Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h7iqX3WyHK26JwUTYpMg3rl9CAQ.roa
File: h7iqX3WyHK26JwUTYpMg3rl9CAQ.roa (raw, json)
Hash identifier: n/vOd1cAAiyNLifyiQOh2vmss3uAW29koWkTkkdVghk=
Subject key identifier: 87:B8:AA:5F:75:B2:1C:AD:BA:27:05:13:62:93:20:DE:B9:7D:08:04
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D63A110FEA3F7BA0F430B8940426957AE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h7iqX3WyHK26JwUTYpMg3rl9CAQ.roa
Signing time: Thu 01 Feb 2024 07:45:16 +0000
ROA not before: Thu 01 Feb 2024 07:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:a1:10:fe:a3:f7:ba:0f:43:0b:89:40:42:69:57:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 1 07:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87b8aa5f75b21cadba270513629320deb97d0804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2d:83:f7:b4:26:1e:65:63:d7:37:f4:3e:d2:
b0:84:5e:f0:7a:58:be:0d:55:5b:81:18:7c:ef:42:
96:a2:53:40:a7:71:8d:2f:11:69:c4:c5:6f:4f:e0:
64:2e:53:5b:6b:4c:67:99:0d:05:21:9b:6e:51:d7:
30:30:65:f7:59:6f:fc:d9:f5:a0:33:3e:7a:5c:83:
ef:b9:2f:9a:43:03:ef:16:a5:84:31:ad:6e:ac:1c:
7d:bc:4b:01:64:b2:13:29:bb:fc:aa:49:6d:c0:62:
19:09:08:e1:5f:a3:32:c1:ef:fa:ec:62:7d:6b:7d:
6e:27:12:27:4a:eb:53:c5:92:44:50:b1:e0:88:f7:
f9:6d:f0:d2:55:07:f7:13:c8:71:dd:7b:14:f6:3e:
43:ce:36:d1:a5:cc:57:84:57:74:65:8e:49:63:d9:
ca:0a:b5:c9:18:ad:31:8b:13:8d:c7:a7:cc:94:0e:
25:29:7d:ca:ea:13:86:7f:c6:34:fc:85:11:cb:98:
21:22:e9:bb:2e:c0:97:cb:17:99:e8:c5:4e:b6:a2:
03:19:9f:53:c3:ed:5a:f5:71:bd:03:4d:6a:7a:2d:
db:c5:d8:29:5a:39:33:9b:91:b4:db:4f:10:5e:ec:
5e:f7:4b:9b:6d:21:1e:dd:d8:cd:a3:03:93:07:f9:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B8:AA:5F:75:B2:1C:AD:BA:27:05:13:62:93:20:DE:B9:7D:08:04
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h7iqX3WyHK26JwUTYpMg3rl9CAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.5.0/24
193.124.7.0/24
193.124.47.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
193.124.207.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.32.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.18.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/23
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
28:64:66:1f:f7:e6:20:5a:2c:17:6a:c0:53:c8:9c:14:50:56:
89:84:51:96:ba:89:55:bd:8e:17:5f:70:6c:51:9c:70:b6:e5:
83:6f:5d:f0:97:ee:17:81:8a:0b:1a:f0:fa:5e:25:6d:c5:7b:
08:7d:9c:88:2c:30:71:92:b2:87:9f:33:d6:e8:6d:38:49:33:
05:aa:ef:ae:5b:b1:38:f3:c4:33:86:72:fe:d7:2b:b6:a9:a4:
69:0d:b5:36:fc:98:e4:e6:be:b3:39:18:58:90:2b:1a:36:c8:
2b:e3:fa:15:c1:c7:56:ac:72:28:22:ac:20:5b:0d:07:ca:1c:
a0:e7:b9:6b:36:d3:ab:93:3f:e4:99:5e:7b:62:e0:61:81:08:
55:03:4e:61:c2:62:0d:77:16:f6:cb:5e:90:14:91:4f:ce:9d:
66:f6:1b:67:ba:d2:e1:15:4d:0c:39:ab:5e:9b:3e:52:98:7a:
82:b7:c3:ad:58:84:40:75:14:2b:64:8a:04:6f:7a:5d:16:ff:
7d:49:75:b1:3d:75:2e:27:78:41:ca:26:cc:00:8f:27:36:04:
0b:d2:39:d2:37:a5:e2:e1:a4:ad:7d:06:26:ae:8f:32:39:b6:
a4:a4:09:4e:b9:7e:a9:a9:cd:6d:5d:df:d0:65:79:67:01:0e:
9f:fd:1a:16
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAY1joRD+o/e6D0MLiUBCaVeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAxMDc0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I4YWE1Zjc1YjIxY2FkYmEyNzA1MTM2MjkzMjBkZWI5N2QwODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny2D97QmHmVj1zf0PtKwhF7weli+
DVVbgRh870KWolNAp3GNLxFpxMVvT+BkLlNba0xnmQ0FIZtuUdcwMGX3WW/82fWg
Mz56XIPvuS+aQwPvFqWEMa1urBx9vEsBZLITKbv8qkltwGIZCQjhX6Mywe/67GJ9
a31uJxInSutTxZJEULHgiPf5bfDSVQf3E8hx3XsU9j5DzjbRpcxXhFd0ZY5JY9nK
CrXJGK0xixONx6fMlA4lKX3K6hOGf8Y0/IURy5ghIum7LsCXyxeZ6MVOtqIDGZ9T
w+1a9XG9A01qei3bxdgpWjkzm5G0208QXuxe90ubbSEe3djNowOTB/mtkQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFIe4ql91shytuicFE2KTIN65fQgEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaDdpcVgzV3lISzI2SndVVFlwTWczcmw5Q0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAD5M4wMEALlICgMEAMB8twMEAMF8BQMEAMF8BwMEAMF8LwMEAMF8XwMEAMF8
yAMEAMF8ygMEAMF8zzAMAwQAwjopAwQAwjoqAwQAwjpCAwQAwjqaAwQAwlcaAwQA
wlcgAwQAwldMAwQAwldRAwQAwleAAwQAwleVAwQAwleXAwQAwleqAwQAwlesAwQA
wle7AwQAwle+AwQAwlfJAwQAwlfXAwQAwlfgAwQAwlflAwQAwlfnAwQAwocSAwQA
wochAwQAwzo2AwQAwzo8AwQAwzo/AwQAw4UCAwQAw4UZAwQAw4UbAwQAw4VIAwQB
w4VUAwQAw4XAAwQA1MABAwQA1MDWAwQA1MENAwQA1MEZMA0GCSqGSIb3DQEBCwUA
A4IBAQAoZGYf9+YgWiwXasBTyJwUUFaJhFGWuolVvY4XX3BsUZxwtuWDb13wl+4X
gYoLGvD6XiVtxXsIfZyILDBxkrKHnzPW6G04STMFqu+uW7E488QzhnL+1yu2qaRp
DbU2/Jjk5r6zORhYkCsaNsgr4/oVwcdWrHIoIqwgWw0Hyhyg57lrNtOrkz/kmV57
YuBhgQhVA05hwmINdxb2y16QFJFPzp1m9htnutLhFU0MOatemz5SmHqCt8OtWIRA
dRQrZIoEb3pdFv99SXWxPXUuJ3hByibMAI8nNgQL0jnSN6Xi4aStfQYmro8yObak
pAlOuX6pqc1tXd/QZXlnAQ6f/RoW
-----END CERTIFICATE-----
Generated at Thu Feb 1 16:11:00 2024 by rpki-client on console-fra.rpki-client.org