Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVjH3Y5sFfjJ7btgF3Kp04sY7xA.roa
File: iVjH3Y5sFfjJ7btgF3Kp04sY7xA.roa (raw, json)
Hash identifier: q/B5JZjr6PGci/Qecb2BCrbbakJ7fLznx1gVT6Xqy6g=
Subject key identifier: 89:58:C7:DD:8E:6C:15:F8:C9:ED:BB:60:17:72:A9:D3:8B:18:EF:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193023F46851D34FE4759E8E2A0A3322F5B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVjH3Y5sFfjJ7btgF3Kp04sY7xA.roa
Signing time: Wed 06 Nov 2024 16:12:01 +0000
ROA not before: Wed 06 Nov 2024 16:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 19:41:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:3f:46:85:1d:34:fe:47:59:e8:e2:a0:a3:32:2f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 16:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8958c7dd8e6c15f8c9edbb601772a9d38b18ef10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d6:06:17:55:5f:67:7e:f1:5a:c4:39:97:c3:
93:0e:de:6b:2a:09:6b:de:74:f0:fb:98:12:a6:0a:
bd:06:77:46:74:48:c7:a9:a2:da:c9:e2:b2:3c:8e:
e4:7c:67:27:c3:89:c3:a2:30:43:1b:b6:62:99:14:
6d:87:31:2b:58:67:9d:46:0a:9f:d7:d5:10:3e:19:
ce:97:b7:87:cc:cb:a7:ca:4e:de:c4:bb:df:82:5a:
3c:11:8c:97:7c:a8:2f:88:6e:c8:1f:d5:46:69:97:
af:87:26:e6:a4:fe:15:05:ff:91:33:e5:4c:79:8f:
d2:2a:3f:e2:33:9c:84:b7:75:a6:60:76:90:93:b3:
b8:45:8f:05:e5:ab:2d:6e:3e:4a:90:53:35:e4:87:
91:f2:8d:b0:ab:8d:db:8f:86:52:30:80:06:11:ab:
ca:25:8b:1e:86:fd:5c:45:ad:c8:d6:e8:e7:41:d6:
40:59:da:7f:ce:fb:8f:e4:95:5b:88:52:69:93:10:
0b:74:8f:25:8e:a2:18:5c:9e:36:cb:e2:98:33:c5:
ec:36:93:54:77:db:59:13:70:72:05:b8:75:19:86:
71:20:22:fb:fe:5d:a9:84:76:ce:44:54:bb:28:93:
11:66:52:2c:6d:cd:ed:bb:c8:27:48:50:0d:b7:e2:
a4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:58:C7:DD:8E:6C:15:F8:C9:ED:BB:60:17:72:A9:D3:8B:18:EF:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVjH3Y5sFfjJ7btgF3Kp04sY7xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
193.124.49.0/24
194.58.34.0/24
194.58.39.0-194.58.40.255
194.58.44.0/23
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.18.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.82.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
29:83:ec:8c:f0:e3:e7:f4:9f:98:07:bc:c8:c2:d2:66:b0:1e:
1e:56:2c:9b:23:8e:d6:a5:93:58:f4:f4:84:b3:34:d4:97:46:
81:f5:2c:40:08:8a:9c:df:8c:90:64:9d:d2:20:bc:ed:9b:3b:
6d:11:40:1c:30:0b:3b:2a:21:c3:31:ff:3d:5c:15:62:0c:23:
e7:7b:91:7f:79:59:4d:7f:77:28:f6:b2:2c:4e:22:2c:82:7a:
0e:01:4e:ed:19:41:48:44:90:db:cc:e1:ec:7b:8d:8c:b2:b0:
94:ef:c9:fe:89:12:86:1e:9a:3f:7c:b8:a1:3c:e6:9e:a6:5f:
15:b3:b0:90:c1:57:de:cf:f4:d8:6d:b5:8d:12:6f:8b:b6:34:
a5:a9:29:e4:97:1e:57:5d:20:fa:0b:c3:f2:30:36:da:65:6c:
f9:5f:08:02:69:e7:9b:e2:cd:38:68:e3:4c:e9:63:50:6b:6f:
39:c3:25:09:60:c6:31:cb:e4:40:25:52:2c:6c:11:64:7d:9d:
0c:32:8b:94:73:40:9e:d9:a4:de:11:a1:b1:92:fa:26:bc:06:
95:0b:e1:9f:7f:70:3e:83:ff:34:01:f1:6e:72:57:27:8a:2b:
f0:d5:b1:67:c0:17:70:06:ef:df:2e:19:9d:2a:8e:45:dc:81:
45:82:19:96
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZMCP0aFHTT+R1no4qCjMi9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA2MTYxMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU4YzdkZDhlNmMxNWY4YzllZGJiNjAxNzcyYTlkMzhiMThlZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dYGF1VfZ37xWsQ5l8OTDt5rKglr
3nTw+5gSpgq9BndGdEjHqaLayeKyPI7kfGcnw4nDojBDG7ZimRRthzErWGedRgqf
19UQPhnOl7eHzMunyk7exLvfglo8EYyXfKgviG7IH9VGaZevhybmpP4VBf+RM+VM
eY/SKj/iM5yEt3WmYHaQk7O4RY8F5astbj5KkFM15IeR8o2wq43bj4ZSMIAGEavK
JYsehv1cRa3I1ujnQdZAWdp/zvuP5JVbiFJpkxALdI8ljqIYXJ42y+KYM8XsNpNU
d9tZE3ByBbh1GYZxICL7/l2phHbORFS7KJMRZlIsbc3tu8gnSFANt+KkYwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFIlYx92ObBX4ye27YBdyqdOLGO8QMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVZqSDNZNXNGZmpKN2J0Z0YzS3AwNHNZN3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADB
fDEDBADCOiIwDAMEAMI6JwMEAMI6KAMEAcI6LAMEAMI6QgMEAMI6RAMEAMJXCgME
AMJXEgMEAMJXHgMEAMJXJwMEAMJXLwMEAMJXOgMEAMJXUgMEAMJXxgMEAMJX4wME
AMJX5gMEAMOFQwMEAMOFXAMEAdTADAMEANTADwMEANTA1wMEANTA3QMEANTA3zAM
AwQA1MEBAwQA1MECAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQApg+yM8OPn9J+Y
B7zIwtJmsB4eViybI47WpZNY9PSEszTUl0aB9SxACIqc34yQZJ3SILztmzttEUAc
MAs7KiHDMf89XBViDCPne5F/eVlNf3co9rIsTiIsgnoOAU7tGUFIRJDbzOHse42M
srCU78n+iRKGHpo/fLihPOaepl8Vs7CQwVfez/TYbbWNEm+LtjSlqSnklx5XXSD6
C8PyMDbaZWz5XwgCaeeb4s04aONM6WNQa285wyUJYMYxy+RAJVIsbBFkfZ0MMouU
c0Ce2aTeEaGxkvomvAaVC+Gff3A+g/80AfFuclcniivw1bFnwBdwBu/fLhmdKo5F
3IFFghmW
-----END CERTIFICATE-----
Generated at Wed Nov 6 23:03:49 2024 by rpki-client on console-ams.rpki-client.org