Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h4XT0L6DVI6DfmYswI4LmrGYdrQ.roa
File: h4XT0L6DVI6DfmYswI4LmrGYdrQ.roa (raw, json)
Hash identifier: +h6whX9ncKp6bbyDhBNwyZS5TPlD/MiCO2VErc5KZ0E=
Subject key identifier: 87:85:D3:D0:BE:83:54:8E:83:7E:66:2C:C0:8E:0B:9A:B1:98:76:B4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018707B1867E388F70247636988CEA256A8A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h4XT0L6DVI6DfmYswI4LmrGYdrQ.roa
Signing time: Wed 22 Mar 2023 05:01:27 +0000
ROA not before: Wed 22 Mar 2023 05:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.233.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
192.124.180.0/22 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:07:b1:86:7e:38:8f:70:24:76:36:98:8c:ea:25:6a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 22 05:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8785d3d0be83548e837e662cc08e0b9ab19876b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f1:26:ce:ef:0e:03:e4:c6:6e:e5:92:ce:47:
ed:b4:60:d2:a9:f4:6e:f6:0e:ad:89:bc:38:71:cc:
a8:7d:29:12:b7:2f:a5:07:77:04:4d:09:05:cd:c9:
9d:bd:77:3f:c9:62:21:dc:5d:84:f5:d5:1b:9a:ae:
b0:7f:9d:ee:46:25:ee:aa:7c:3e:f1:32:31:6e:da:
93:46:44:60:28:8f:e5:c3:56:49:83:28:34:5f:e0:
78:59:47:fa:cd:bc:5b:f5:5a:29:af:84:a1:2e:7d:
45:95:f6:9d:0a:26:66:01:60:83:c5:29:36:45:5e:
66:ac:86:da:83:af:96:28:f7:cc:bd:44:87:7b:a8:
96:f0:3d:b6:b2:99:85:93:cb:d2:37:ae:86:c9:9c:
88:5e:ec:84:59:2f:72:30:c1:af:73:39:9c:7a:ba:
dd:4c:03:18:21:15:c5:f2:6a:7f:b6:b5:84:00:6c:
6c:4d:a7:49:0c:65:37:6b:8f:ce:26:eb:2f:db:2c:
2a:80:3a:fc:d6:71:38:ad:b5:fd:ca:ea:7b:c6:b7:
d4:a4:b5:d0:76:9e:5c:64:fc:4e:52:a0:f8:89:4d:
70:26:83:dc:38:bb:92:de:14:1c:42:14:db:47:65:
15:02:cb:aa:a0:ce:77:0b:f3:dd:d6:a5:12:cb:6f:
a2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:85:D3:D0:BE:83:54:8E:83:7E:66:2C:C0:8E:0B:9A:B1:98:76:B4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h4XT0L6DVI6DfmYswI4LmrGYdrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
62.76.233.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.16.0/24
193.124.44.0/24
193.124.80.0/24
193.124.93.0/24
193.124.201.0/24
193.124.207.0/24
194.58.38.0-194.58.40.255
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.10.0-194.87.12.255
194.87.16.0/24
194.87.22.0/24
194.87.24.0/22
194.87.36.0/23
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.114.0/23
194.87.122.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.160.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.222.0/24
194.87.240.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/23
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.76.0/24
195.133.194.0/23
212.192.1.0/24
212.192.10.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:77:f3:b9:8f:c7:c2:53:6f:6f:fb:6f:f7:6c:a7:19:8b:5e:
cf:ba:4f:8a:88:04:37:c0:5a:4a:1d:00:2b:0b:7b:90:48:e3:
1f:c7:5c:9c:aa:7a:03:3c:5b:92:40:3f:c1:5e:62:2c:38:d1:
79:52:7e:38:e1:f1:79:f1:1a:a2:2e:3d:c9:07:a2:14:75:a1:
06:ed:87:83:2f:2a:6a:dd:0c:82:4a:76:57:bc:58:41:fa:01:
73:9f:50:16:16:55:12:9e:97:1d:06:a6:77:a5:ca:b1:32:e6:
3b:51:c8:ba:8a:7d:ba:ff:04:34:6f:d9:4a:54:d6:27:20:3a:
0f:fd:ed:b7:6f:92:9f:a2:03:57:51:0b:e4:d4:a7:25:51:c7:
fe:75:c7:b7:ff:03:cf:a9:b4:47:d0:c4:15:e9:da:3c:cd:02:
1f:22:5e:10:1d:52:ad:54:24:19:f2:b2:3a:94:f7:9b:6d:ef:
f9:03:e0:d2:89:6c:41:36:e4:05:ab:d8:fe:6b:bc:4b:38:cd:
a8:cb:90:df:07:49:50:d2:60:f3:c6:6c:3f:0d:db:6a:e9:24:
00:4a:c0:2b:79:09:1d:0c:95:94:18:5f:b1:32:6b:35:c2:e6:
b0:ad:5d:2d:6b:d8:1d:8a:cf:88:b3:4f:01:f9:15:cf:e7:84:
23:00:4e:dd
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgISAYcHsYZ+OI9wJHY2mIzqJWqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIyMDUwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg1ZDNkMGJlODM1NDhlODM3ZTY2MmNjMDhlMGI5YWIxOTg3NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifEmzu8OA+TGbuWSzkfttGDSqfRu
9g6tibw4ccyofSkSty+lB3cETQkFzcmdvXc/yWIh3F2E9dUbmq6wf53uRiXuqnw+
8TIxbtqTRkRgKI/lw1ZJgyg0X+B4WUf6zbxb9Vopr4ShLn1FlfadCiZmAWCDxSk2
RV5mrIbag6+WKPfMvUSHe6iW8D22spmFk8vSN66GyZyIXuyEWS9yMMGvczmcerrd
TAMYIRXF8mp/trWEAGxsTadJDGU3a4/OJusv2ywqgDr81nE4rbX9yup7xrfUpLXQ
dp5cZPxOUqD4iU1wJoPcOLuS3hQcQhTbR2UVAsuqoM53C/Pd1qUSy2+iuwIDAQAB
o4IDozCCA58wHQYDVR0OBBYEFIeF09C+g1SOg35mLMCOC5qxmHa0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaDRYVDBMNkRWSTZEZm1Zc3dJNExtckdZZHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtwYIKwYBBQUHAQcBAf8EggGmMIIBojCCAZ4EAgABMIIB
lgMEAD5M4QMEAT5M5gMEAD5M6QMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8
CAMEAMF8EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8yQMEAMF8zzAMAwQBwjomAwQA
wjooAwQAwjovAwQAwjo7AwQAwjpDMAwDBADCVwEDBALCVwADBADCVwcwDAMEAcJX
CgMEAMJXDAMEAMJXEAMEAMJXFgMEAsJXGAMEAcJXJAMEAMJXOAMEAMJXSQMEAMJX
UwMEAMJXaAMEAcJXcgMEAMJXegMEAcJXggMEAMJXigMEAMJXlQMEAMJXoAMEAMJX
pgMEAMJXqDAMAwQBwleqAwQAwlesAwQCwlewAwQAwle2AwQAwle7AwQAwle+AwQA
wlfIAwQAwlfKAwQAwlfeAwQAwlfwAwQAwocSAwQAwocXMAwDBADDOiMDBADDOiQD
BAHDOjIDBADDOjYDBADDOjgDBADDhQADBADDhRoDBADDhR4DBADDhSADBADDhSMD
BADDhUwDBAHDhcIDBADUwAEDBADUwAowDQYJKoZIhvcNAQELBQADggEBAIp387mP
x8JTb2/7b/dspxmLXs+6T4qIBDfAWkodACsLe5BI4x/HXJyqegM8W5JAP8FeYiw4
0XlSfjjh8XnxGqIuPckHohR1oQbth4MvKmrdDIJKdle8WEH6AXOfUBYWVRKelx0G
pnelyrEy5jtRyLqKfbr/BDRv2UpU1icgOg/97bdvkp+iA1dRC+TUpyVRx/51x7f/
A8+ptEfQxBXp2jzNAh8iXhAdUq1UJBnysjqU95tt7/kD4NKJbEE25AWr2P5rvEs4
zajLkN8HSVDSYPPGbD8N22rpJABKwCt5CR0MlZQYX7EyazXC5rCtXS1r2B2Kz4iz
TwH5Fc/nhCMATt0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:09 2023 by rpki-client on console-fra.rpki-client.org