Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lDI3Uvacl_A4LHlOa5Q9uE948mQ.roa
File: lDI3Uvacl_A4LHlOa5Q9uE948mQ.roa (raw, json)
Hash identifier: b4klyMwVmN0SyLUCsIqxX70KCNToj7icmJ9trOnVD2M=
Subject key identifier: 94:32:37:52:F6:9C:97:F0:38:2C:79:4E:6B:94:3D:B8:4F:78:F2:64
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC74B37C493338404B61AE2DA8BB831D7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lDI3Uvacl_A4LHlOa5Q9uE948mQ.roa
Signing time: Mon 13 Nov 2023 06:07:57 +0000
ROA not before: Mon 13 Nov 2023 06:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26383
IP address blocks: 193.124.22.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:4b:37:c4:93:33:84:04:b6:1a:e2:da:8b:b8:31:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 06:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94323752f69c97f0382c794e6b943db84f78f264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:92:11:44:92:0d:84:dc:b8:13:da:08:2f:5f:
a6:4e:c7:47:35:85:cf:8b:0c:73:a9:fa:a6:86:05:
e5:58:cc:52:19:43:f5:7a:e6:2a:b2:d4:80:8f:ef:
f2:7a:eb:1b:0e:36:61:58:0b:b6:eb:31:8d:52:cd:
0f:d5:f3:f0:07:90:3e:6f:e1:0a:09:64:29:79:38:
3a:e7:f3:b0:fd:6f:90:fa:f2:c6:66:02:e8:2c:c1:
81:2a:a0:ac:22:69:44:46:37:3c:06:9b:d5:6b:bf:
a7:95:55:71:80:ce:e1:e3:f6:bf:17:ed:f4:37:0d:
16:49:e2:1a:66:9b:07:bd:fd:a6:80:6b:67:20:86:
be:68:66:ce:f5:42:8b:ef:3b:eb:c4:98:ab:70:06:
9b:83:e7:93:d2:b6:fe:ac:cf:db:39:f9:bb:8a:3b:
12:8a:ea:6c:aa:7c:a0:08:8c:7d:e4:de:7d:fe:5b:
8f:4b:bf:7c:2c:c8:e2:9c:9c:9b:2b:8d:7d:97:eb:
a0:a1:dc:88:cd:0b:0d:ce:d3:7c:30:29:f0:e7:6c:
36:58:6f:22:66:9a:ba:b5:0c:da:b3:4e:77:b7:b6:
e5:42:b1:b3:db:8f:75:c4:02:c2:7e:1b:6b:59:5d:
0e:17:fc:4a:0d:c9:05:a1:d7:b6:8e:3c:48:b6:ac:
b4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:32:37:52:F6:9C:97:F0:38:2C:79:4E:6B:94:3D:B8:4F:78:F2:64
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lDI3Uvacl_A4LHlOa5Q9uE948mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
185.72.8.0/24
192.124.176.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.68.0/24
194.87.39.0/24
194.87.47.0/24
194.87.189.0/24
194.87.227.0/24
212.192.12.0/23
212.192.15.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:42:9a:20:fa:fe:4b:80:88:25:f5:56:e0:19:53:b7:87:91:
d5:c9:f3:e6:4e:e6:77:fe:cb:3e:f4:6f:e4:7a:6c:4a:03:16:
c4:0c:d6:e2:e5:14:94:44:51:31:cc:92:5e:ea:53:23:23:2d:
68:53:11:bd:15:12:61:2a:ea:b4:86:c5:d3:64:6f:5f:8e:09:
da:d6:6a:f3:78:43:33:a1:ce:b7:2d:d3:13:05:e1:8f:e9:74:
93:79:c8:3d:a4:d8:96:3f:05:ca:ba:2b:f5:4b:8f:68:07:2a:
f3:c4:9f:ec:98:1a:24:bc:6b:3a:63:58:30:59:f1:22:70:c3:
75:70:93:98:c8:73:15:5e:94:24:74:f0:f5:a8:26:7e:e7:af:
fe:8d:9d:5e:4a:b8:45:78:2e:b7:e0:db:08:ba:29:1c:47:05:
e1:74:10:9a:a1:7e:48:88:80:76:6f:d2:92:62:c3:88:b4:b2:
fc:6d:16:d5:09:7f:d2:8a:be:3b:d7:f8:c7:5d:89:2c:f2:cc:
2a:28:7b:cb:69:80:16:58:69:c3:6c:3f:e6:68:e4:71:77:87:
f1:95:84:78:e1:86:0d:a4:37:6b:b6:36:31:03:08:dc:08:68:
71:01:c3:46:75:c4:88:26:28:fd:55:0a:2f:4e:e3:33:71:ac:
93:2a:d9:a8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYvHSzfEkzOEBLYa4tqLuDHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMDYwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMyMzc1MmY2OWM5N2YwMzgyYzc5NGU2Yjk0M2RiODRmNzhmMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJIRRJINhNy4E9oIL1+mTsdHNYXP
iwxzqfqmhgXlWMxSGUP1euYqstSAj+/yeusbDjZhWAu26zGNUs0P1fPwB5A+b+EK
CWQpeTg65/Ow/W+Q+vLGZgLoLMGBKqCsImlERjc8BpvVa7+nlVVxgM7h4/a/F+30
Nw0WSeIaZpsHvf2mgGtnIIa+aGbO9UKL7zvrxJircAabg+eT0rb+rM/bOfm7ijsS
iupsqnygCIx95N59/luPS798LMjinJybK419l+ugodyIzQsNztN8MCnw52w2WG8i
Zpq6tQzas053t7blQrGz2491xALCfhtrWV0OF/xKDckFode2jjxItqy06wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFJQyN1L2nJfwOCx5TmuUPbhPePJkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbERJM1V2YWNsX0E0TEhsT2E1UTl1RTk0OG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAPkzqAwQA
uUgIAwQAwHywAwQAwXwWAwQAwXwpAwQAwXwuAwQAwjoiAwQAwjpEAwQAwlcnAwQA
wlcvAwQAwle9AwQAwlfjAwQB1MAMAwQA1MAPAwQA1MECMA0GCSqGSIb3DQEBCwUA
A4IBAQBOQpog+v5LgIgl9VbgGVO3h5HVyfPmTuZ3/ss+9G/kemxKAxbEDNbi5RSU
RFExzJJe6lMjIy1oUxG9FRJhKuq0hsXTZG9fjgna1mrzeEMzoc63LdMTBeGP6XST
ecg9pNiWPwXKuiv1S49oByrzxJ/smBokvGs6Y1gwWfEicMN1cJOYyHMVXpQkdPD1
qCZ+56/+jZ1eSrhFeC634NsIuikcRwXhdBCaoX5IiIB2b9KSYsOItLL8bRbVCX/S
ir471/jHXYks8swqKHvLaYAWWGnDbD/maORxd4fxlYR44YYNpDdrtjYxAwjcCGhx
AcNGdcSIJij9VQovTuMzcayTKtmo
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:21 2024 by rpki-client on console-fra.rpki-client.org