Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lMjRZxGfbgwKVf7YnrDVgoSWRd0.roa
File: lMjRZxGfbgwKVf7YnrDVgoSWRd0.roa (raw, json)
Hash identifier: pb3SvV3hG2tDY6l1d4CLK4xWxO3IhgWZfhdEk8uTeHs=
Subject key identifier: 94:C8:D1:67:11:9F:6E:0C:0A:55:FE:D8:9E:B0:D5:82:84:96:45:DD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66FAE831F5E06F7DB96D7D17D8F5E7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lMjRZxGfbgwKVf7YnrDVgoSWRd0.roa
Signing time: Sun 01 Jan 2023 22:14:57 +0000
ROA not before: Sun 01 Jan 2023 22:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53850
IP address blocks: 62.76.224.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:fa:e8:31:f5:e0:6f:7d:b9:6d:7d:17:d8:f5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94c8d167119f6e0c0a55fed89eb0d582849645dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2b:e4:85:04:1a:cc:9d:98:3a:93:fc:d9:c3:
fd:e0:74:04:0b:36:2d:98:86:36:5d:30:98:c7:5e:
f1:51:d3:89:43:bc:e3:69:17:e7:78:2f:e8:f4:49:
91:60:7c:1a:4a:e4:4b:ea:79:fc:c4:80:d0:d5:e1:
b8:b3:70:74:7d:19:97:f3:86:a0:04:f4:69:7e:87:
3c:29:80:26:e1:aa:ec:19:14:84:f0:b4:6e:bf:53:
40:6d:ca:07:72:1b:b3:41:88:25:c2:04:e7:14:7d:
94:39:25:d6:71:1d:3a:b5:2b:22:66:75:05:25:68:
98:9a:ba:4e:27:43:59:9d:79:32:13:ae:6f:52:54:
24:9e:9f:7d:48:e8:c1:8e:a0:43:1e:87:4b:41:a3:
a3:46:f9:a4:6f:f7:84:01:f4:53:88:6e:ae:92:8e:
ef:d5:8b:52:9c:3b:23:00:42:96:3a:94:8c:6b:26:
d3:f1:90:04:e4:3e:04:1d:b6:3f:66:ae:7a:b6:b8:
71:35:ae:e7:d4:89:33:dc:58:ff:f2:2b:3b:d5:db:
ab:6b:79:21:bd:aa:78:c0:8e:c7:fe:6e:b1:c2:9b:
8d:10:72:0e:c3:25:d8:d2:b9:6e:6b:a8:32:ed:df:
3a:8e:0c:55:8d:87:8e:44:3a:b3:fb:b5:e9:da:5c:
2b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C8:D1:67:11:9F:6E:0C:0A:55:FE:D8:9E:B0:D5:82:84:96:45:DD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lMjRZxGfbgwKVf7YnrDVgoSWRd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
194.87.32.0/23
194.87.39.0/24
194.87.117.0-194.87.118.255
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
41:dd:08:c9:23:60:ed:df:26:cf:e9:9e:61:d7:ae:4c:a4:ce:
eb:4f:83:5c:ef:ca:8d:ef:8a:0c:cb:7f:61:51:f9:ed:0d:8e:
91:a9:62:32:c4:42:c8:50:e1:54:ba:1c:4e:21:25:da:99:b7:
a5:8d:2b:6a:94:3d:ba:75:ad:8c:4a:c6:40:df:48:cd:be:97:
08:3c:dd:1a:d3:43:eb:08:17:ee:89:86:07:55:7f:ae:a7:fe:
83:d8:72:ae:38:4f:a6:21:1d:0b:ed:5f:09:81:dc:71:96:06:
14:53:36:e6:41:c2:6b:ca:16:49:63:e1:a8:34:1f:71:91:ff:
db:5d:f8:e6:fa:a3:4b:15:76:55:ec:6d:32:11:34:4b:b8:5d:
b7:8a:24:4d:af:82:b6:d3:42:17:4a:bf:1e:c8:b8:0a:f8:2c:
d9:8f:43:bd:31:87:bb:ec:5a:5e:f4:2f:fb:74:26:c3:38:65:
17:91:6c:54:b9:ac:8d:77:9f:ad:9a:9f:67:f3:86:36:0c:f8:
31:39:97:9f:3e:47:21:7c:2a:f1:9d:59:6e:fb:98:f3:6d:e6:
75:d2:cf:21:1d:63:0f:ed:a8:19:6c:7f:1b:95:58:f5:69:1c:
cc:33:94:0b:1e:19:cf:ce:a5:bf:8c:5c:82:7e:82:aa:ba:32:
e1:90:a4:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvZvroMfXgb325bX0X2PXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGM4ZDE2NzExOWY2ZTBjMGE1NWZlZDg5ZWIwZDU4Mjg0OTY0NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCvkhQQazJ2YOpP82cP94HQECzYt
mIY2XTCYx17xUdOJQ7zjaRfneC/o9EmRYHwaSuRL6nn8xIDQ1eG4s3B0fRmX84ag
BPRpfoc8KYAm4arsGRSE8LRuv1NAbcoHchuzQYglwgTnFH2UOSXWcR06tSsiZnUF
JWiYmrpOJ0NZnXkyE65vUlQknp99SOjBjqBDHodLQaOjRvmkb/eEAfRTiG6uko7v
1YtSnDsjAEKWOpSMaybT8ZAE5D4EHbY/Zq56trhxNa7n1Ikz3Fj/8is71dura3kh
vap4wI7H/m6xwpuNEHIOwyXY0rlua6gy7d86jgxVjYeORDqz+7Xp2lwraQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJTI0WcRn24MClX+2J6w1YKElkXdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbE1qUlp4R2ZiZ3dLVmY3WW5yRFZnb1NXUmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAPkzgAwQB
wlcgAwQAwlcnMAwDBADCV3UDBADCV3YDBADUwQswDQYJKoZIhvcNAQELBQADggEB
AEHdCMkjYO3fJs/pnmHXrkykzutPg1zvyo3vigzLf2FR+e0NjpGpYjLEQshQ4VS6
HE4hJdqZt6WNK2qUPbp1rYxKxkDfSM2+lwg83RrTQ+sIF+6JhgdVf66n/oPYcq44
T6YhHQvtXwmB3HGWBhRTNuZBwmvKFklj4ag0H3GR/9td+Ob6o0sVdlXsbTIRNEu4
XbeKJE2vgrbTQhdKvx7IuAr4LNmPQ70xh7vsWl70L/t0JsM4ZReRbFS5rI13n62a
n2fzhjYM+DE5l58+RyF8KvGdWW77mPNt5nXSzyEdYw/tqBlsfxuVWPVpHMwzlAse
Gc/Opb+MXIJ+gqq6MuGQpB4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:10 2023 by rpki-client on console-fra.rpki-client.org