Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iY9kdsZ96-8eCkrg02I3l0MPIBc.roa
File: iY9kdsZ96-8eCkrg02I3l0MPIBc.roa (raw, json)
Hash identifier: OqN6DROG2uaCXePGDxjXZmju1+0f9LI89/wLFMNwlTc=
Subject key identifier: 89:8F:64:76:C6:7D:EB:EF:1E:0A:4A:E0:D3:62:37:97:43:0F:20:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A4A311380E9A0D3CE455A4F961F1994FE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iY9kdsZ96-8eCkrg02I3l0MPIBc.roa
Signing time: Thu 31 Aug 2023 06:04:04 +0000
ROA not before: Thu 31 Aug 2023 06:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
212.193.31.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:31:13:80:e9:a0:d3:ce:45:5a:4f:96:1f:19:94:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 31 06:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=898f6476c67debef1e0a4ae0d3623797430f2017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:02:94:70:97:53:fa:99:fc:79:ec:27:a1:
55:60:23:9a:cf:db:0d:d9:d8:62:80:13:b1:bd:93:
df:67:38:3f:77:77:a7:e7:a0:40:df:0d:92:11:03:
ad:be:8c:12:e4:e0:ee:a0:ac:6c:1e:08:57:4e:0c:
aa:17:c3:c6:99:4f:e6:a1:ef:fc:e9:26:61:5a:01:
3a:d7:13:3b:19:8b:ed:ab:90:6e:81:c4:b3:da:06:
82:51:86:87:c1:9c:de:68:43:9c:ca:78:9d:69:d2:
a8:cc:44:3e:c7:89:a2:6b:c3:37:9c:34:b0:84:b6:
38:67:4e:dd:94:d2:b9:6a:00:5a:b3:d0:c5:1d:b8:
ad:14:d3:84:17:d5:bd:50:c0:d6:be:31:70:aa:ef:
66:47:a4:f9:6f:75:7b:fa:4b:77:22:fb:61:f0:13:
89:e6:a6:56:b6:db:38:76:57:90:29:f8:46:69:0b:
c7:3e:33:a0:41:9a:7e:66:07:dd:89:dc:db:0e:44:
71:a1:ac:9b:6b:01:c0:96:b8:85:23:d4:c0:8a:ce:
c3:bf:8a:ac:91:80:53:d5:61:b8:ef:3b:dc:80:b3:
67:fc:40:ed:0f:77:6b:7f:a6:66:f0:04:de:35:ea:
09:d2:2a:11:8f:db:82:b9:1b:e7:49:03:ee:d2:24:
d7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8F:64:76:C6:7D:EB:EF:1E:0A:4A:E0:D3:62:37:97:43:0F:20:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iY9kdsZ96-8eCkrg02I3l0MPIBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.38.0/24
194.58.47.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0/24
194.87.3.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.24.0/22
194.87.34.0/24
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.63.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.118.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.176.0/24
194.87.179.0-194.87.180.255
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/23
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.26.0/24
195.133.30.0/24
195.133.73.0/24
195.133.84.0/23
212.192.241.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
69:14:b9:9f:e8:e7:ae:f0:7e:15:a2:a6:06:e9:cb:7d:6e:0a:
a7:24:00:9f:90:08:1a:af:53:a2:71:47:99:8f:16:a0:03:fb:
f7:6e:fa:8f:10:60:be:45:dd:bd:ed:74:26:97:76:67:31:59:
8d:73:53:c3:f9:80:6c:82:18:a0:22:ce:76:ac:c9:a8:e3:2f:
db:95:1a:0c:3d:a8:41:b9:f8:e0:91:41:f5:72:7b:9a:97:19:
df:51:36:c2:89:06:a7:16:41:7e:e5:cf:db:0f:fb:c6:e9:ec:
f4:d1:ac:64:7d:31:0c:17:10:3a:99:22:68:5f:e1:e2:19:2b:
91:28:12:36:a5:6c:bb:c5:62:ee:e5:8d:db:f4:23:95:11:6d:
47:71:30:f7:bf:e0:d6:56:ee:50:f3:91:d6:d3:98:7a:24:4b:
2e:f6:64:c9:39:73:2c:61:1a:10:42:f0:1c:3d:85:74:46:7f:
b0:3b:54:fc:5e:f8:a5:30:70:80:38:4c:fe:85:44:72:cf:c6:
ee:02:64:de:d1:4f:2a:42:35:06:13:33:c3:10:3e:be:f1:ad:
ec:be:59:8b:48:28:d7:f5:f0:c3:9b:78:3a:a0:14:26:53:26:
b5:7e:98:18:aa:d0:e7:0c:cc:26:a7:00:03:89:5d:0a:71:eb:
cc:f6:c9:a4
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYpKMROA6aDTzkVaT5YfGZT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODMxMDYwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThmNjQ3NmM2N2RlYmVmMWUwYTRhZTBkMzYyMzc5NzQzMGYyMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOkClHCXU/qZ/HnsJ6FVYCOaz9sN
2dhigBOxvZPfZzg/d3en56BA3w2SEQOtvowS5ODuoKxsHghXTgyqF8PGmU/moe/8
6SZhWgE61xM7GYvtq5BugcSz2gaCUYaHwZzeaEOcynidadKozEQ+x4mia8M3nDSw
hLY4Z07dlNK5agBas9DFHbitFNOEF9W9UMDWvjFwqu9mR6T5b3V7+kt3Ivth8BOJ
5qZWtts4dleQKfhGaQvHPjOgQZp+ZgfdidzbDkRxoaybawHAlriFI9TAis7Dv4qs
kYBT1WG47zvcgLNn/EDtD3drf6Zm8ATeNeoJ0ioRj9uCuRvnSQPu0iTXbQIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFImPZHbGfevvHgpK4NNiN5dDDyAXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVk5a2RzWjk2LThlQ2tyZzAySTNsME1QSUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAD5M4gMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
JgMEAMI6LwMEAMI6QwMEAMI6mgMEAMJXAQMEAMJXAzAMAwQAwlcLAwQAwlcMAwQA
wlcQAwQCwlcYAwQAwlciAwQAwlckAwQAwlcoAwQAwlc4AwQAwlc/AwQAwldJAwQA
wldTAwQAwldsAwQBwldyAwQBwld2AwQAwld6AwQAwld8AwQBwleCMAwDBADCV4UD
BAPCV4ADBADCV5cDBADCV6gDBADCV7AwDAMEAMJXswMEAMJXtAMEAMJXvgMEAMJX
yAMEAMJX3gMEAMM6JAMEAcM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOF
GgMEAMOFHgMEAMOFSQMEAcOFVAMEANTA8QMEANTBHzANBgkqhkiG9w0BAQsFAAOC
AQEAaRS5n+jnrvB+FaKmBunLfW4KpyQAn5AIGq9TonFHmY8WoAP79276jxBgvkXd
ve10Jpd2ZzFZjXNTw/mAbIIYoCLOdqzJqOMv25UaDD2oQbn44JFB9XJ7mpcZ31E2
wokGpxZBfuXP2w/7xuns9NGsZH0xDBcQOpkiaF/h4hkrkSgSNqVsu8Vi7uWN2/Qj
lRFtR3Ew97/g1lbuUPOR1tOYeiRLLvZkyTlzLGEaEELwHD2FdEZ/sDtU/F74pTBw
gDhM/oVEcs/G7gJk3tFPKkI1BhMzwxA+vvGt7L5Zi0go1/Xww5t4OqAUJlMmtX6Y
GKrQ5wzMJqcAA4ldCnHrzPbJpA==
-----END CERTIFICATE-----
Generated at Sun Sep 3 10:49:16 2023 by rpki-client on console-ams.rpki-client.org