Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cF6ArDlXlqsoeP9pbQgFTIwvUtk.roa
File: cF6ArDlXlqsoeP9pbQgFTIwvUtk.roa (raw, json)
Hash identifier: LEtsC2jThFts7ySkVSLIhnRE1iPIW7GU/K6YcfVxXZ0=
Subject key identifier: 70:5E:80:AC:39:57:96:AB:28:78:FF:69:6D:08:05:4C:8C:2F:52:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A56DA95EA90EE700EEAF0CA62F499232
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cF6ArDlXlqsoeP9pbQgFTIwvUtk.roa
Signing time: Thu 12 Jan 2023 10:01:45 +0000
ROA not before: Thu 12 Jan 2023 10:01:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.4.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 11:51:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:6d:a9:5e:a9:0e:e7:00:ee:af:0c:a6:2f:49:92:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 10:01:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=705e80ac395796ab2878ff696d08054c8c2f52d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:9a:01:51:7e:92:cf:4b:af:62:95:c6:cf:
df:45:a1:43:02:3b:2b:fd:e9:66:6a:ae:1a:dd:66:
dc:43:1a:6d:93:8a:ea:f0:08:c5:06:f3:58:59:89:
a3:d9:3d:9d:b7:a7:60:15:44:9a:15:33:a5:b3:e4:
b7:89:0a:f6:c7:85:b4:9b:d3:60:21:86:dd:68:aa:
71:a1:65:19:4d:33:0c:58:3a:1a:ef:c4:75:27:6b:
5e:22:d4:e7:38:07:f5:0c:9b:b7:9c:b2:7e:d0:e3:
a3:6a:0f:ab:7f:d4:c4:86:71:17:83:a4:7a:b7:b0:
6f:94:67:34:a4:98:f8:15:a6:dd:37:2f:df:18:7e:
77:aa:e9:30:71:42:80:5e:a4:64:1f:b2:fd:7c:44:
33:fe:9b:45:7a:55:4e:4e:30:ee:54:7a:49:1b:1d:
8f:a1:61:56:5a:6e:de:6c:4b:67:5c:c2:8e:5e:bc:
8e:57:29:50:38:df:a2:30:a0:8e:ee:69:83:9b:1f:
9c:fa:e1:f5:08:b7:07:6a:98:c3:2c:62:2d:d0:8c:
69:9a:6a:fc:41:0c:4e:8c:9d:f6:f5:2b:ad:2c:98:
59:02:fb:0a:08:a7:69:f2:c0:34:a5:64:59:d7:74:
bb:72:b6:1b:f3:d1:89:20:51:7c:d5:07:c8:93:c4:
53:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5E:80:AC:39:57:96:AB:28:78:FF:69:6D:08:05:4C:8C:2F:52:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cF6ArDlXlqsoeP9pbQgFTIwvUtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.3.0-193.124.4.255
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.125.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/23
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.6.0/23
194.87.24.0/22
194.87.36.0/24
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0/24
194.87.176.0/24
194.87.190.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.86.0/24
195.133.94.0/24
195.133.194.0/23
212.192.0.0/23
212.192.30.0/24
212.193.0.0/24
212.193.8.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
32:54:7f:a1:8f:2a:13:1a:44:8b:1f:82:d5:8a:cd:12:7e:96:
62:88:7e:60:47:22:a4:31:23:a0:83:32:c8:6d:fc:20:31:1e:
09:3c:3e:4e:a0:81:9e:1c:3f:80:6d:01:3c:8f:3a:3f:fc:7f:
10:8f:91:79:a4:49:1a:41:5c:01:7f:79:d5:18:ed:72:95:0a:
c3:e0:d4:61:e9:ad:60:70:5b:01:7c:b7:f2:b0:b1:6a:85:4e:
70:e1:30:95:7f:4a:a6:e2:5a:59:a1:a2:83:37:51:a0:6b:e1:
3c:f4:4a:03:4d:a7:4f:fe:6a:06:c3:77:eb:4b:80:1a:71:ba:
d3:00:b8:c2:06:eb:f2:92:8a:2b:49:d7:7f:c8:09:83:72:78:
8b:12:92:c7:34:b8:c8:55:1b:2a:35:df:e8:21:77:d5:eb:a3:
98:38:77:6c:17:76:20:b9:36:6d:7f:c3:06:1e:28:08:b4:cd:
fe:97:48:7a:88:96:92:37:9e:16:8a:7a:c4:34:23:ac:bd:7d:
81:fe:9f:75:0b:35:5a:47:37:43:ac:1c:9c:0c:7f:df:3d:a8:
47:b7:44:42:10:87:38:2f:45:ed:2d:f2:f9:8c:ea:88:c0:cb:
be:1f:28:7c:db:13:78:5e:1a:ba:a8:e8:d2:ce:b4:da:62:50:
7f:e4:eb:91
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAYWlbaleqQ7nAO6vDKYvSZIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMTAwMTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVlODBhYzM5NTc5NmFiMjg3OGZmNjk2ZDA4MDU0YzhjMmY1MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bWaAVF+ks9Lr2KVxs/fRaFDAjsr
/elmaq4a3WbcQxptk4rq8AjFBvNYWYmj2T2dt6dgFUSaFTOls+S3iQr2x4W0m9Ng
IYbdaKpxoWUZTTMMWDoa78R1J2teItTnOAf1DJu3nLJ+0OOjag+rf9TEhnEXg6R6
t7BvlGc0pJj4FabdNy/fGH53qukwcUKAXqRkH7L9fEQz/ptFelVOTjDuVHpJGx2P
oWFWWm7ebEtnXMKOXryOVylQON+iMKCO7mmDmx+c+uH1CLcHapjDLGIt0Ixpmmr8
QQxOjJ329SutLJhZAvsKCKdp8sA0pWRZ13S7crYb89GJIFF81QfIk8RTJwIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFHBegKw5V5arKHj/aW0IBUyML1LZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0Y2QXJEbFhscXNvZVA5cGJRZ0ZUSXd2VXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vjAMAwQAwXwDAwQAwXwEAwQA
wXwGAwQAwXwIAwQAwXwSAwQAwXx9AwQAwXyFAwQAwXzJAwQAwXzLAwQAwXzPAwQB
wjomAwQAwjoqMAwDBADCOi0DBATCOiADBADCOjsDBAHCVwYDBALCVxgDBADCVyQD
BADCVzgDBADCV0wDBAHCV1IDBADCV2gwDAMEAcJXcgMEAMJXdAMEAMJXdgMEAMJX
ewMEAMJXiAMEAcJXigMEAMJXlQMEAMJXowMEAMJXpQMEAMJXqwMEAMJXsAMEAMJX
vgMEAcJXxgMEAMJXygMEAcJX0AMEAcJX3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQG
wzoAAwQAw4UMAwQAw4U3AwQAw4VWAwQAw4VeAwQBw4XCAwQB1MAAAwQA1MAeAwQA
1MEAAwQA1MEIAwQA1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQAyVH+hjyoTGkSLH4LV
is0SfpZiiH5gRyKkMSOggzLIbfwgMR4JPD5OoIGeHD+AbQE8jzo//H8Qj5F5pEka
QVwBf3nVGO1ylQrD4NRh6a1gcFsBfLfysLFqhU5w4TCVf0qm4lpZoaKDN1Gga+E8
9EoDTadP/moGw3frS4AacbrTALjCBuvykoorSdd/yAmDcniLEpLHNLjIVRsqNd/o
IXfV66OYOHdsF3YguTZtf8MGHigItM3+l0h6iJaSN54WinrENCOsvX2B/p91CzVa
RzdDrBycDH/fPahHt0RCEIc4L0XtLfL5jOqIwMu+Hyh82xN4Xhq6qOjSzrTaYlB/
5OuR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org