Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gqYAWF0cVXMij6ViHBjzim0y-0Y.roa
File: gqYAWF0cVXMij6ViHBjzim0y-0Y.roa (raw, json)
Hash identifier: PllPXjwpY1ikiXj3zM6OCZEkzEQN0anhXBYn6JkEvmY=
Subject key identifier: 82:A6:00:58:5D:1C:55:73:22:8F:A5:62:1C:18:F3:8A:6D:32:FB:46
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018747A1BD44C10F18CE9C67FB90FA20E904
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gqYAWF0cVXMij6ViHBjzim0y-0Y.roa
Signing time: Mon 03 Apr 2023 14:59:54 +0000
ROA not before: Mon 03 Apr 2023 14:59:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.25.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
192.124.180.0/22 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:a1:bd:44:c1:0f:18:ce:9c:67:fb:90:fa:20:e9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 3 14:59:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82a600585d1c5573228fa5621c18f38a6d32fb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:60:33:d1:ee:8e:a3:52:9d:05:41:d8:32:11:
95:18:ce:42:74:ac:66:bb:ef:95:ba:22:de:ae:f5:
57:29:f5:af:f8:1f:d0:bd:38:a9:fa:45:4e:a5:42:
67:d4:1e:a0:89:71:7a:c8:8a:23:27:15:0e:43:57:
57:3c:6b:25:1b:42:f1:93:5b:00:e8:d8:26:1e:88:
49:3f:1a:78:7a:4a:f5:cf:bc:82:3a:ae:34:4e:c4:
06:5e:c0:a8:73:e9:f9:4c:b3:8c:30:cf:28:cd:8c:
af:86:43:82:75:51:f8:c7:e0:1d:35:39:fa:be:07:
7c:a8:55:85:d5:57:2d:f8:3d:62:60:df:9f:7a:af:
b6:9e:4d:04:66:10:85:fe:d3:0f:cc:9e:45:05:ce:
5c:f5:68:62:b4:fa:01:a0:69:14:9c:8a:f0:dd:91:
9e:06:1e:b0:3a:01:5b:5f:a6:d5:9f:c1:f5:f6:06:
3d:c3:b7:74:e6:4b:cf:2c:b0:ee:32:c6:5d:81:d5:
8f:dc:2d:7f:d2:92:30:79:ed:28:44:83:b6:14:15:
9c:e5:b3:f5:7b:ec:26:26:a9:7f:06:85:1c:f6:d3:
84:60:e8:d1:6b:47:21:b2:65:c4:52:8d:d4:b3:54:
53:88:9a:11:61:b3:5d:d5:1e:ae:be:e6:01:33:63:
54:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A6:00:58:5D:1C:55:73:22:8F:A5:62:1C:18:F3:8A:6D:32:FB:46
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gqYAWF0cVXMij6ViHBjzim0y-0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.16.0/24
193.124.44.0/24
193.124.80.0/24
193.124.93.0/24
193.124.133.0/24
193.124.201.0/24
194.58.38.0-194.58.40.255
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.10.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0/24
194.87.24.0/22
194.87.37.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.160.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.87.246.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/23
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.76.0/24
195.133.84.0/24
195.133.194.0/23
212.192.1.0/24
212.192.10.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:58:3f:6c:a6:e4:3f:6e:9d:a9:04:f5:7c:00:b6:ed:12:1a:
7f:82:21:52:27:a0:2c:ea:29:f6:88:ef:8c:f8:58:29:bb:a7:
db:7f:c5:66:be:fe:e8:0e:02:96:79:6f:db:93:2b:4b:7c:0b:
c8:7f:bf:16:2f:4f:55:8b:85:0f:69:a5:83:4d:a2:f7:22:42:
eb:c9:17:58:36:17:47:9b:ce:b9:01:a9:45:36:8d:5d:f5:d8:
de:a9:aa:e2:56:3b:b5:01:84:c3:0d:9d:bf:f1:61:96:51:ad:
8b:76:cc:d1:3a:ed:3e:69:26:f0:e7:97:59:78:bb:ca:1e:df:
10:46:35:16:be:45:e3:8e:c8:5b:22:da:49:ae:58:e7:3b:46:
18:e5:dc:1a:31:6d:b5:8b:67:94:e4:72:59:5b:a6:1f:cf:31:
9a:6e:a9:c5:39:34:27:ff:7f:c3:fb:6e:4b:72:a2:37:74:ae:
20:b3:dd:fa:00:e2:56:05:ec:00:24:d9:a9:cb:9c:cc:9b:df:
83:d7:dd:ad:14:ca:6c:7c:ef:f8:45:54:5d:46:a4:f7:16:67:
71:51:f0:ea:67:b4:6d:0e:3c:64:39:69:33:3d:2b:6b:9d:5f:
06:6c:88:25:3e:2c:99:57:3e:7d:cb:91:a9:65:da:f3:fb:a7:
25:0c:6d:52
-----BEGIN CERTIFICATE-----
MIIGtTCCBZ2gAwIBAgISAYdHob1EwQ8Yzpxn+5D6IOkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDAzMTQ1OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmE2MDA1ODVkMWM1NTczMjI4ZmE1NjIxYzE4ZjM4YTZkMzJmYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Az0e6Oo1KdBUHYMhGVGM5CdKxm
u++VuiLervVXKfWv+B/QvTip+kVOpUJn1B6giXF6yIojJxUOQ1dXPGslG0Lxk1sA
6NgmHohJPxp4ekr1z7yCOq40TsQGXsCoc+n5TLOMMM8ozYyvhkOCdVH4x+AdNTn6
vgd8qFWF1Vct+D1iYN+feq+2nk0EZhCF/tMPzJ5FBc5c9WhitPoBoGkUnIrw3ZGe
Bh6wOgFbX6bVn8H19gY9w7d05kvPLLDuMsZdgdWP3C1/0pIwee0oRIO2FBWc5bP1
e+wmJql/BoUc9tOEYOjRa0chsmXEUo3Us1RTiJoRYbNd1R6uvuYBM2NUPwIDAQAB
o4IDwTCCA70wHQYDVR0OBBYEFIKmAFhdHFVzIo+lYhwY84ptMvtGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ3FZQVdGMGNWWE1pajZWaUhCanppbTB5LTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1QYIKwYBBQUHAQcBAf8EggHEMIIBwDCCAbwEAgABMIIB
tAMEAD5M4QMEAT5M5gMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8CAMEAMF8
EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8hQMEAMF8yTAMAwQBwjomAwQAwjooAwQA
wjovAwQAwjo7AwQAwjpDAwQAwjqaMAwDBADCVwEDBALCVwADBADCVwcwDAMEAcJX
CgMEAMJXDAMEAMJXEAMEAMJXEgMEAMJXFgMEAsJXGAMEAMJXJQMEAMJXOAMEAMJX
SQMEAMJXUwMEAMJXaAMEAcJXcgMEAMJXegMEAMJXfAMEAcJXggMEAMJXigMEAMJX
lQMEAMJXoAMEAMJXpgMEAMJXqDAMAwQBwleqAwQAwlesAwQCwlewAwQAwle2AwQA
wle7AwQAwle+AwQAwlfIAwQAwlfKAwQAwlfeAwQAwlfwAwQAwlfzAwQAwlf2AwQA
wocSAwQAwocXMAwDBADDOiMDBADDOiQDBAHDOjIDBADDOjYDBADDOjgDBADDhQAD
BADDhRoDBADDhR4DBADDhSADBADDhSMDBADDhUwDBADDhVQDBAHDhcIDBADUwAED
BADUwAowDQYJKoZIhvcNAQELBQADggEBAB9YP2ym5D9unakE9XwAtu0SGn+CIVIn
oCzqKfaI74z4WCm7p9t/xWa+/ugOApZ5b9uTK0t8C8h/vxYvT1WLhQ9ppYNNovci
QuvJF1g2F0ebzrkBqUU2jV312N6pquJWO7UBhMMNnb/xYZZRrYt2zNE67T5pJvDn
l1l4u8oe3xBGNRa+ReOOyFsi2kmuWOc7Rhjl3BoxbbWLZ5Tkcllbph/PMZpuqcU5
NCf/f8P7bktyojd0riCz3foA4lYF7AAk2anLnMyb34PX3a0Uymx87/hFVF1GpPcW
Z3FR8OpntG0OPGQ5aTM9K2udXwZsiCU+LJlXPn3Lkall2vP7pyUMbVI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org