Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cG2cWjtHdg93Z1-iuKbxC2t8wHM.roa
File: cG2cWjtHdg93Z1-iuKbxC2t8wHM.roa (raw, json)
Hash identifier: P0VPfDSp+7VcuJdG4LrqmqZTPsomc8I3n/LJzW2IbGU=
Subject key identifier: 70:6D:9C:5A:3B:47:76:0F:77:67:5F:A2:B8:A6:F1:0B:6B:7C:C0:73
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185DDE2105AAB6315672F2B550BD6ED2D06
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cG2cWjtHdg93Z1-iuKbxC2t8wHM.roa
Signing time: Mon 23 Jan 2023 09:07:37 +0000
ROA not before: Mon 23 Jan 2023 09:07:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:e2:10:5a:ab:63:15:67:2f:2b:55:0b:d6:ed:2d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 23 09:07:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=706d9c5a3b47760f77675fa2b8a6f10b6b7cc073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:20:18:cd:5f:37:21:06:db:38:47:b8:a2:
5d:39:36:8f:63:9e:21:62:a0:d9:23:4b:e1:29:7e:
60:7f:08:4e:33:71:0d:a9:47:13:3c:3e:45:f6:40:
91:9c:55:46:f3:48:f3:a2:1b:35:8f:41:84:74:46:
64:d7:eb:db:eb:7a:9b:04:36:3b:a0:51:e0:2f:2a:
85:81:32:d7:53:cd:a6:8a:90:56:b0:65:ba:6d:1f:
ce:87:5b:87:0f:78:ef:c9:3a:f4:6e:88:95:b0:df:
83:e3:a9:d1:dd:af:65:ad:79:0d:b3:e1:4f:cb:65:
75:8c:ed:16:c1:44:8f:87:14:ac:df:cf:4a:91:0e:
fc:f6:20:c1:f6:e3:3e:4f:3a:d1:2c:6b:61:ab:3c:
19:67:01:ff:e7:2c:4f:7a:09:ef:06:01:85:ff:10:
33:25:d5:86:b5:bc:0c:04:ac:2d:e6:ce:2e:9d:54:
e9:b8:52:4b:c6:b1:e1:d0:24:0e:62:c4:f6:f4:09:
68:24:32:64:82:88:30:a8:2f:8b:02:e8:a8:23:e4:
b6:1d:d6:5b:66:1d:ab:05:d8:c8:e8:1a:29:f3:49:
22:e0:c2:45:e8:34:0f:d5:eb:e9:c5:07:8d:c6:f6:
a9:da:a7:3e:ee:ad:fe:3d:27:14:82:ce:30:39:78:
7d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6D:9C:5A:3B:47:76:0F:77:67:5F:A2:B8:A6:F1:0B:6B:7C:C0:73
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cG2cWjtHdg93Z1-iuKbxC2t8wHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.133.0/24
193.124.202.0/23
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.3.0/24
194.87.6.0/23
194.87.11.0/24
194.87.16.0/24
194.87.22.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.190.0/24
194.87.198.0/23
194.87.202.0/24
194.87.204.0/24
194.87.208.0/23
194.87.222.0/23
194.87.226.0/24
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.193.0-195.133.195.255
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.11.0-212.193.12.255
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
38:37:0f:d3:1a:e5:4f:34:a3:95:6b:fe:05:d2:55:d5:00:ad:
5b:71:08:22:e2:43:e2:64:ad:70:a4:d2:7f:7b:2d:37:fb:36:
90:11:85:7b:66:0f:b7:3d:c2:88:06:16:da:6a:ac:54:58:ea:
10:57:af:b2:ea:62:a4:87:b9:6e:80:6d:2c:45:7e:93:5f:7d:
4d:d7:41:a8:99:e6:a8:3b:41:db:6c:d9:da:c2:19:69:f1:d1:
79:2a:55:7b:28:be:f4:96:fd:b5:d6:d1:64:8b:f4:84:3d:a3:
cb:66:26:d5:f1:d7:eb:fe:e9:c1:77:21:3d:68:8b:67:77:cb:
37:f5:51:4e:a1:de:44:ab:a6:03:18:24:4c:b5:22:1e:79:be:
f7:f0:e5:e6:6c:ba:c0:68:78:e1:5d:fb:a0:a4:4d:c0:a7:27:
b5:7b:ab:66:ed:a1:c0:76:0f:d5:14:fe:51:c3:e8:51:33:9b:
4c:13:a6:ad:c1:dd:2c:87:dc:98:64:9a:b7:a8:b5:10:62:45:
fd:85:db:96:86:43:4f:f2:17:54:14:b7:04:42:46:cd:43:12:
7e:27:67:eb:32:d3:74:4b:c8:49:63:b3:af:37:9c:3d:06:51:
d8:54:68:d5:49:55:8d:32:fb:b1:a5:53:93:c5:2f:c7:ec:88:
62:fe:52:56
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAYXd4hBaq2MVZy8rVQvW7S0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTIzMDkwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZkOWM1YTNiNDc3NjBmNzc2NzVmYTJiOGE2ZjEwYjZiN2NjMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyQgGM1fNyEG2zhHuKJdOTaPY54h
YqDZI0vhKX5gfwhOM3ENqUcTPD5F9kCRnFVG80jzohs1j0GEdEZk1+vb63qbBDY7
oFHgLyqFgTLXU82mipBWsGW6bR/Oh1uHD3jvyTr0boiVsN+D46nR3a9lrXkNs+FP
y2V1jO0WwUSPhxSs389KkQ789iDB9uM+TzrRLGthqzwZZwH/5yxPegnvBgGF/xAz
JdWGtbwMBKwt5s4unVTpuFJLxrHh0CQOYsT29AloJDJkgogwqC+LAuioI+S2HdZb
Zh2rBdjI6Bop80ki4MJF6DQP1evpxQeNxvap2qc+7q3+PScUgs4wOXh9ewIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFHBtnFo7R3YPd2dforim8QtrfMBzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0cyY1dqdEhkZzkzWjEtaXVLYnhDMnQ4d0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8hQMEAcF8ygMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwlcDAwQBwlcGAwQAwlcLAwQAwlcQAwQAwlcWAwQCwlcYAwQAwlc4AwQA
wldMAwQBwldSAwQAwldoMAwDBAHCV3IDBADCV3QDBADCV3YDBADCV3sDBADCV34D
BADCV4gDBAHCV4oDBADCV5UDBADCV6MDBADCV6UwDAMEAMJXqwMEAMJXrAMEAMJX
sAMEAMJXvgMEAcJXxgMEAMJXygMEAMJXzAMEAcJX0AMEAcJX3gMEAMJX4gMEAMJX
6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VeMAwDBADDhcED
BALDhcADBAHUwAADBAHUwNADBADUwQAwDAMEANTBCwMEANTBDAMEANTBDjANBgkq
hkiG9w0BAQsFAAOCAQEAODcP0xrlTzSjlWv+BdJV1QCtW3EIIuJD4mStcKTSf3st
N/s2kBGFe2YPtz3CiAYW2mqsVFjqEFevsupipIe5boBtLEV+k199TddBqJnmqDtB
22zZ2sIZafHReSpVeyi+9Jb9tdbRZIv0hD2jy2Ym1fHX6/7pwXchPWiLZ3fLN/VR
TqHeRKumAxgkTLUiHnm+9/Dl5my6wGh44V37oKRNwKcntXurZu2hwHYP1RT+UcPo
UTObTBOmrcHdLIfcmGSat6i1EGJF/YXbloZDT/IXVBS3BEJGzUMSfidn6zLTdEvI
SWOzrzecPQZR2FRo1UlVjTL7saVTk8Uvx+yIYv5SVg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org