Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jqEWB0taXZFk6WQXIY7Wcog7D28.roa
File: jqEWB0taXZFk6WQXIY7Wcog7D28.roa (raw, json)
Hash identifier: OzT8xgmmwzUejS48AlKiOowXKEL+CaZWMKa++I8l4qM=
Subject key identifier: 8E:A1:16:07:4B:5A:5D:91:64:E9:64:17:21:8E:D6:72:88:3B:0F:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D1611610192110C8A28AD7DADA22F1AF9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jqEWB0taXZFk6WQXIY7Wcog7D28.roa
Signing time: Wed 17 Jan 2024 06:17:34 +0000
ROA not before: Wed 17 Jan 2024 06:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 11:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:11:61:01:92:11:0c:8a:28:ad:7d:ad:a2:2f:1a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 17 06:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ea116074b5a5d9164e96417218ed672883b0f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e9:7e:b9:bd:35:a4:62:3d:51:a2:40:28:ae:
05:c4:53:df:73:29:62:24:c3:8a:07:7c:08:e2:6b:
82:77:7d:45:09:9b:90:fa:fa:d2:5c:80:9f:3a:d5:
91:15:e7:01:f8:5b:0d:fc:0c:2b:53:65:43:f3:0a:
ce:48:01:73:12:a0:45:5c:ef:cf:f9:6e:2a:61:61:
7e:26:b4:88:f8:b7:17:aa:c7:db:6a:ae:47:ab:36:
a4:22:7d:a7:74:0c:af:44:b4:2d:c4:f3:85:53:64:
d2:2f:53:5d:ec:df:db:e4:1d:af:c1:3b:81:27:d6:
7f:bc:71:00:0e:22:e5:d2:30:3f:d7:4f:4f:52:85:
9c:50:1f:7b:c7:1e:c0:a7:2e:1a:ae:30:5b:a9:b6:
34:f2:f8:f8:0a:62:39:e9:e1:f9:e6:cc:0c:29:87:
23:b8:e5:4b:af:21:54:0f:43:c0:c6:2c:07:68:0a:
81:74:05:ac:54:4d:42:29:69:84:e2:2c:32:95:6e:
8e:c7:71:aa:b5:ff:01:a2:37:c1:2a:6e:17:af:f9:
e6:03:82:b0:71:40:73:65:14:ea:76:80:7f:e1:6c:
56:60:5e:af:f7:cf:06:b0:e6:36:7f:e1:49:ae:65:
1d:cc:32:a3:75:c5:ad:5e:46:51:dc:83:c5:04:50:
b2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A1:16:07:4B:5A:5D:91:64:E9:64:17:21:8E:D6:72:88:3B:0F:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jqEWB0taXZFk6WQXIY7Wcog7D28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.42.0/24
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.88.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.87.245.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.74.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:18:fa:ba:94:54:ed:c5:93:37:ff:da:cc:73:6d:47:07:4e:
a4:d2:27:00:0f:03:a3:45:23:77:43:2c:c2:38:a3:3b:99:ae:
32:ef:be:94:8e:67:46:9b:cb:cd:d1:6c:d4:f3:b1:97:23:63:
36:fe:9c:7c:cb:42:15:58:85:6d:f5:d8:c4:45:80:55:b4:07:
62:7f:5d:6c:c3:89:48:a9:35:2b:3f:26:a1:e5:1e:3e:0d:05:
e8:f7:df:cb:4b:f7:d2:69:10:a9:d4:e9:98:0b:f5:27:ee:0e:
08:85:e0:6d:35:7c:85:f0:ae:4e:e5:11:41:e2:dc:2c:97:4d:
25:d1:99:2e:77:86:39:f2:30:f2:20:9e:f0:6c:c1:aa:41:e9:
a2:39:fa:38:0f:a3:87:eb:6f:21:46:d5:55:3f:88:a8:46:14:
a9:80:8d:bc:98:8d:54:f0:7a:5d:5c:46:e3:f5:8b:8d:9b:6f:
1a:36:2c:fb:9f:d1:b9:36:05:c5:ef:2f:e9:bf:27:35:05:b9:
fc:32:dd:c1:43:a6:fe:76:76:75:8a:64:60:67:9f:1c:3d:a1:
ae:12:4c:06:fc:0e:44:c4:94:82:5f:07:1f:a5:7f:ee:57:1b:
cf:b7:dc:67:09:ce:dd:2e:01:68:85:1e:6a:09:77:30:07:fa:
3b:9f:08:25
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAY0WEWEBkhEMiiitfa2iLxr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE3MDYxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWExMTYwNzRiNWE1ZDkxNjRlOTY0MTcyMThlZDY3Mjg4M2IwZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOl+ub01pGI9UaJAKK4FxFPfcyli
JMOKB3wI4muCd31FCZuQ+vrSXICfOtWRFecB+FsN/AwrU2VD8wrOSAFzEqBFXO/P
+W4qYWF+JrSI+LcXqsfbaq5HqzakIn2ndAyvRLQtxPOFU2TSL1Nd7N/b5B2vwTuB
J9Z/vHEADiLl0jA/109PUoWcUB97xx7Apy4arjBbqbY08vj4CmI56eH55swMKYcj
uOVLryFUD0PAxiwHaAqBdAWsVE1CKWmE4iwylW6Ox3Gqtf8BojfBKm4Xr/nmA4Kw
cUBzZRTqdoB/4WxWYF6v988GsOY2f+FJrmUdzDKjdcWtXkZR3IPFBFCygQIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFI6hFgdLWl2RZOlkFyGO1nKIOw9vMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvanFFV0IwdGFYWkZrNldRWElZN1djb2c3RDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQAPkzjAwQAuUgKAwQAwHy3AwQAwXwvAwQAwXxfAwQAwXzKAwQAwjoqAwQAwjpC
AwQAwjqaAwQAwlcaAwQAwldMAwQAwldRAwQAwldYAwQAwleAAwQAwleVAwQAwleX
AwQAwleqAwQAwlesAwQAwle7AwQAwle+AwQAwlfJAwQAwlfXAwQAwlfgAwQAwlfl
AwQAwlfnAwQAwlf1AwQAwochAwQAwzo2AwQAwzo8AwQAwzo/AwQAw4UCAwQAw4UZ
AwQAw4UbAwQAw4VIAwQAw4VKAwQAw4VUAwQAw4XAAwQA1MABAwQA1MDWAwQA1MDe
AwQA1MENAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQBfGPq6lFTtxZM3/9rMc21H
B06k0icADwOjRSN3QyzCOKM7ma4y776UjmdGm8vN0WzU87GXI2M2/px8y0IVWIVt
9djERYBVtAdif11sw4lIqTUrPyah5R4+DQXo99/LS/fSaRCp1OmYC/Un7g4IheBt
NXyF8K5O5RFB4twsl00l0Zkud4Y58jDyIJ7wbMGqQemiOfo4D6OH628hRtVVP4io
RhSpgI28mI1U8HpdXEbj9YuNm28aNiz7n9G5NgXF7y/pvyc1Bbn8Mt3BQ6b+dnZ1
imRgZ58cPaGuEkwG/A5ExJSCXwcfpX/uVxvPt9xnCc7dLgFohR5qCXcwB/o7nwgl
-----END CERTIFICATE-----
Generated at Wed Jan 17 15:50:41 2024 by rpki-client on console-ams.rpki-client.org