Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bMQklpOf3zejRvUwPw70tOuXxhQ.roa
File: bMQklpOf3zejRvUwPw70tOuXxhQ.roa (raw, json)
Hash identifier: QeQviCZx4Mebp1ewciyk1wD+phCoZS8JCiAwH1dkgQE=
Subject key identifier: 6C:C4:24:96:93:9F:DF:37:A3:46:F5:30:3F:0E:F4:B4:EB:97:C6:14
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01887205F1BFAF730B3CB7638DCC007CD9D0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bMQklpOf3zejRvUwPw70tOuXxhQ.roa
Signing time: Wed 31 May 2023 13:36:12 +0000
ROA not before: Wed 31 May 2023 13:36:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.124.226.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.254.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
192.124.176.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
195.133.52.0/23 maxlen: 23
195.133.56.0/22 maxlen: 22
195.133.59.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.6.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 04:42:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:05:f1:bf:af:73:0b:3c:b7:63:8d:cc:00:7c:d9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 31 13:36:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cc42496939fdf37a346f5303f0ef4b4eb97c614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5e:1e:88:4e:e8:45:50:e1:e7:22:70:56:88:
6b:46:ff:81:c7:8e:41:fa:f9:70:dd:84:8c:6c:67:
7e:3b:3c:5a:a4:e7:a0:63:3d:1d:ac:c6:ef:59:38:
5e:51:5d:2d:70:5d:58:96:6c:e6:7e:46:ef:42:34:
5d:95:cb:1f:e8:80:09:d9:b0:2d:fb:50:11:d8:c1:
a1:4f:d1:f5:c8:a3:e8:27:97:6b:ed:da:a8:c8:73:
e3:84:2c:0a:09:48:8e:b6:41:b6:de:aa:91:3b:8b:
7e:c2:fd:31:58:7a:05:6a:2a:f3:21:11:5f:0a:cd:
31:d6:5b:d5:91:10:4b:dd:65:bc:38:e1:3b:ec:ca:
6e:e7:b7:a9:b5:c3:cd:d1:4b:bf:e1:58:b7:0d:44:
01:4b:44:bd:c0:8b:85:d8:35:98:4c:e8:4c:a9:e7:
47:8b:ce:d1:ce:6c:09:78:e9:58:f1:bc:ef:1c:ab:
48:27:30:08:a5:32:91:4c:72:d6:9c:32:5c:46:0e:
3e:5a:68:9d:ee:ec:c1:a7:ce:1a:99:f5:f8:32:f9:
e2:13:92:dc:93:06:83:37:9b:50:e9:2c:74:31:c8:
46:c3:31:ec:d7:35:c1:fc:ac:10:63:82:28:ae:53:
ea:c4:14:02:64:18:9e:07:7b:c6:73:6c:b2:18:44:
10:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C4:24:96:93:9F:DF:37:A3:46:F5:30:3F:0E:F4:B4:EB:97:C6:14
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bMQklpOf3zejRvUwPw70tOuXxhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.176.0/24
193.124.36.0/24
193.124.226.0/24
193.124.254.0/24
194.87.40.0/24
194.87.118.0/23
194.87.221.0/24
194.87.227.0/24
194.135.32.0/24
195.133.6.0/23
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.56.0/22
212.192.13.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e3:00:17:e5:bf:ac:86:5f:7b:b7:45:c9:45:53:81:4e:5b:
78:f3:47:d5:61:ad:b1:d5:11:8d:f0:6b:ee:20:5c:c3:70:63:
1d:4d:b1:4b:b0:63:98:11:14:f3:d9:c7:ae:f8:dd:a1:3b:f3:
3a:c8:68:1d:16:1b:9c:b0:87:a5:1c:ae:4c:23:92:a9:62:d1:
45:06:b5:9e:41:d7:94:5b:d5:82:f9:e3:73:07:af:70:98:1d:
06:4b:03:25:a3:b0:09:1a:05:da:f9:70:03:04:25:18:51:bd:
5b:cd:61:d8:4d:6f:f9:e3:8b:b7:ec:c9:3d:49:36:32:00:07:
b9:df:28:81:5b:4c:66:fa:6b:4c:b4:d2:c8:f6:cb:58:34:5d:
f1:88:47:ce:c0:01:41:d9:af:56:e0:fe:75:2b:39:13:8b:f4:
b7:dd:75:73:4c:c6:b4:76:4b:ab:18:c5:27:76:10:dd:65:ed:
b6:e4:c1:96:e3:5a:23:ce:8e:63:59:4f:31:6f:08:63:bd:8e:
0d:60:15:46:33:92:36:dc:1f:09:b8:73:c8:e0:e6:61:8e:e5:
70:fc:28:f4:4c:fd:73:94:a9:98:cf:2a:73:83:9e:81:79:bf:
22:fc:8a:be:04:62:f9:8a:44:b0:48:0a:be:11:00:6a:d2:c8:
39:00:fd:a4
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYhyBfG/r3MLPLdjjcwAfNnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTMxMTMzNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2M0MjQ5NjkzOWZkZjM3YTM0NmY1MzAzZjBlZjRiNGViOTdjNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl4eiE7oRVDh5yJwVohrRv+Bx45B
+vlw3YSMbGd+OzxapOegYz0drMbvWTheUV0tcF1YlmzmfkbvQjRdlcsf6IAJ2bAt
+1AR2MGhT9H1yKPoJ5dr7dqoyHPjhCwKCUiOtkG23qqRO4t+wv0xWHoFairzIRFf
Cs0x1lvVkRBL3WW8OOE77Mpu57eptcPN0Uu/4Vi3DUQBS0S9wIuF2DWYTOhMqedH
i87RzmwJeOlY8bzvHKtIJzAIpTKRTHLWnDJcRg4+Wmid7uzBp84amfX4MvniE5Lc
kwaDN5tQ6Sx0MchGwzHs1zXB/KwQY4IorlPqxBQCZBieB3vGc2yyGEQQvQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGzEJJaTn983o0b1MD8O9LTrl8YUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYk1Ra2xwT2YzemVqUnZVd1B3NzB0T3VYeGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAuUgKAwQA
wHywAwQAwXwkAwQAwXziAwQAwXz+AwQAwlcoAwQBwld2AwQAwlfdAwQAwlfjAwQA
wocgAwQBw4UGAwQBw4UKAwQBw4UaAwQBw4U0AwQCw4U4AwQA1MANMA0GCSqGSIb3
DQEBCwUAA4IBAQAH4wAX5b+shl97t0XJRVOBTlt480fVYa2x1RGN8GvuIFzDcGMd
TbFLsGOYERTz2ceu+N2hO/M6yGgdFhucsIelHK5MI5KpYtFFBrWeQdeUW9WC+eNz
B69wmB0GSwMlo7AJGgXa+XADBCUYUb1bzWHYTW/544u37Mk9STYyAAe53yiBW0xm
+mtMtNLI9stYNF3xiEfOwAFB2a9W4P51KzkTi/S33XVzTMa0dkurGMUndhDdZe22
5MGW41ojzo5jWU8xbwhjvY4NYBVGM5I23B8JuHPI4OZhjuVw/Cj0TP1zlKmYzypz
g56Beb8i/Iq+BGL5ikSwSAq+EQBq0sg5AP2k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org