Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TOVIzerQPp0j5u7beoUb1nEyMyk.roa
File: TOVIzerQPp0j5u7beoUb1nEyMyk.roa (raw, json)
Hash identifier: Cf1Xv0xqGuwc1UhhcEIK1HbX/XoOavuuIM77xBc8FvQ=
Subject key identifier: 4C:E5:48:CD:EA:D0:3E:9D:23:E6:EE:DB:7A:85:1B:D6:71:32:33:29
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CB39E32D9351DAE25CA043C788EB31C50
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TOVIzerQPp0j5u7beoUb1nEyMyk.roa
Signing time: Fri 29 Dec 2023 03:28:58 +0000
ROA not before: Fri 29 Dec 2023 03:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 62.76.227.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
194.87.66.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b3:9e:32:d9:35:1d:ae:25:ca:04:3c:78:8e:b3:1c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 29 03:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ce548cdead03e9d23e6eedb7a851bd671323329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:20:d7:e9:1b:1e:91:59:2f:8d:75:ff:ef:c0:
3b:72:86:a8:32:27:f9:0b:4d:7e:2b:13:a8:26:65:
65:12:ed:9f:81:53:93:2c:1d:2f:e0:62:96:23:c3:
82:de:41:67:3d:97:1c:0e:b9:9d:39:00:c8:dc:38:
1a:e1:95:c4:7b:3d:f3:ef:5c:61:d4:56:01:cb:78:
81:d1:d3:5f:38:bc:eb:68:5d:4d:f5:45:b3:04:6e:
02:c4:28:ca:05:91:04:ac:6c:bc:71:c7:05:00:d4:
cb:af:39:ad:5f:d2:f0:1a:4d:db:97:4a:11:0b:32:
c6:6f:8c:49:b7:9e:56:cf:2f:d7:44:c3:f2:f8:67:
14:72:c8:1b:ad:9e:18:03:cf:9c:a6:08:4c:e0:7f:
72:dc:d2:7a:7e:9d:b8:f4:b0:df:ee:24:65:24:36:
3c:ee:f9:28:a0:13:99:9f:67:83:c8:a8:38:8b:21:
a6:a0:5f:ae:ab:4e:10:ec:eb:6f:22:f7:69:12:36:
35:c3:91:98:42:73:d3:88:7c:85:99:ac:e2:3d:0a:
2f:d4:4e:3c:ed:19:95:0b:5b:a4:fa:1a:0a:20:c5:
b2:b9:92:7c:c8:8c:42:37:ec:60:4d:19:42:15:04:
3a:03:e7:92:8f:6d:d3:c1:12:63:35:ec:92:22:e4:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E5:48:CD:EA:D0:3E:9D:23:E6:EE:DB:7A:85:1B:D6:71:32:33:29
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TOVIzerQPp0j5u7beoUb1nEyMyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
194.58.66.0/24
194.87.40.0/24
194.87.66.0/24
195.58.35.0/24
195.58.60.0/24
195.133.25.0/24
195.133.27.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1f:cd:25:b5:81:dc:51:b4:78:87:c6:f6:bb:8d:44:83:41:
0f:eb:2d:c3:ac:c4:58:18:bf:e0:d4:f2:b0:83:70:5e:93:a5:
3b:37:2f:97:ae:36:b4:9e:81:ba:ca:1e:30:29:9c:9d:be:66:
ac:81:db:43:9d:c0:b3:4e:18:74:c4:7b:73:dc:0a:75:6e:a8:
32:64:8b:bd:d4:c1:7b:4f:cf:26:8b:75:23:02:b7:48:6a:5a:
66:c9:f3:50:18:3d:96:1d:0d:55:c8:e5:5b:d4:55:4d:3f:c8:
a5:5c:ed:40:6e:72:4d:22:bc:0a:ac:30:8a:45:e5:54:6d:c8:
b8:7e:e9:ad:7d:31:4c:9e:dc:ef:7a:56:37:7e:45:9c:e9:be:
22:15:4f:cd:b7:20:d8:92:2a:29:32:fd:ed:ae:85:a1:38:ae:
da:fe:33:d3:b7:fa:61:3a:15:77:73:6a:9b:31:02:e2:07:7a:
53:a7:a4:b7:22:4a:f1:75:28:bd:46:a7:8f:80:d1:32:fc:b4:
90:a0:1a:29:98:06:f1:65:1b:92:fb:6a:87:c1:b6:fb:f1:02:
da:89:b0:69:d2:f9:d1:15:49:3f:52:98:21:ca:36:ef:e7:3e:
ed:33:80:c1:ac:19:3a:20:46:ce:3e:76:cf:33:53:ad:61:e5:
18:03:89:ec
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYyznjLZNR2uJcoEPHiOsxxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI5MDMyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U1NDhjZGVhZDAzZTlkMjNlNmVlZGI3YTg1MWJkNjcxMzIzMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiDX6RsekVkvjXX/78A7coaoMif5
C01+KxOoJmVlEu2fgVOTLB0v4GKWI8OC3kFnPZccDrmdOQDI3Dga4ZXEez3z71xh
1FYBy3iB0dNfOLzraF1N9UWzBG4CxCjKBZEErGy8cccFANTLrzmtX9LwGk3bl0oR
CzLGb4xJt55Wzy/XRMPy+GcUcsgbrZ4YA8+cpghM4H9y3NJ6fp249LDf7iRlJDY8
7vkooBOZn2eDyKg4iyGmoF+uq04Q7OtvIvdpEjY1w5GYQnPTiHyFmaziPQov1E48
7RmVC1uk+hoKIMWyuZJ8yIxCN+xgTRlCFQQ6A+eSj23TwRJjNeySIuTHbwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEzlSM3q0D6dI+bu23qFG9ZxMjMpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVE9WSXplclFQcDBqNXU3YmVvVWIxbkV5TXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAPkzjAwQA
wjpCAwQAwlcoAwQAwldCAwQAwzojAwQAwzo8AwQAw4UZAwQAw4UbAwQCw4UoAwQA
1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQCEH80ltYHcUbR4h8b2u41Eg0EP6y3DrMRY
GL/g1PKwg3Bek6U7Ny+Xrja0noG6yh4wKZydvmasgdtDncCzThh0xHtz3Ap1bqgy
ZIu91MF7T88mi3UjArdIalpmyfNQGD2WHQ1VyOVb1FVNP8ilXO1AbnJNIrwKrDCK
ReVUbci4fumtfTFMntzvelY3fkWc6b4iFU/NtyDYkiopMv3troWhOK7a/jPTt/ph
OhV3c2qbMQLiB3pTp6S3IkrxdSi9RqePgNEy/LSQoBopmAbxZRuS+2qHwbb78QLa
ibBp0vnRFUk/Upghyjbv5z7tM4DBrBk6IEbOPnbPM1OtYeUYA4ns
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org