Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iOFdA8Z1WtKn0DJXWoydsfvcHgk.roa
File: iOFdA8Z1WtKn0DJXWoydsfvcHgk.roa (raw, json)
Hash identifier: tG9bO04DAVG20EQyxcWptz3m74ORSGXfFQPVPb03AKM=
Subject key identifier: 88:E1:5D:03:C6:75:5A:D2:A7:D0:32:57:5A:8C:9D:B1:FB:DC:1E:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189D03197C5D784974629252839EBCE7EA3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iOFdA8Z1WtKn0DJXWoydsfvcHgk.roa
Signing time: Mon 07 Aug 2023 13:30:58 +0000
ROA not before: Mon 07 Aug 2023 13:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:31:97:c5:d7:84:97:46:29:25:28:39:eb:ce:7e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 7 13:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88e15d03c6755ad2a7d032575a8c9db1fbdc1e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:37:55:55:34:d6:b8:ea:b8:8d:0c:c9:fd:8a:
32:3b:07:db:bb:d8:3a:dd:b8:8a:b3:70:33:a2:e5:
0f:db:53:3a:42:74:f1:75:c3:24:bb:81:33:85:dd:
d8:2d:0f:10:44:1d:6f:6c:02:42:29:e5:51:4f:2b:
e5:13:d8:fa:11:fa:51:28:9d:78:cd:0e:fe:2a:c9:
5f:f4:6c:e6:18:cd:95:b9:c8:67:03:13:b2:9e:4b:
b6:0a:39:e5:be:06:64:c5:16:50:ef:7a:4b:45:01:
87:d5:4a:9a:df:de:c3:7f:d5:9c:a0:55:7c:af:f5:
ce:d8:2e:dc:4a:e0:de:27:ea:d6:99:12:b1:e1:a1:
7b:f4:cf:3e:6b:ae:da:9a:78:79:f1:03:4c:f8:6c:
a7:3b:01:bf:72:52:6a:59:7e:b3:ff:90:24:64:bf:
1f:24:4f:46:f3:6c:17:29:84:2e:d8:ec:0e:78:82:
55:6f:65:0c:fa:f2:8c:35:62:c0:ad:af:d7:eb:a8:
33:29:3f:51:33:dc:82:bd:72:e8:26:1c:a8:a3:e3:
83:39:c6:f0:af:50:c7:96:3c:29:71:23:be:b6:4e:
44:18:d3:d4:3d:62:62:91:01:91:d1:45:8d:fa:40:
29:b8:17:7e:37:d0:ae:a0:59:9d:da:e8:9c:ca:ba:
49:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E1:5D:03:C6:75:5A:D2:A7:D0:32:57:5A:8C:9D:B1:FB:DC:1E:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iOFdA8Z1WtKn0DJXWoydsfvcHgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
194.87.3.0/24
194.87.16.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/24
194.87.86.0/24
194.87.91.0/24
194.87.104.0/24
194.87.117.0-194.87.120.255
194.87.176.0/23
194.87.188.0/24
195.58.56.0/24
195.58.61.0-195.58.62.255
212.192.0.0/24
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
25:24:7e:61:50:ec:1a:1d:d2:18:6c:96:f8:f0:6a:ed:0e:37:
95:87:b8:75:69:95:af:34:a0:da:46:88:a6:0e:c0:a3:1f:95:
aa:5e:37:ab:70:43:ee:4d:06:b2:71:30:a5:b4:16:ff:d3:c8:
d9:8a:a8:79:d5:14:ce:dc:eb:68:a4:40:04:61:ba:6b:d1:c8:
07:48:9a:eb:f7:e7:81:0e:a9:a0:e0:29:ae:ad:91:12:40:2c:
78:e3:a5:e0:cf:db:f3:72:a5:9f:21:24:fa:f9:50:ec:2e:f6:
94:ba:b8:f5:9e:13:15:d5:01:12:7d:e7:59:0d:92:d7:1e:b3:
8a:fa:65:5c:96:be:f6:c6:ea:f9:f9:45:0e:6e:99:84:7d:30:
da:48:e1:5e:77:19:2d:84:d3:6d:1e:73:b1:5f:59:ac:8f:e4:
99:3f:17:cd:41:95:5b:a4:35:32:6a:1f:12:40:34:f6:99:e7:
64:cc:5b:fa:bc:d3:84:42:6e:40:dc:4a:fd:4a:86:f2:e9:f8:
80:9d:c8:4e:7e:2a:0a:7d:54:f8:4a:52:91:a3:ee:61:c4:8f:
c8:b1:f2:a4:bf:16:fa:b2:7d:a6:ec:76:50:26:67:11:cf:78:
68:b7:d7:25:93:0e:7c:a5:a2:df:f3:f0:f6:90:dc:c3:19:ce:
6b:8f:ad:a5
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYnQMZfF14SXRiklKDnrzn6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA3MTMzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGUxNWQwM2M2NzU1YWQyYTdkMDMyNTc1YThjOWRiMWZiZGMxZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDdVVTTWuOq4jQzJ/YoyOwfbu9g6
3biKs3AzouUP21M6QnTxdcMku4Ezhd3YLQ8QRB1vbAJCKeVRTyvlE9j6EfpRKJ14
zQ7+Kslf9GzmGM2VuchnAxOynku2CjnlvgZkxRZQ73pLRQGH1Uqa397Df9WcoFV8
r/XO2C7cSuDeJ+rWmRKx4aF79M8+a67amnh58QNM+GynOwG/clJqWX6z/5AkZL8f
JE9G82wXKYQu2OwOeIJVb2UM+vKMNWLAra/X66gzKT9RM9yCvXLoJhyoo+ODOcbw
r1DHljwpcSO+tk5EGNPUPWJikQGR0UWN+kApuBd+N9CuoFmd2uicyrpJ8wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFIjhXQPGdVrSp9AyV1qMnbH73B4JMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaU9GZEE4WjFXdEtuMERKWFdveWRzZnZjSGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAD5M4gME
AMJXAwMEAMJXEAMEAMJXIgMEAMJXJAMEAMJXKgMEAMJXVgMEAMJXWwMEAMJXaDAM
AwQAwld1AwQAwld4AwQBwlewAwQAwle8AwQAwzo4MAwDBADDOj0DBADDOj4DBADU
wAADBADUwAgwDQYJKoZIhvcNAQELBQADggEBACUkfmFQ7Bod0hhslvjwau0ON5WH
uHVpla80oNpGiKYOwKMflapeN6twQ+5NBrJxMKW0Fv/TyNmKqHnVFM7c62ikQARh
umvRyAdImuv354EOqaDgKa6tkRJALHjjpeDP2/NypZ8hJPr5UOwu9pS6uPWeExXV
ARJ951kNktces4r6ZVyWvvbG6vn5RQ5umYR9MNpI4V53GS2E020ec7FfWayP5Jk/
F81BlVukNTJqHxJANPaZ52TMW/q804RCbkDcSv1KhvLp+ICdyE5+Kgp9VPhKUpGj
7mHEj8ix8qS/FvqyfabsdlAmZxHPeGi31yWTDnylot/z8PaQ3MMZzmuPraU=
-----END CERTIFICATE-----
Generated at Wed Aug 9 09:32:01 2023 by rpki-client on console-ams.rpki-client.org