Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TQFdvLEzBQ1ycALjCtt3A4XQM6s.roa
File: TQFdvLEzBQ1ycALjCtt3A4XQM6s.roa (raw, json)
Hash identifier: Wo5YXgtNk+8NfxW4gUGjKGvwk7SR1ZxfnT+9k3oahow=
Subject key identifier: 4D:01:5D:BC:B1:33:05:0D:72:70:02:E3:0A:DB:77:03:85:D0:33:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6024953DFCAAE71306A8B4741E4160BE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TQFdvLEzBQ1ycALjCtt3A4XQM6s.roa
Signing time: Mon 04 Sep 2023 12:22:04 +0000
ROA not before: Mon 04 Sep 2023 12:22:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
212.193.31.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:24:95:3d:fc:aa:e7:13:06:a8:b4:74:1e:41:60:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 12:22:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d015dbcb133050d727002e30adb770385d033ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2d:c7:8f:4f:ea:89:52:41:d4:7a:fa:58:72:
2f:a9:d9:7c:23:82:71:f6:80:30:da:9c:ff:6b:39:
63:2a:bb:28:78:65:a4:94:ea:59:cd:25:1e:89:5a:
3c:3a:a1:33:a7:15:85:03:bb:8b:6d:c4:42:ec:c8:
d5:7f:51:03:ca:b0:53:af:53:15:fc:ee:a1:df:19:
3c:c2:16:cf:f1:6c:ca:cf:1b:56:15:6e:28:db:34:
46:a3:e3:16:e4:69:da:e7:80:9d:db:90:5d:ef:fa:
62:76:22:02:0c:4b:ec:6f:e3:f5:95:40:71:9f:6d:
5c:97:94:53:e2:f5:13:79:ff:12:5c:e9:55:62:e9:
c8:d9:45:f3:14:c5:84:4e:48:e3:eb:93:a0:0a:9e:
c6:b0:9c:4b:ee:64:45:74:4e:09:3c:43:e7:f9:41:
70:3b:b1:42:14:43:75:9c:be:4b:06:84:e9:55:83:
ad:da:9e:3a:f8:07:a5:f6:7a:41:b5:40:4e:80:f6:
fe:89:77:ce:b7:70:02:39:77:c8:c6:2a:eb:b8:36:
62:d1:30:4f:82:29:72:6f:b7:14:6e:06:43:97:5d:
d8:34:dd:09:b8:5b:dd:31:e3:c3:70:44:f7:b4:69:
63:bf:5c:41:95:13:78:04:21:1c:11:15:e6:74:d3:
3c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:01:5D:BC:B1:33:05:0D:72:70:02:E3:0A:DB:77:03:85:D0:33:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TQFdvLEzBQ1ycALjCtt3A4XQM6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
62.76.231.0/24
62.76.235.0/24
193.108.115.0/24
193.124.2.0/23
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.49.0/24
193.124.91.0/24
193.124.94.0/24
193.124.201.0/24
193.124.226.0/23
194.58.38.0/24
194.58.43.0/24
194.58.46.0/24
194.58.58.0-194.58.60.255
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.23.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/23
194.87.53.0/24
194.87.63.0/24
194.87.78.0/24
194.87.85.0/24
194.87.105.0/24
194.87.116.0-194.87.121.255
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.87.205.0/24
194.87.230.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.19.0/24
195.133.22.0/24
195.133.26.0/24
195.133.58.0/23
195.133.80.0/24
195.133.82.0/24
195.133.195.0/24
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
212.192.210.0/23
212.192.241.0/24
212.192.247.0/24
212.193.10.0/24
212.193.15.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:08:ff:01:9b:73:8d:e9:d4:63:22:74:f8:c4:6a:41:95:13:
4b:63:c9:d3:5f:70:b6:69:26:f7:66:bd:a7:c5:19:a5:2e:cc:
df:f4:a9:83:96:0e:01:5b:51:98:b5:3c:fd:3c:72:ff:55:6a:
61:93:93:59:58:14:6c:4a:c5:72:73:42:11:7e:60:f7:61:6c:
6c:75:4a:45:1f:de:5c:0c:bd:f2:73:e9:ad:85:5c:0d:1e:1e:
64:f0:99:63:45:69:5d:3f:bf:8d:a4:e2:8c:a6:af:ef:3c:e0:
80:b2:b1:d1:36:cc:f6:11:cf:3d:c0:e9:4b:0a:aa:95:32:0c:
a3:67:36:ee:8d:60:47:1e:3c:b5:78:3e:f2:1a:7e:00:c9:a2:
56:38:3d:2c:d0:47:75:5f:21:d8:10:db:23:f5:67:6b:2a:56:
a7:69:82:90:35:b1:07:0e:af:ee:e7:dd:b9:40:79:cc:da:f8:
b7:84:74:7f:02:ab:ca:e5:55:7d:5c:d1:0c:9c:6d:23:86:5e:
e1:f9:6a:b7:aa:9c:db:51:3f:44:4b:d5:ba:0c:65:df:82:4d:
0b:ab:87:4a:54:9f:99:c0:6c:79:31:9d:f9:18:20:01:28:5f:
e8:c3:fc:c6:19:5d:97:d6:93:67:b2:03:8f:16:a9:66:1b:07:
37:4e:da:4f
-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgISAYpgJJU9/KrnEwaotHQeQWC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTIyMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAxNWRiY2IxMzMwNTBkNzI3MDAyZTMwYWRiNzcwMzg1ZDAzM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8i3Hj0/qiVJB1Hr6WHIvqdl8I4Jx
9oAw2pz/azljKrsoeGWklOpZzSUeiVo8OqEzpxWFA7uLbcRC7MjVf1EDyrBTr1MV
/O6h3xk8whbP8WzKzxtWFW4o2zRGo+MW5Gna54Cd25Bd7/pidiICDEvsb+P1lUBx
n21cl5RT4vUTef8SXOlVYunI2UXzFMWETkjj65OgCp7GsJxL7mRFdE4JPEPn+UFw
O7FCFEN1nL5LBoTpVYOt2p46+Ael9npBtUBOgPb+iXfOt3ACOXfIxirruDZi0TBP
gilyb7cUbgZDl13YNN0JuFvdMePDcET3tGljv1xBlRN4BCEcERXmdNM8vwIDAQAB
o4IDtzCCA7MwHQYDVR0OBBYEFE0BXbyxMwUNcnAC4wrbdwOF0DOrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFFGZHZMRXpCUTF5Y0FMakN0dDNBNFhRTTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBywYIKwYBBQUHAQcBAf8EggG6MIIBtjCCAbIEAgABMIIB
qgMEAD5M4gMEAD5M5wMEAD5M6wMEAMFscwMEAcF8AgMEAMF8BgMEAMF8CAMEAMF8
EgMEAMF8MQMEAMF8WwMEAMF8XgMEAMF8yQMEAcF84gMEAMI6JgMEAMI6KwMEAMI6
LjAMAwQBwjo6AwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcXAwQA
wlciAwQAwlckAwQBwlcqAwQAwlc1AwQAwlc/AwQAwldOAwQAwldVAwQAwldpMAwD
BALCV3QDBAHCV3gDBADCV6ADBADCV6MwDAMEAMJXpQMEAMJXpgMEAcJXsDAMAwQC
wle0AwQAwle2AwQAwlfNAwQAwlfmAwQAwlfwAwQAwlfzMAwDBADChxcDBADChxgD
BADChy4wDAMEAMM6NwMEAMM6OAMEAMM6OwMEAMM6PgMEAMOFDAMEAMOFEwMEAMOF
FgMEAMOFGgMEAcOFOgMEAMOFUAMEAMOFUgMEAMOFwwMEANTAAAMEANTABwMEANTA
CgMEANTAHgMEAdTA0gMEANTA8QMEANTA9wMEANTBCgMEANTBDwMEANTBHzANBgkq
hkiG9w0BAQsFAAOCAQEAiwj/AZtzjenUYyJ0+MRqQZUTS2PJ019wtmkm92a9p8UZ
pS7M3/Spg5YOAVtRmLU8/Txy/1VqYZOTWVgUbErFcnNCEX5g92FsbHVKRR/eXAy9
8nPprYVcDR4eZPCZY0VpXT+/jaTijKav7zzggLKx0TbM9hHPPcDpSwqqlTIMo2c2
7o1gRx48tXg+8hp+AMmiVjg9LNBHdV8h2BDbI/VnaypWp2mCkDWxBw6v7ufduUB5
zNr4t4R0fwKryuVVfVzRDJxtI4Ze4flqt6qc21E/REvVugxl34JNC6uHSlSfmcBs
eTGd+RggAShf6MP8xhldl9aTZ7IDjxapZhsHN07aTw==
-----END CERTIFICATE-----
Generated at Fri Sep 22 11:33:13 2023 by rpki-client on console-ams.rpki-client.org