Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVy8-iOJE-M7jDUiqEdTp2rhVAI.roa
File: iVy8-iOJE-M7jDUiqEdTp2rhVAI.roa (raw, json)
Hash identifier: yd5EDjlzvVlioxM2QdqbUJEA2Kz2Xh+tXYP7Y27alAY=
Subject key identifier: 89:5C:BC:FA:23:89:13:E3:3B:8C:35:22:A8:47:53:A7:6A:E1:54:02
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019112A935ED02EA1DD81AD1DE1064A3B5C9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVy8-iOJE-M7jDUiqEdTp2rhVAI.roa
Signing time: Fri 02 Aug 2024 10:36:04 +0000
ROA not before: Fri 02 Aug 2024 10:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 09:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:a9:35:ed:02:ea:1d:d8:1a:d1:de:10:64:a3:b5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 2 10:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895cbcfa238913e33b8c3522a84753a76ae15402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:68:db:c7:9c:52:90:c3:75:c4:41:d6:7e:aa:
5b:b8:15:6b:38:9a:43:77:1c:55:b6:25:46:e4:07:
c8:b3:a3:59:e1:4f:19:fe:61:0f:e0:74:84:e1:50:
9f:4a:ce:d5:90:3a:54:13:bb:b2:20:f1:b6:aa:cd:
35:07:40:56:62:fe:17:da:ae:5f:54:80:7d:e1:50:
c9:ea:87:fb:a7:ec:5e:87:78:dc:b4:b9:4a:c8:5e:
ed:22:66:b4:10:a2:fd:be:e9:b5:f3:5d:8e:09:ac:
31:d4:de:c9:c1:54:3c:7b:5a:ec:a8:3a:8f:e7:f1:
c1:95:86:f8:43:38:15:bd:5a:aa:f5:a4:cb:4a:33:
db:a6:17:5d:e9:7b:d7:fa:a6:ed:a5:30:39:22:23:
57:28:74:2c:86:f2:52:97:08:89:60:26:05:de:d0:
9a:99:18:6f:cc:b8:0a:b9:f0:b3:77:f7:db:b0:ac:
4e:29:52:d0:a6:ca:87:2d:e2:e5:ba:46:66:be:04:
c5:54:18:68:2c:9e:74:bc:ee:58:3a:18:0e:ce:ad:
49:0f:1a:7b:f3:4f:5a:58:9c:22:5f:c5:45:a7:a2:
d3:00:f2:b0:59:f2:67:d3:2d:36:66:84:31:c9:16:
6a:b9:e6:d3:3f:72:02:91:87:7d:3e:1c:c2:ee:98:
7e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5C:BC:FA:23:89:13:E3:3B:8C:35:22:A8:47:53:A7:6A:E1:54:02
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVy8-iOJE-M7jDUiqEdTp2rhVAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
185.72.8.0/24
192.124.176.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.40.0/24
194.58.45.0/24
194.58.68.0/24
194.87.10.0/24
194.87.39.0/24
194.87.47.0/24
194.87.189.0/24
194.87.198.0/24
194.87.227.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.221.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
76:37:39:be:4d:f5:a8:ff:94:74:36:90:22:5b:d6:69:1b:ba:
28:46:68:fd:cc:cb:57:d0:48:93:09:7d:db:ce:dc:27:aa:84:
5d:82:0b:8e:bf:71:6c:e0:6a:af:88:cb:3f:84:b4:22:7e:be:
17:15:40:60:25:07:4e:97:e9:47:fd:98:29:67:42:b8:79:9c:
d2:48:70:0b:7d:a5:0a:08:97:13:ff:0c:47:5f:e6:5b:b9:78:
c9:ca:4e:e3:f5:ce:81:ed:27:5c:1b:6b:fc:29:33:b8:8a:e3:
93:0b:97:ea:35:49:24:78:ad:4d:08:dd:d6:c2:ed:b8:66:3a:
85:29:55:b9:d9:13:23:22:16:4c:a3:6f:58:aa:96:51:99:a4:
83:03:7a:0d:79:72:6d:63:ab:d8:02:40:d5:1e:94:3e:35:82:
ac:bb:ca:7a:e0:14:68:75:45:c5:c6:32:bd:b8:ba:54:8f:1e:
5b:2d:d3:0a:d3:66:b8:d0:28:9a:28:79:ad:fa:8c:94:d3:a5:
29:f7:09:e0:c5:c9:5b:91:e9:14:67:3e:05:d0:05:f3:ec:8e:
22:06:05:94:5e:16:cc:d2:4f:28:4c:72:5c:53:23:ef:eb:44:
04:f1:a3:2b:24:fd:dc:d4:60:c9:31:d2:f5:bc:5a:e1:87:31:
2b:87:d9:b6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZESqTXtAuod2BrR3hBko7XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODAyMTAzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVjYmNmYTIzODkxM2UzM2I4YzM1MjJhODQ3NTNhNzZhZTE1NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomjbx5xSkMN1xEHWfqpbuBVrOJpD
dxxVtiVG5AfIs6NZ4U8Z/mEP4HSE4VCfSs7VkDpUE7uyIPG2qs01B0BWYv4X2q5f
VIB94VDJ6of7p+xeh3jctLlKyF7tIma0EKL9vum1812OCawx1N7JwVQ8e1rsqDqP
5/HBlYb4QzgVvVqq9aTLSjPbphdd6XvX+qbtpTA5IiNXKHQshvJSlwiJYCYF3tCa
mRhvzLgKufCzd/fbsKxOKVLQpsqHLeLlukZmvgTFVBhoLJ50vO5YOhgOzq1JDxp7
809aWJwiX8VFp6LTAPKwWfJn0y02ZoQxyRZquebTP3ICkYd9PhzC7ph+AQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFIlcvPojiRPjO4w1IqhHU6dq4VQCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVZ5OC1pT0pFLU03akRVaXFFZFRwMnJoVkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAD5M
6gMEALlICAMEAMB8sAMEAMF8FgMEAMF8KQMEAMF8LgMEAMI6IgMEAMI6KAMEAMI6
LQMEAMI6RAMEAMJXCgMEAMJXJwMEAMJXLwMEAMJXvQMEAMJXxgMEAMJX4wMEAMOF
XAMEAdTADAMEANTADwMEANTA3QMEANTBAjANBgkqhkiG9w0BAQsFAAOCAQEAdjc5
vk31qP+UdDaQIlvWaRu6KEZo/czLV9BIkwl9287cJ6qEXYILjr9xbOBqr4jLP4S0
In6+FxVAYCUHTpfpR/2YKWdCuHmc0khwC32lCgiXE/8MR1/mW7l4ycpO4/XOge0n
XBtr/CkzuIrjkwuX6jVJJHitTQjd1sLtuGY6hSlVudkTIyIWTKNvWKqWUZmkgwN6
DXlybWOr2AJA1R6UPjWCrLvKeuAUaHVFxcYyvbi6VI8eWy3TCtNmuNAomih5rfqM
lNOlKfcJ4MXJW5HpFGc+BdAF8+yOIgYFlF4WzNJPKExyXFMj7+tEBPGjKyT93NRg
yTHS9bxa4YcxK4fZtg==
-----END CERTIFICATE-----
Generated at Wed Aug 7 13:00:28 2024 by rpki-client on console-ams.rpki-client.org