Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g3rjKWpLheGom9Q1eVVbBeXVEfk.roa
File: g3rjKWpLheGom9Q1eVVbBeXVEfk.roa (raw, json)
Hash identifier: dIPQ4zczsNKSMfpJbRRV6W4g2mYmO59Jtiw/NW0ZFGU=
Subject key identifier: 83:7A:E3:29:6A:4B:85:E1:A8:9B:D4:35:79:55:5B:05:E5:D5:11:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192B8B1DCD9A1089E4FA4966E68DC2CF1B8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g3rjKWpLheGom9Q1eVVbBeXVEfk.roa
Signing time: Wed 23 Oct 2024 09:25:17 +0000
ROA not before: Wed 23 Oct 2024 09:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 16:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:b1:dc:d9:a1:08:9e:4f:a4:96:6e:68:dc:2c:f1:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 23 09:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=837ae3296a4b85e1a89bd43579555b05e5d511f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a5:77:7d:9f:7a:87:52:58:6d:59:93:77:28:
c7:df:df:eb:e2:9f:6a:67:c1:15:71:47:fa:45:24:
b7:43:3b:c0:14:e4:8e:99:30:79:1b:7d:96:23:d2:
71:78:17:e2:28:95:4f:b2:d7:d8:3f:32:58:67:03:
7f:39:cd:49:b0:0b:74:97:a1:c1:ae:e4:1e:e3:b4:
00:70:59:5c:f2:f0:ea:74:4d:61:cb:72:f9:01:4c:
5a:de:db:ed:dd:6f:47:19:8f:db:d1:dd:c5:da:1f:
21:08:b8:60:fd:2e:19:e9:79:0d:68:a9:76:07:79:
a4:bc:51:da:5c:0b:d9:3f:2e:11:b0:3f:31:f4:53:
6d:5a:1b:28:22:7f:3a:8f:04:2b:62:59:28:4d:f6:
1b:a4:97:60:06:25:06:31:4e:05:3d:d0:6a:19:23:
46:3e:f1:7c:e1:52:bf:63:08:ab:ee:09:69:e6:70:
60:d8:f2:2d:97:3c:b9:cf:df:5e:ed:cd:b2:45:a5:
20:37:8f:9d:2f:d2:06:99:20:f5:9c:1c:45:8a:0b:
c4:e9:6e:e4:f3:72:8d:ca:90:55:36:93:50:9b:be:
9a:26:d1:53:1a:51:4d:03:13:64:af:9c:d0:6d:b9:
a3:82:2f:4d:24:64:5d:e3:b8:d3:2f:44:f3:4e:94:
d6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:7A:E3:29:6A:4B:85:E1:A8:9B:D4:35:79:55:5B:05:E5:D5:11:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g3rjKWpLheGom9Q1eVVbBeXVEfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.39.0-194.58.40.255
194.58.44.0/23
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.18.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.82.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:7d:40:65:c7:4f:32:5a:c5:9b:0f:77:99:69:55:dc:b2:2a:
4b:7b:ff:d6:7b:92:48:16:a3:c6:83:2e:6b:aa:69:c8:fb:3b:
4d:02:a1:24:1a:ff:d8:6b:8e:8c:f2:51:27:3a:21:2f:b8:38:
0c:bd:84:68:5f:91:5d:78:d1:04:af:39:12:e1:57:e2:d1:94:
bb:54:93:f7:40:a8:6a:9e:c5:83:d5:21:b3:44:10:d8:a3:3a:
ae:89:d2:64:b7:60:e3:92:70:2f:e0:29:16:a4:40:61:90:70:
29:69:7a:ab:89:b0:bb:d8:60:7e:21:58:85:06:f4:bd:58:2e:
7b:69:99:5e:79:8d:1e:35:03:0c:ed:59:05:c3:53:38:fe:31:
67:16:22:96:9f:98:4d:4d:d2:7b:11:12:f6:de:af:d1:65:0b:
40:1b:0a:c2:a1:47:a0:74:ef:8c:09:16:4c:46:ce:de:4a:28:
8d:3f:a7:31:eb:b8:14:be:b3:37:6b:59:3f:ef:81:ef:ed:30:
17:45:9b:f9:b0:e2:77:81:67:ab:dd:59:6c:68:cf:68:f9:3c:
e2:80:e0:84:ee:27:28:8f:38:21:56:56:be:f2:a9:d2:58:d6:
d4:c6:cb:f8:9d:7a:7b:82:ad:b3:37:b3:a8:a5:9a:28:b6:72:
cc:55:54:ba
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZK4sdzZoQieT6SWbmjcLPG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDIzMDkyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzdhZTMyOTZhNGI4NWUxYTg5YmQ0MzU3OTU1NWIwNWU1ZDUxMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6V3fZ96h1JYbVmTdyjH39/r4p9q
Z8EVcUf6RSS3QzvAFOSOmTB5G32WI9JxeBfiKJVPstfYPzJYZwN/Oc1JsAt0l6HB
ruQe47QAcFlc8vDqdE1hy3L5AUxa3tvt3W9HGY/b0d3F2h8hCLhg/S4Z6XkNaKl2
B3mkvFHaXAvZPy4RsD8x9FNtWhsoIn86jwQrYlkoTfYbpJdgBiUGMU4FPdBqGSNG
PvF84VK/Ywir7glp5nBg2PItlzy5z99e7c2yRaUgN4+dL9IGmSD1nBxFigvE6W7k
83KNypBVNpNQm76aJtFTGlFNAxNkr5zQbbmjgi9NJGRd47jTL0TzTpTWawIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFIN64ylqS4XhqJvUNXlVWwXl1RH5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZzNyaktXcExoZUdvbTlRMWVWVmJCZVhWRWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADC
OiIwDAMEAMI6JwMEAMI6KAMEAcI6LAMEAMI6QgMEAMI6RAMEAMJXCgMEAMJXEgME
AMJXHgMEAMJXJwMEAMJXLwMEAMJXOgMEAMJXUgMEAMJXxgMEAMJX4wMEAMJX5gME
AMOFQwMEAMOFXAMEAdTADAMEANTADwMEANTA1wMEANTA3QMEANTA3zAMAwQA1MEB
AwQA1MECAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQBKfUBlx08yWsWbD3eZaVXc
sipLe//We5JIFqPGgy5rqmnI+ztNAqEkGv/Ya46M8lEnOiEvuDgMvYRoX5FdeNEE
rzkS4Vfi0ZS7VJP3QKhqnsWD1SGzRBDYozquidJkt2DjknAv4CkWpEBhkHApaXqr
ibC72GB+IViFBvS9WC57aZleeY0eNQMM7VkFw1M4/jFnFiKWn5hNTdJ7ERL23q/R
ZQtAGwrCoUegdO+MCRZMRs7eSiiNP6cx67gUvrM3a1k/74Hv7TAXRZv5sOJ3gWer
3VlsaM9o+TzigOCE7icojzghVla+8qnSWNbUxsv4nXp7gq2zN7OopZootnLMVVS6
-----END CERTIFICATE-----
Generated at Wed Nov 6 19:54:06 2024 by rpki-client on console-ams.rpki-client.org