Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UrFyjiNsc3BZs8lHObCeWIbTK6g.roa
File: UrFyjiNsc3BZs8lHObCeWIbTK6g.roa (raw, json)
Hash identifier: ZpDqo/mWbfPcVZKxuTDo6pUDEo3jRMNkIBw2RfQD+AY=
Subject key identifier: 52:B1:72:8E:23:6C:73:70:59:B3:C9:47:39:B0:9E:58:86:D3:2B:A8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01878FA3AEF8910FEA21D786DC8EB4AE0B4B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UrFyjiNsc3BZs8lHObCeWIbTK6g.roa
Signing time: Mon 17 Apr 2023 14:34:41 +0000
ROA not before: Mon 17 Apr 2023 14:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.25.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.64.0/22 maxlen: 22
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
192.124.170.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.181.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:a3:ae:f8:91:0f:ea:21:d7:86:dc:8e:b4:ae:0b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 17 14:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b1728e236c737059b3c94739b09e5886d32ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bd:9b:8f:3a:94:89:7a:7e:93:ba:52:91:0c:
df:b6:1c:a6:5d:ce:2c:21:42:8b:e4:b8:e8:62:3a:
9a:9e:f7:58:bc:08:c8:eb:57:5d:fe:a4:23:61:0c:
89:ba:22:ca:92:5c:48:be:d2:a4:0d:68:c5:d1:38:
e9:86:05:7a:f0:8a:2b:5d:e8:12:13:27:de:c2:72:
e4:e6:49:3d:74:77:65:f6:a1:ba:bb:3c:7e:a7:da:
f6:33:6b:e4:93:7c:c3:d9:7f:57:bd:df:e6:f6:a2:
55:6f:78:f2:65:21:03:47:cb:5b:29:dc:27:d4:12:
c0:8e:6f:55:9f:9a:14:81:5f:7f:dc:f9:7e:9e:52:
cc:d4:99:60:0c:bb:52:bf:3d:66:58:6d:11:89:1e:
b9:d0:0f:44:69:29:10:29:8c:de:b8:cc:ef:3c:d8:
be:fe:05:cc:ae:80:3b:d6:22:14:bd:1a:98:7e:e9:
4d:6a:8e:23:44:1f:58:7a:ab:3a:75:21:5b:2e:61:
7e:85:6f:d4:07:22:70:51:85:b7:a6:f2:f4:13:1a:
41:04:77:ad:b1:3f:f7:d1:b7:0e:4f:bb:34:86:cc:
41:3b:57:12:95:97:14:76:f9:9a:0b:99:a6:33:17:
95:82:70:40:96:21:72:1c:3b:27:b5:6a:23:75:7f:
57:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B1:72:8E:23:6C:73:70:59:B3:C9:47:39:B0:9E:58:86:D3:2B:A8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UrFyjiNsc3BZs8lHObCeWIbTK6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.170.0/24
192.124.178.0/24
192.124.180.0/22
193.108.115.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.16.0/24
193.124.44.0/24
193.124.49.0/24
193.124.80.0/24
193.124.90.0/24
193.124.93.0/24
193.124.133.0/24
193.124.201.0/24
193.124.204.0/24
193.124.226.0/24
194.58.38.0/24
194.58.40.0/24
194.58.42.0/24
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0-194.87.3.255
194.87.6.0/23
194.87.10.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0-194.87.27.255
194.87.37.0/24
194.87.43.0-194.87.44.255
194.87.51.0/24
194.87.56.0/24
194.87.63.0/24
194.87.73.0/24
194.87.77.0-194.87.78.255
194.87.83.0/24
194.87.104.0/23
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.160.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.87.246.0/24
194.135.18.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.35.0-195.58.36.255
195.58.50.0/23
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.20.0/24
195.133.22.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.64.0/22
195.133.74.0/24
195.133.76.0/24
195.133.79.0/24
195.133.84.0/24
195.133.194.0/23
212.192.1.0/24
212.192.10.0/24
212.192.248.0/22
Signature Algorithm: sha256WithRSAEncryption
67:fa:8e:27:72:f5:78:aa:7e:a1:1d:da:d4:e4:1f:a9:b4:7c:
72:2f:5b:1f:9d:a8:db:5d:7d:85:31:7a:cf:72:a5:84:78:15:
c9:51:8b:07:d1:0c:b2:d3:df:05:f3:58:01:0e:4b:08:d8:40:
c5:0f:b1:55:4c:9e:ad:1b:f3:04:7c:5b:bb:01:5b:9f:eb:5a:
66:99:51:88:86:22:09:6f:fb:4f:f2:da:91:a3:5b:c9:20:26:
78:97:b2:88:b2:67:d2:fa:ba:78:c9:bb:8e:7c:ac:7e:0e:5c:
97:b0:58:22:a4:cb:4a:b4:c8:78:c3:96:06:21:bc:9f:63:7e:
48:b2:08:ff:dd:18:80:54:3f:d2:4d:b1:a3:05:d8:c7:40:f1:
35:22:c6:78:c1:68:ea:64:00:8b:e5:bd:f3:5a:65:d8:e5:78:
0b:52:cc:e3:47:d5:d1:c2:cb:4d:17:1e:5a:39:a1:78:bd:f6:
63:f6:5b:cd:3e:7a:fc:5c:a7:d5:af:da:07:d6:be:23:0a:4f:
cf:b9:b6:ee:02:8a:a0:ed:ee:93:e3:ff:69:78:55:e7:30:5f:
4a:af:29:28:64:43:e5:d4:a6:5c:ef:d6:d4:ad:bc:8e:28:64:
8d:86:38:5f:1a:18:10:43:12:cf:e1:74:c9:62:72:a1:e9:3f:
35:9c:cc:8b
-----BEGIN CERTIFICATE-----
MIIHPzCCBiegAwIBAgISAYePo674kQ/qIdeG3I60rgtLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDE3MTQzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIxNzI4ZTIzNmM3MzcwNTliM2M5NDczOWIwOWU1ODg2ZDMyYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor2bjzqUiXp+k7pSkQzfthymXc4s
IUKL5LjoYjqanvdYvAjI61dd/qQjYQyJuiLKklxIvtKkDWjF0TjphgV68IorXegS
EyfewnLk5kk9dHdl9qG6uzx+p9r2M2vkk3zD2X9Xvd/m9qJVb3jyZSEDR8tbKdwn
1BLAjm9Vn5oUgV9/3Pl+nlLM1JlgDLtSvz1mWG0RiR650A9EaSkQKYzeuMzvPNi+
/gXMroA71iIUvRqYfulNao4jRB9Yeqs6dSFbLmF+hW/UByJwUYW3pvL0ExpBBHet
sT/30bcOT7s0hsxBO1cSlZcUdvmaC5mmMxeVgnBAliFyHDsntWojdX9XkwIDAQAB
o4IESzCCBEcwHQYDVR0OBBYEFFKxco4jbHNwWbPJRzmwnliG0yuoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVXJGeWppTnNjM0JaczhsSE9iQ2VXSWJUSzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICXwYIKwYBBQUHAQcBAf8EggJOMIICSjCCAkYEAgABMIIC
PgMEAD5M4QMEAT5M5gMEAMB8qgMEAMB8sgMEAsB8tAMEAMFscwMEAMF8AwMEAMF8
BgMEAcF8CAMEAMF8EAMEAMF8LAMEAMF8MQMEAMF8UAMEAMF8WgMEAMF8XQMEAMF8
hQMEAMF8yQMEAMF8zAMEAMF84gMEAMI6JgMEAMI6KAMEAMI6KgMEAMI6LwMEAMI6
OwMEAMI6QwMEAMI6mjAMAwQAwlcBAwQCwlcAAwQBwlcGMAwDBAHCVwoDBADCVwwD
BADCVxADBADCVxIwDAMEAcJXFgMEAsJXGAMEAMJXJTAMAwQAwlcrAwQAwlcsAwQA
wlczAwQAwlc4AwQAwlc/AwQAwldJMAwDBADCV00DBADCV04DBADCV1MDBAHCV2gD
BAHCV3IDBADCV3oDBADCV3wDBAHCV4IDBADCV4oDBADCV5UDBADCV6ADBADCV6YD
BADCV6gwDAMEAcJXqgMEAMJXrAMEAsJXsAMEAMJXtgMEAMJXuwMEAMJXvgMEAMJX
yAMEAMJXygMEAMJXzAMEAMJX3gMEAMJX8AMEAMJX8wMEAMJX9gMEAMKHEjAMAwQA
wocXAwQAwocYAwQAwocuMAwDBADDOiMDBADDOiQDBAHDOjIDBADDOjYDBADDOjgD
BADDhQADBADDhRQDBADDhRYDBADDhRoDBADDhR4DBADDhSADBADDhSMDBALDhUAD
BADDhUoDBADDhUwDBADDhU8DBADDhVQDBAHDhcIDBADUwAEDBADUwAoDBALUwPgw
DQYJKoZIhvcNAQELBQADggEBAGf6jidy9XiqfqEd2tTkH6m0fHIvWx+dqNtdfYUx
es9ypYR4FclRiwfRDLLT3wXzWAEOSwjYQMUPsVVMnq0b8wR8W7sBW5/rWmaZUYiG
Iglv+0/y2pGjW8kgJniXsoiyZ9L6unjJu458rH4OXJewWCKky0q0yHjDlgYhvJ9j
fkiyCP/dGIBUP9JNsaMF2MdA8TUixnjBaOpkAIvlvfNaZdjleAtSzONH1dHCy00X
Hlo5oXi99mP2W80+evxcp9Wv2gfWviMKT8+5tu4CiqDt7pPj/2l4VecwX0qvKShk
Q+XUplzv1tStvI4oZI2GOF8aGBBDEs/hdMlicqHpPzWczIs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org