDdtiw0H2+e8vxfD
Qkx1UU9/lMrnxWgmDEtQGQL5TS6qGTZBWbYJNgeZECrEuUTGz23PuRLBlQIDAQAB
o4IDqTCCA6UwHQYDVR0OBBYEFE/HATSXy5yg7kIQHKITdqn6OCfKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDhjQk5KZkxuS0R1UWhBY29oTjJxZm80SjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvQYIKwYBBQUHAQcBAf8EggGsMIIBqDCCAaQEAgABMIIB
nAMEAD5M4gMEAD5M5wMEAD5M6wMEAMFscwMEAcF8AgMEAMF8BgMEAMF8CAMEAMF8
EgMEAMF8MQMEAMF8WwMEAMF8XgMEAMF8yQMEAcF84gMEAMI6JgMEAMI6KwMEAMI6
LjAMAwQBwjo6AwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcXAwQA
wlciAwQAwlckAwQBwlcqAwQAwlc1AwQAwlc/AwQAwldOAwQAwldVAwQAwldpAwQB
wld0AwQBwld4AwQAwlegAwQAwlejMAwDBADCV6UDBADCV6YDBAHCV7AwDAMEAsJX
tAMEAMJXtgMEAMJXzQMEAMJX8DAMAwQAwocXAwQAwocYAwQAwocuMAwDBADDOjcD
BADDOjgDBADDOjsDBADDOj4DBADDhQwDBADDhRMDBADDhRYDBADDhRoDBAHDhToD
BADDhVADBADDhVIDBADDhcMDBADUwAADBADUwAcDBADUwAoDBADUwB4DBAHUwNID
BADUwPEDBADUwPcDBADUwQoDBADUwQ8DBADUwR8wDQYJKoZIhvcNAQELBQADggEB
ABxh3F7X6gNMz+YCh8EjamBxTEQfYVM92yLwsDmT1XXkgjVB/6BHwYZZLrwgJTQI
heemdCeMvSD0+by34sJmxjtEWNuWMyFH1BIf3vOaQ1WX3w8uYEU1XdSansmi34LY
3nYt6DOzclPWeaxhVAgrBrKWM8NhHkiItfJXXQ5JKdHGPJHLe39e2Z4AlP+yY80z
mhfoFIZ7ng+l+LS+7e8s6YQmXsS9AOeKNB8XmWICmNmg+jIwvWPwNnR6lPGM7zfm
G9QpcgyNsxxcYTLe3M61B4V/ausqLmm4V0HfFlv2yJn1YGm8rSvgtIGoga7kTqK9
Ddf3h8pJFsxy6PKInNjZmLM=
-----END CERTIFICATE-----
Generated at Wed Sep 4 18:42:07 2024 by rpki-client on console-ams.rpki-client.org