Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g41WnezRSF6jY4JpVkO7MLl_nhc.roa
File: g41WnezRSF6jY4JpVkO7MLl_nhc.roa (raw, json)
Hash identifier: a26rZEsisME2gatJZ0bgrefdICp+5KnUvtSlD9VmSVs=
Subject key identifier: 83:8D:56:9D:EC:D1:48:5E:A3:63:82:69:56:43:BB:30:B9:7F:9E:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018755A69A8DF2FAD6EF8CE72B1545D2C057
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g41WnezRSF6jY4JpVkO7MLl_nhc.roa
Signing time: Thu 06 Apr 2023 08:19:54 +0000
ROA not before: Thu 06 Apr 2023 08:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.25.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.114.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
192.124.180.0/22 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:a6:9a:8d:f2:fa:d6:ef:8c:e7:2b:15:45:d2:c0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 08:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=838d569decd1485ea36382695643bb30b97f9e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:b6:0c:c0:25:a9:ec:f4:55:37:c7:24:02:
d5:db:54:c3:fd:fa:ba:90:41:a9:a2:06:34:3a:fe:
67:ee:4e:15:3e:8f:74:ad:f3:31:79:3b:3c:72:9d:
2f:9e:11:c5:8e:3f:9b:51:ef:83:32:df:59:da:a3:
ec:00:ff:c1:10:3a:db:52:e5:11:f1:24:45:32:f8:
17:2b:4d:a4:01:73:87:9e:94:18:e0:f8:c0:37:ad:
d2:aa:5a:90:da:d9:01:aa:14:75:44:d1:f0:ea:d5:
b3:35:9e:cb:a9:c0:a8:0b:78:bb:2e:fb:00:e4:f3:
12:9f:94:2f:77:e8:db:3b:37:d0:5a:e3:49:b0:2b:
54:6e:44:f3:92:b1:57:31:08:a7:25:df:33:57:3c:
25:ab:e6:4d:55:93:3e:48:d3:83:e6:b5:33:57:09:
61:95:4c:5d:df:e1:c1:b7:49:df:16:7a:ac:4a:c0:
a3:56:61:d6:26:44:41:02:9e:4a:a1:40:67:fd:ec:
b9:75:12:91:57:36:e9:96:0a:f2:16:b0:fc:88:c5:
85:49:9f:ff:92:4e:24:66:4b:1a:28:62:7d:57:09:
6d:a3:72:66:c3:4f:04:c1:44:a2:44:3f:37:63:3c:
2a:d0:fc:2a:af:76:dd:15:34:ae:2b:74:a1:64:8b:
e8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8D:56:9D:EC:D1:48:5E:A3:63:82:69:56:43:BB:30:B9:7F:9E:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g41WnezRSF6jY4JpVkO7MLl_nhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.16.0/24
193.124.44.0/24
193.124.80.0/24
193.124.93.0/24
193.124.133.0/24
193.124.201.0/24
194.58.38.0/24
194.58.40.0/24
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.10.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0/24
194.87.24.0/22
194.87.37.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.160.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.87.246.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/23
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.76.0/24
195.133.84.0/24
195.133.194.0/23
212.192.1.0/24
212.192.10.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a2:eb:63:c6:36:12:97:00:96:8b:26:b5:34:0a:b1:1a:26:
c4:e3:5f:28:cd:16:0b:1f:53:cd:e8:20:7c:70:61:7b:e6:bf:
26:69:a7:55:2e:94:3e:21:82:ea:a6:f5:e5:b3:6a:ce:0f:87:
87:7a:fb:35:1a:05:32:58:93:1b:76:51:e6:83:44:e7:de:53:
59:94:61:bd:a4:00:23:90:19:b8:f1:13:3d:bb:ef:e3:2c:f1:
1e:8b:06:d8:a2:95:6d:01:98:30:9f:3a:ec:23:c9:7f:3d:01:
1c:11:30:6e:8c:8b:c0:91:f1:0e:2c:4b:b2:e2:50:46:29:77:
dc:fd:d0:5a:a0:33:9f:50:a5:19:13:fc:91:f8:a2:e5:8a:ce:
4d:ca:b0:6e:e3:8d:1a:6d:01:cc:8a:21:8e:16:88:ba:df:a3:
32:8c:b0:4b:0f:5d:22:99:88:30:77:65:17:f2:a7:d6:7f:75:
1d:2a:77:f7:84:ed:73:a9:12:00:2f:97:16:ca:5b:24:c5:34:
48:f1:a6:57:07:a7:b5:86:95:ce:ec:29:de:0c:9c:a6:c8:ec:
f9:4e:d0:2c:55:b6:5d:ae:4b:40:16:b5:e3:b2:42:c2:9a:c8:
9d:6f:4e:28:0d:77:37:b2:4f:f1:5a:57:57:00:87:2e:80:9d:
69:1e:e7:62
-----BEGIN CERTIFICATE-----
MIIGszCCBZugAwIBAgISAYdVppqN8vrW74znKxVF0sBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MDgxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhkNTY5ZGVjZDE0ODVlYTM2MzgyNjk1NjQzYmIzMGI5N2Y5ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyK2DMAlqez0VTfHJALV21TD/fq6
kEGpogY0Ov5n7k4VPo90rfMxeTs8cp0vnhHFjj+bUe+DMt9Z2qPsAP/BEDrbUuUR
8SRFMvgXK02kAXOHnpQY4PjAN63SqlqQ2tkBqhR1RNHw6tWzNZ7LqcCoC3i7LvsA
5PMSn5Qvd+jbOzfQWuNJsCtUbkTzkrFXMQinJd8zVzwlq+ZNVZM+SNOD5rUzVwlh
lUxd3+HBt0nfFnqsSsCjVmHWJkRBAp5KoUBn/ey5dRKRVzbplgryFrD8iMWFSZ//
kk4kZksaKGJ9Vwlto3Jmw08EwUSiRD83Yzwq0Pwqr3bdFTSuK3ShZIvoowIDAQAB
o4IDvzCCA7swHQYDVR0OBBYEFIONVp3s0Uheo2OCaVZDuzC5f54XMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZzQxV25lelJTRjZqWTRKcFZrTzdNTGxfbmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0wYIKwYBBQUHAQcBAf8EggHCMIIBvjCCAboEAgABMIIB
sgMEAD5M4QMEAT5M5gMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8CAMEAMF8
EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8hQMEAMF8yQMEAMI6JgMEAMI6KAMEAMI6
LwMEAMI6OwMEAMI6QwMEAMI6mjAMAwQAwlcBAwQCwlcAAwQAwlcHMAwDBAHCVwoD
BADCVwwDBADCVxADBADCVxIDBADCVxYDBALCVxgDBADCVyUDBADCVzgDBADCV0kD
BADCV1MDBADCV2gDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IDBADCV4oDBADCV5UD
BADCV6ADBADCV6YDBADCV6gwDAMEAcJXqgMEAMJXrAMEAsJXsAMEAMJXtgMEAMJX
uwMEAMJXvgMEAMJXyAMEAMJXygMEAMJX3gMEAMJX8AMEAMJX8wMEAMJX9gMEAMKH
EgMEAMKHFzAMAwQAwzojAwQAwzokAwQBwzoyAwQAwzo2AwQAwzo4AwQAw4UAAwQA
w4UaAwQAw4UeAwQAw4UgAwQAw4UjAwQAw4VMAwQAw4VUAwQBw4XCAwQA1MABAwQA
1MAKMA0GCSqGSIb3DQEBCwUAA4IBAQBQoutjxjYSlwCWiya1NAqxGibE418ozRYL
H1PN6CB8cGF75r8maadVLpQ+IYLqpvXls2rOD4eHevs1GgUyWJMbdlHmg0Tn3lNZ
lGG9pAAjkBm48RM9u+/jLPEeiwbYopVtAZgwnzrsI8l/PQEcETBujIvAkfEOLEuy
4lBGKXfc/dBaoDOfUKUZE/yR+KLlis5NyrBu440abQHMiiGOFoi636MyjLBLD10i
mYgwd2UX8qfWf3UdKnf3hO1zqRIAL5cWylskxTRI8aZXB6e1hpXO7CneDJymyOz5
TtAsVbZdrktAFrXjskLCmsidb04oDXc3sk/xWldXAIcugJ1pHudi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:08 2023 by rpki-client on console-fra.rpki-client.org