Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i88ky4Fi17Y12YOhnj1E9HAMx2Q.roa
File: i88ky4Fi17Y12YOhnj1E9HAMx2Q.roa (raw, json)
Hash identifier: 5BvqNeRtZ8oORBg0AJvVUsS53JaTJ5RWkliajeqrbpM=
Subject key identifier: 8B:CF:24:CB:81:62:D7:B6:35:D9:83:A1:9E:3D:44:F4:70:0C:C7:64
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D265D1915FC98A7D2D30ADF6A89C1D4A5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i88ky4Fi17Y12YOhnj1E9HAMx2Q.roa
Signing time: Sat 20 Jan 2024 10:14:11 +0000
ROA not before: Sat 20 Jan 2024 10:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 14:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:26:5d:19:15:fc:98:a7:d2:d3:0a:df:6a:89:c1:d4:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 20 10:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bcf24cb8162d7b635d983a19e3d44f4700cc764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:49:d3:14:3b:82:a3:0a:82:85:2d:7b:b5:
37:de:fd:59:06:1f:10:c5:f4:74:2a:cc:8c:46:dc:
34:bf:a7:50:7a:95:e6:c0:30:81:ce:1b:bd:0c:33:
56:34:cd:d0:43:d1:39:db:1d:b4:8e:7b:b5:53:bc:
41:92:8a:a5:ba:6e:61:fc:25:46:1f:83:1c:11:43:
1c:f5:c2:fa:6c:32:5a:66:ab:c0:e2:cb:d8:bc:8e:
a5:84:d0:1c:06:84:2b:35:ed:af:f5:2d:e2:39:57:
18:95:a4:cd:33:e1:87:51:74:30:6a:f4:a4:6f:dd:
0c:06:36:2e:e3:6d:ad:03:de:57:90:03:bc:3a:eb:
2f:1c:92:a7:70:70:35:cb:9a:20:66:1c:5f:3e:c6:
d3:cd:a6:9b:97:fe:21:6e:4d:07:d8:6d:4b:c1:13:
b2:9a:56:9f:cc:aa:08:f7:b5:04:00:96:85:c0:cd:
89:6e:46:83:ac:f6:2a:2d:b6:f4:1f:20:77:3b:b8:
c0:4a:39:62:2e:4d:de:4d:9f:67:41:21:1e:94:c0:
be:35:73:ad:7e:98:47:9c:a6:bd:13:6c:52:41:8a:
01:88:61:e1:24:d9:da:35:4e:0e:64:56:1b:49:4f:
a5:10:f0:f6:8d:58:87:8a:f6:b1:0a:e9:75:61:a5:
c2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:CF:24:CB:81:62:D7:B6:35:D9:83:A1:9E:3D:44:F4:70:0C:C7:64
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i88ky4Fi17Y12YOhnj1E9HAMx2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f0:ad:1b:f9:95:06:cd:fb:94:8e:81:a3:bd:47:3b:b9:ae:
3c:86:55:7b:33:74:15:f4:ba:8a:44:1f:88:3b:f0:13:ef:a7:
fb:50:50:7b:91:05:a9:a9:76:93:f5:82:7f:b1:db:83:5d:4b:
52:ff:ee:e1:96:8e:a1:17:5b:f4:c7:bc:9b:de:1f:c3:94:7a:
0a:2a:37:13:4b:18:6e:35:17:b5:c5:d5:b5:d7:dc:60:1e:84:
05:55:a0:1a:d9:d5:04:e0:a4:ce:2a:37:fc:f8:54:9a:bc:4f:
3e:8b:10:86:e4:43:d3:52:ae:60:17:14:d3:22:95:05:5d:40:
3d:d6:e4:6f:cc:f3:3b:eb:e1:8e:79:34:36:4b:7b:55:57:42:
d7:d4:86:2e:d5:68:81:29:e3:05:5e:b5:e3:4a:e1:1f:43:0b:
92:30:64:7f:af:77:dc:3b:40:03:26:65:1c:a1:9b:12:df:f4:
a5:17:36:cf:c4:a7:21:5f:0e:db:96:c1:1d:ec:5c:a5:58:23:
e2:1f:3f:4d:d2:e5:3e:68:8d:98:bc:c4:dd:16:fe:2b:3e:d7:
2c:c0:c0:38:98:d9:3d:d6:20:fe:21:12:15:70:4e:01:48:3a:
1d:cb:f1:1f:9e:73:fa:60:18:58:04:8d:c6:95:59:12:17:3a:
1e:6c:a5:19
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAY0mXRkV/Jin0tMK32qJwdSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIwMTAxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmNmMjRjYjgxNjJkN2I2MzVkOTgzYTE5ZTNkNDRmNDcwMGNjNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM5J0xQ7gqMKgoUte7U33v1ZBh8Q
xfR0KsyMRtw0v6dQepXmwDCBzhu9DDNWNM3QQ9E52x20jnu1U7xBkoqlum5h/CVG
H4McEUMc9cL6bDJaZqvA4svYvI6lhNAcBoQrNe2v9S3iOVcYlaTNM+GHUXQwavSk
b90MBjYu422tA95XkAO8OusvHJKncHA1y5ogZhxfPsbTzaabl/4hbk0H2G1LwROy
mlafzKoI97UEAJaFwM2JbkaDrPYqLbb0HyB3O7jASjliLk3eTZ9nQSEelMC+NXOt
fphHnKa9E2xSQYoBiGHhJNnaNU4OZFYbSU+lEPD2jViHivaxCul1YaXC9QIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFIvPJMuBYte2NdmDoZ49RPRwDMdkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaTg4a3k0RmkxN1kxMllPaG5qMUU5SEFNeDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQA
PkzjAwQAuUgKAwQAwHy3AwQAwXwvAwQAwXxfAwQAwXzKMAwDBADCOikDBADCOioD
BADCOkIDBADCOpoDBADCVxoDBADCV0wDBADCV1EDBADCV4ADBADCV5UDBADCV5cD
BADCV6oDBADCV6wDBADCV7sDBADCV74DBADCV8kDBADCV9cDBADCV+ADBADCV+UD
BADCV+cDBADChyEDBADDOjYDBADDOjwDBADDOj8DBADDhQIDBADDhRkDBADDhRsD
BADDhUgDBADDhVQDBADDhcADBADUwAEDBADUwNYDBADUwN4DBADUwQ0DBADUwRkw
DQYJKoZIhvcNAQELBQADggEBADfwrRv5lQbN+5SOgaO9Rzu5rjyGVXszdBX0uopE
H4g78BPvp/tQUHuRBampdpP1gn+x24NdS1L/7uGWjqEXW/THvJveH8OUegoqNxNL
GG41F7XF1bXX3GAehAVVoBrZ1QTgpM4qN/z4VJq8Tz6LEIbkQ9NSrmAXFNMilQVd
QD3W5G/M8zvr4Y55NDZLe1VXQtfUhi7VaIEp4wVeteNK4R9DC5IwZH+vd9w7QAMm
ZRyhmxLf9KUXNs/EpyFfDtuWwR3sXKVYI+IfP03S5T5ojZi8xN0W/is+1yzAwDiY
2T3WIP4hEhVwTgFIOh3L8R+ec/pgGFgEjcaVWRIXOh5spRk=
-----END CERTIFICATE-----
Generated at Mon Jan 22 17:49:58 2024 by rpki-client on console-fra.rpki-client.org