Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cjhCTiUIMZOO9aUJ6wUWJdy-rK4.roa
File: cjhCTiUIMZOO9aUJ6wUWJdy-rK4.roa (raw, json)
Hash identifier: 1jKLOI8mwO/QLrIeOjrBi4Wt07Y/kH5vKF/ymdC0qf8=
Subject key identifier: 72:38:42:4E:25:08:31:93:8E:F5:A5:09:EB:05:16:25:DC:BE:AC:AE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186AC5E366170DAD20C9D436763E615FCEB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cjhCTiUIMZOO9aUJ6wUWJdy-rK4.roa
Signing time: Sat 04 Mar 2023 11:25:00 +0000
ROA not before: Sat 04 Mar 2023 11:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Mar 2023 04:35:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ac:5e:36:61:70:da:d2:0c:9d:43:67:63:e6:15:fc:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 4 11:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7238424e250831938ef5a509eb051625dcbeacae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:6c:ea:45:ce:fe:31:80:dd:bb:a7:91:58:
64:25:83:ee:42:04:8d:38:d3:3b:37:9e:cd:1b:16:
20:1e:6c:a3:ee:66:7d:9c:45:a3:3a:79:b8:ff:2e:
1d:dc:46:a5:d2:67:29:78:55:c4:77:b6:dd:1a:16:
b1:09:4c:36:cc:d8:e5:6f:3f:c3:ef:cf:e0:66:63:
99:84:5a:f6:fc:b7:6a:0c:ca:eb:00:36:1c:5e:20:
7f:f2:e9:29:e2:57:35:b3:13:2e:5a:ee:46:fc:65:
f0:17:ca:dd:39:be:46:a2:33:d3:e2:5a:41:37:25:
49:67:e0:ab:52:e6:19:20:65:e2:3b:9d:11:a8:ee:
a9:d6:c6:35:cd:c4:fe:3e:ca:76:52:4d:72:cf:1d:
ae:51:bc:42:87:4a:78:7d:79:06:92:d2:7d:2b:a4:
44:a5:0d:9d:f8:70:22:64:a7:f7:67:52:10:55:11:
d0:6a:fc:1e:be:53:c0:25:83:c9:05:e2:c7:14:4b:
1a:4b:63:cb:d9:28:48:68:2c:1a:9f:ea:3b:05:93:
b1:fd:b6:a3:3d:79:07:b3:4a:ed:dd:2c:50:63:9c:
9f:c7:99:92:84:f5:8c:13:6e:5d:c7:d5:ab:74:ca:
4b:c6:05:5f:02:97:ee:b8:93:20:1e:97:d9:f2:5e:
44:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:38:42:4E:25:08:31:93:8E:F5:A5:09:EB:05:16:25:DC:BE:AC:AE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cjhCTiUIMZOO9aUJ6wUWJdy-rK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.180.0/24
193.124.90.0/24
193.124.200.0/24
194.58.40.0/24
194.87.2.0/24
194.87.10.0/24
194.87.124.0/24
194.87.233.0/24
194.87.252.0/24
195.58.51.0/24
195.133.76.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f3:97:e8:6b:78:eb:d8:9d:76:f5:2b:62:f2:b5:4b:af:2c:
f5:e0:ac:4a:48:ff:95:43:51:cb:20:97:04:e1:99:60:53:b9:
b6:89:9b:70:b9:f9:eb:58:c3:a3:df:36:bc:f5:f7:ee:18:b4:
4b:5a:d1:5c:b5:19:46:a8:34:8b:93:f1:0a:14:7d:a3:c1:fe:
6f:63:0c:69:fa:ce:b0:d6:0b:57:26:28:53:42:90:2f:b9:28:
e2:ed:2f:8b:c3:07:67:0e:88:02:d7:90:bf:be:b2:3b:6d:55:
77:8f:a9:93:ec:1d:11:59:41:da:ed:6c:42:d1:69:eb:ae:a0:
0d:e4:c6:ae:b1:ee:85:31:30:dc:43:64:f3:3b:a7:37:4a:0f:
90:c7:98:64:3a:88:4a:9d:2d:91:a1:fe:5a:82:cd:5b:80:cc:
95:a0:fc:4b:87:4f:71:b7:54:e5:0b:86:a1:f0:89:8d:65:51:
ff:2e:07:6c:df:5b:c0:fa:74:e3:06:7c:c6:fc:cc:1d:c5:ae:
a4:90:80:41:1d:1e:84:ed:56:1a:1e:d9:fe:2c:15:2a:1a:56:
65:47:03:18:62:88:ce:ee:ab:3d:58:c3:90:d6:9d:4c:38:2c:
8c:43:0a:6c:8f:ea:b3:6c:e7:6e:5b:17:a0:70:b7:c6:36:70:
20:3d:09:0c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYasXjZhcNrSDJ1DZ2PmFfzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA0MTEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM4NDI0ZTI1MDgzMTkzOGVmNWE1MDllYjA1MTYyNWRjYmVhY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5hs6kXO/jGA3bunkVhkJYPuQgSN
ONM7N57NGxYgHmyj7mZ9nEWjOnm4/y4d3Eal0mcpeFXEd7bdGhaxCUw2zNjlbz/D
78/gZmOZhFr2/LdqDMrrADYcXiB/8ukp4lc1sxMuWu5G/GXwF8rdOb5GojPT4lpB
NyVJZ+CrUuYZIGXiO50RqO6p1sY1zcT+Psp2Uk1yzx2uUbxCh0p4fXkGktJ9K6RE
pQ2d+HAiZKf3Z1IQVRHQavwevlPAJYPJBeLHFEsaS2PL2ShIaCwan+o7BZOx/baj
PXkHs0rt3SxQY5yfx5mShPWME25dx9WrdMpLxgVfApfuuJMgHpfZ8l5E0QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHI4Qk4lCDGTjvWlCesFFiXcvqyuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY2poQ1RpVUlNWk9POWFVSjZ3VVdKZHktcks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAPkziAwQA
wHy0AwQAwXxaAwQAwXzIAwQAwjooAwQAwlcCAwQAwlcKAwQAwld8AwQAwlfpAwQA
wlf8AwQAwzozAwQAw4VMAwQA1MAJMA0GCSqGSIb3DQEBCwUAA4IBAQAe85foa3jr
2J129Sti8rVLryz14KxKSP+VQ1HLIJcE4ZlgU7m2iZtwufnrWMOj3za89ffuGLRL
WtFctRlGqDSLk/EKFH2jwf5vYwxp+s6w1gtXJihTQpAvuSji7S+LwwdnDogC15C/
vrI7bVV3j6mT7B0RWUHa7WxC0WnrrqAN5Mause6FMTDcQ2TzO6c3Sg+Qx5hkOohK
nS2Rof5ags1bgMyVoPxLh09xt1TlC4ah8ImNZVH/Lgds31vA+nTjBnzG/Mwdxa6k
kIBBHR6E7VYaHtn+LBUqGlZlRwMYYojO7qs9WMOQ1p1MOCyMQwpsj+qzbOduWxeg
cLfGNnAgPQkM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org