Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Vw9uMB4w78HtrORYGKXomkj3K2Q.roa
File: Vw9uMB4w78HtrORYGKXomkj3K2Q.roa (raw, json)
Hash identifier: phVNnlIHJwAsAR0DJMKqKXfysoCJlzOqDk1DTZg9Z84=
Subject key identifier: 57:0F:6E:30:1E:30:EF:C1:ED:AC:E4:58:18:A5:E8:9A:48:F7:2B:64
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186B74FBB0D5278AEF93E4793EE20E0C184
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Vw9uMB4w78HtrORYGKXomkj3K2Q.roa
Signing time: Mon 06 Mar 2023 14:25:01 +0000
ROA not before: Mon 06 Mar 2023 14:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.233.0/24 maxlen: 24
194.87.4.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.38.0/23 maxlen: 23
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
192.124.180.0/22 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:4f:bb:0d:52:78:ae:f9:3e:47:93:ee:20:e0:c1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 6 14:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=570f6e301e30efc1edace45818a5e89a48f72b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4e:ae:c2:58:fb:ef:b3:46:51:e0:65:a7:14:
a4:63:a0:6c:12:93:3c:3f:65:42:6f:3c:8f:5d:8f:
89:8d:b3:f9:66:06:c3:3b:18:69:80:34:57:54:64:
a8:a3:56:df:d1:a9:aa:fe:c0:ec:0c:5d:ce:18:96:
9a:d6:1f:06:20:27:93:0a:16:b9:a0:21:21:83:94:
15:4b:95:28:07:88:76:45:4c:9b:29:53:11:3d:be:
69:42:8c:8b:6b:43:e8:9d:fd:96:86:0e:d6:d4:70:
94:72:38:11:00:16:15:94:2e:ef:bc:d0:09:a5:ee:
6e:a8:42:0e:3d:e0:cb:fd:0b:97:4f:66:14:06:d2:
9e:9e:90:84:d3:37:69:81:12:13:5f:4f:2c:9c:ff:
e0:ab:91:4e:3e:8b:d3:c7:0d:d0:1f:37:eb:dd:06:
8f:64:78:12:b3:b0:64:01:7b:3c:d9:4a:14:44:fd:
28:0c:89:0b:83:7f:5d:6d:0e:7c:1c:14:f5:40:a4:
3f:0c:54:c1:7a:59:03:2c:f9:58:77:72:3a:bb:32:
36:fb:75:52:f1:c3:ee:e1:b6:87:a7:f7:99:a6:84:
1e:91:79:03:e6:d6:41:c5:4b:f8:6e:80:e6:fc:3f:
b4:16:cd:03:42:0f:e2:29:53:48:a9:8c:83:16:2b:
67:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:0F:6E:30:1E:30:EF:C1:ED:AC:E4:58:18:A5:E8:9A:48:F7:2B:64
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Vw9uMB4w78HtrORYGKXomkj3K2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
62.76.233.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.9.0/24
193.124.16.0/24
193.124.44.0/24
193.124.80.0/24
193.124.93.0/24
193.124.201.0/24
193.124.207.0/24
194.58.38.0/23
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.87.1.0/24
194.87.3.0-194.87.4.255
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.24.0/22
194.87.36.0/23
194.87.42.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.114.0/23
194.87.122.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.222.0/24
194.87.240.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/24
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.26.0/24
195.133.30.0/24
195.133.35.0/24
195.133.194.0/23
212.192.1.0/24
212.192.10.0/24
Signature Algorithm: sha256WithRSAEncryption
61:87:c0:fe:58:4b:02:33:bc:22:45:9d:fd:41:47:48:95:14:
2a:bb:d2:6c:1e:cc:29:32:fe:69:fd:c9:c6:83:aa:45:43:26:
87:21:26:cb:ae:62:eb:04:ce:27:14:71:d3:91:12:60:c7:57:
c2:cc:77:cf:ad:73:21:73:10:14:d0:08:71:af:c0:5a:53:24:
0c:8d:b2:77:99:15:4b:c4:47:a3:44:d1:49:05:b4:5b:2e:d8:
37:17:c7:93:37:e4:af:77:63:28:cf:e2:7e:29:fa:7b:2b:11:
75:1e:2d:0a:af:2d:af:9f:c3:cf:37:20:29:45:32:f3:e6:04:
76:73:f7:d4:f4:20:e5:e9:3f:0e:89:51:75:74:f0:05:19:3e:
f0:5b:cf:36:65:83:f3:c3:07:b6:11:46:05:2d:eb:c1:1d:4d:
ea:45:5b:2a:c5:c8:03:5c:c7:10:0b:22:a2:35:ce:7d:7f:28:
3a:9a:c2:90:a5:2b:97:a9:5a:bc:86:ae:72:14:9e:cd:90:6e:
4e:bb:22:54:b0:d1:0f:83:7a:d2:18:48:05:eb:91:c3:c1:1d:
15:e4:31:1c:5a:e9:7c:e0:0d:84:9a:03:9c:f7:69:26:de:92:
f4:d1:11:de:64:3e:d3:7b:2f:59:40:ca:f0:d1:31:ac:b3:d3:
7c:7c:c2:d6
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgISAYa3T7sNUniu+T5Hk+4g4MGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA2MTQyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzBmNmUzMDFlMzBlZmMxZWRhY2U0NTgxOGE1ZTg5YTQ4ZjcyYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE6uwlj777NGUeBlpxSkY6BsEpM8
P2VCbzyPXY+JjbP5ZgbDOxhpgDRXVGSoo1bf0amq/sDsDF3OGJaa1h8GICeTCha5
oCEhg5QVS5UoB4h2RUybKVMRPb5pQoyLa0Ponf2Whg7W1HCUcjgRABYVlC7vvNAJ
pe5uqEIOPeDL/QuXT2YUBtKenpCE0zdpgRITX08snP/gq5FOPovTxw3QHzfr3QaP
ZHgSs7BkAXs82UoURP0oDIkLg39dbQ58HBT1QKQ/DFTBelkDLPlYd3I6uzI2+3VS
8cPu4baHp/eZpoQekXkD5tZBxUv4boDm/D+0Fs0DQg/iKVNIqYyDFitndwIDAQAB
o4IDjzCCA4swHQYDVR0OBBYEFFcPbjAeMO/B7azkWBil6JpI9ytkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVnc5dU1CNHc3OEh0ck9SWUdLWG9ta2ozSzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAYoEAgABMIIB
ggMEAD5M4QMEAT5M5gMEAD5M6QMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAMF8
CQMEAMF8EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8yQMEAMF8zwMEAcI6JgMEAMI6
LwMEAMI6OwMEAMI6QwMEAMJXATAMAwQAwlcDAwQAwlcEAwQAwlcHMAwDBADCVwsD
BADCVwwDBADCVxADBALCVxgDBAHCVyQDBADCVyoDBADCVzgDBADCV0kDBADCV1MD
BADCV2gDBAHCV3IDBADCV3oDBAHCV4IDBADCV4oDBADCV5UDBADCV6YDBADCV6gw
DAMEAcJXqgMEAMJXrAMEAsJXsAMEAMJXtgMEAMJXuwMEAMJXvgMEAMJXyAMEAMJX
ygMEAMJX3gMEAMJX8AMEAMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAwzoyAwQA
wzo2AwQAwzo4AwQAw4UAAwQAw4UaAwQAw4UeAwQAw4UjAwQBw4XCAwQA1MABAwQA
1MAKMA0GCSqGSIb3DQEBCwUAA4IBAQBhh8D+WEsCM7wiRZ39QUdIlRQqu9JsHswp
Mv5p/cnGg6pFQyaHISbLrmLrBM4nFHHTkRJgx1fCzHfPrXMhcxAU0Ahxr8BaUyQM
jbJ3mRVLxEejRNFJBbRbLtg3F8eTN+Svd2Moz+J+Kfp7KxF1Hi0Kry2vn8PPNyAp
RTLz5gR2c/fU9CDl6T8OiVF1dPAFGT7wW882ZYPzwwe2EUYFLevBHU3qRVsqxcgD
XMcQCyKiNc59fyg6msKQpSuXqVq8hq5yFJ7NkG5OuyJUsNEPg3rSGEgF65HDwR0V
5DEcWul84A2EmgOc92km3pL00RHeZD7Tey9ZQMrw0TGss9N8fMLW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org