Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fSJ5pd7MBhwG59KLKItZwEn9v2o.roa
File: fSJ5pd7MBhwG59KLKItZwEn9v2o.roa (raw, json)
Hash identifier: laDQ3trfynSFWwrEg1ss/tfrqVdSyFAqLi2w9SVWra4=
Subject key identifier: 7D:22:79:A5:DE:CC:06:1C:06:E7:D2:8B:28:8B:59:C0:49:FD:BF:6A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D1C474EEEE4050DFB01A17AB48BBA2B0D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fSJ5pd7MBhwG59KLKItZwEn9v2o.roa
Signing time: Thu 18 Jan 2024 11:14:11 +0000
ROA not before: Thu 18 Jan 2024 11:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 09:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:47:4e:ee:e4:05:0d:fb:01:a1:7a:b4:8b:ba:2b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 18 11:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d2279a5decc061c06e7d28b288b59c049fdbf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:29:e1:45:fb:b2:ec:4a:cd:4b:ac:fb:df:92:
08:dc:ae:85:92:1d:82:f4:23:ad:89:4f:9b:0e:08:
9d:95:a3:a4:94:d4:75:e8:71:cf:c4:36:16:34:a3:
d1:09:bd:c9:d9:9c:ac:4f:07:f7:4f:e1:59:35:fb:
a6:a6:67:9e:e7:50:ab:b1:03:f6:7d:ad:64:bf:bb:
49:64:6f:75:25:36:30:33:83:82:d4:ec:5b:e7:ff:
bc:3e:1d:c5:93:6d:62:69:f9:97:11:20:13:3c:60:
97:99:9e:07:a0:5f:9b:8c:af:e9:9b:27:e5:64:b7:
53:22:bd:16:24:0b:07:b4:eb:61:1f:58:af:f9:ee:
4b:95:ab:06:fc:5a:98:f0:e2:a9:b6:ad:71:43:b9:
db:31:35:6c:01:67:19:d0:e7:2d:86:20:18:42:51:
08:18:7e:00:50:ce:ca:97:52:da:26:11:dd:e1:72:
fd:ed:ab:6f:69:bc:d7:ae:34:35:50:95:12:5a:15:
6d:01:e5:90:b0:62:2a:8b:d9:88:48:07:9c:59:fe:
4f:30:aa:c0:b0:f9:3f:ec:b5:d8:1c:a7:48:7b:88:
99:9f:e3:e1:f9:39:78:0d:d6:32:8b:09:e0:7b:7b:
e9:ec:65:e3:a9:ff:18:c6:de:96:3b:ed:bb:08:5c:
a2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:22:79:A5:DE:CC:06:1C:06:E7:D2:8B:28:8B:59:C0:49:FD:BF:6A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fSJ5pd7MBhwG59KLKItZwEn9v2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.40.0/24
194.87.76.0/24
194.87.81.0/24
194.87.88.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.87.245.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:68:f0:e4:62:6b:97:81:ab:48:8c:0d:84:9a:90:7c:6d:36:
fc:cd:30:ea:29:39:04:1c:74:e8:2e:06:6b:11:df:da:c6:36:
3d:4e:b1:18:a9:1c:0e:b5:89:a2:3a:21:a1:89:8f:12:48:5a:
69:2a:00:e9:c1:d1:a7:ea:49:33:8d:9c:2b:18:61:15:57:5a:
85:33:56:28:f3:68:8f:a8:3b:52:b0:d7:ec:f0:f4:c5:2a:d2:
f8:94:41:44:e1:9a:28:22:ee:72:0e:ca:01:2f:41:f7:dc:fe:
14:64:8c:e5:c5:f5:de:9e:69:fe:b3:cb:67:ab:0b:e7:95:ab:
57:ab:49:3b:d4:17:81:48:e7:e2:79:72:c1:18:fc:ca:2c:b4:
35:d2:94:7e:b3:4c:2d:a6:63:5b:db:cf:16:d7:20:ce:62:c8:
e7:7d:7f:d2:f4:27:51:29:2d:49:d5:1b:75:0f:97:18:47:05:
5c:89:fd:5e:49:6d:e3:65:8f:98:c0:d2:08:c8:02:e7:76:ad:
d3:e8:f0:e8:d0:82:57:24:7d:2f:22:3c:95:aa:87:d2:74:36:
98:8e:62:12:9e:fd:fe:ea:8e:29:c4:dc:38:6e:d3:25:a6:4a:
ee:04:af:95:3a:d8:ec:fa:d3:8b:12:24:b5:f8:ea:9a:7c:bc:
75:65:f4:60
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAY0cR07u5AUN+wGherSLuisNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE4MTExNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDIyNzlhNWRlY2MwNjFjMDZlN2QyOGIyODhiNTljMDQ5ZmRiZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuinhRfuy7ErNS6z735II3K6Fkh2C
9COtiU+bDgidlaOklNR16HHPxDYWNKPRCb3J2ZysTwf3T+FZNfumpmee51CrsQP2
fa1kv7tJZG91JTYwM4OC1Oxb5/+8Ph3Fk21iafmXESATPGCXmZ4HoF+bjK/pmyfl
ZLdTIr0WJAsHtOthH1iv+e5LlasG/FqY8OKptq1xQ7nbMTVsAWcZ0OcthiAYQlEI
GH4AUM7Kl1LaJhHd4XL97atvabzXrjQ1UJUSWhVtAeWQsGIqi9mISAecWf5PMKrA
sPk/7LXYHKdIe4iZn+Ph+Tl4DdYyiwnge3vp7GXjqf8Yxt6WO+27CFyi8wIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFH0ieaXezAYcBufSiyiLWcBJ/b9qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZlNKNXBkN01CaHdHNTlLTEtJdFp3RW45djJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCCAQwEAgABMIIB
BAMEAD5M4wMEALlICgMEAMB8twMEAMF8LwMEAMF8XwMEAMF8yjAMAwQAwjopAwQA
wjoqAwQAwjpCAwQAwjqaAwQAwlcaAwQAwlcoAwQAwldMAwQAwldRAwQAwldYAwQA
wleAAwQAwleVAwQAwleXAwQAwleqAwQAwlesAwQAwle7AwQAwle+AwQAwlfJAwQA
wlfXAwQAwlfgAwQAwlflAwQAwlfnAwQAwlf1AwQAwochAwQAwzo2AwQAwzo8AwQA
wzo/AwQAw4UCAwQAw4UZAwQAw4UbAwQAw4VIAwQAw4VUAwQAw4XAAwQA1MABAwQA
1MDWAwQA1MDeAwQA1MENAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQAcaPDkYmuX
gatIjA2EmpB8bTb8zTDqKTkEHHToLgZrEd/axjY9TrEYqRwOtYmiOiGhiY8SSFpp
KgDpwdGn6kkzjZwrGGEVV1qFM1Yo82iPqDtSsNfs8PTFKtL4lEFE4ZooIu5yDsoB
L0H33P4UZIzlxfXenmn+s8tnqwvnlatXq0k71BeBSOfieXLBGPzKLLQ10pR+s0wt
pmNb288W1yDOYsjnfX/S9CdRKS1J1Rt1D5cYRwVcif1eSW3jZY+YwNIIyALndq3T
6PDo0IJXJH0vIjyVqofSdDaYjmISnv3+6o4pxNw4btMlpkruBK+VOtjs+tOLEiS1
+OqafLx1ZfRg
-----END CERTIFICATE-----
Generated at Fri Jan 19 12:37:56 2024 by rpki-client on console-fra.rpki-client.org