Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/m3g4Qp-Svo-5BWEHvxsg5POUPts.roa
File: m3g4Qp-Svo-5BWEHvxsg5POUPts.roa (raw, json)
Hash identifier: Hpn3VxlnBTNT+fUvsr/BO/JPuYfTm+YFHv3HImlAjIw=
Subject key identifier: 9B:78:38:42:9F:92:BE:8F:B9:05:61:07:BF:1B:20:E4:F3:94:3E:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191B17CF7E8DA058E762C1973307F77AC92
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/m3g4Qp-Svo-5BWEHvxsg5POUPts.roa
Signing time: Mon 02 Sep 2024 06:47:22 +0000
ROA not before: Mon 02 Sep 2024 06:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.233.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.58.57.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:7c:f7:e8:da:05:8e:76:2c:19:73:30:7f:77:ac:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 2 06:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b7838429f92be8fb9056107bf1b20e4f3943edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:21:4d:26:a1:05:df:28:f5:b1:a5:dc:9e:d9:
bb:09:0b:ab:26:a4:a4:a0:7d:c6:dd:fa:12:b2:5b:
fa:f1:25:a9:7c:27:74:a7:1c:f6:79:b8:19:f0:01:
3e:20:19:5c:48:26:6d:01:95:65:09:6f:32:9b:4c:
68:6f:08:ac:80:14:20:fb:16:84:a5:11:1d:3a:75:
64:be:07:09:7a:35:5e:96:60:e8:db:82:5b:5c:59:
fe:fa:9e:20:ee:b4:3e:4f:5d:30:fa:cd:8a:39:d3:
d3:f3:b2:51:a9:da:fd:75:d6:9a:03:da:36:4b:c0:
8e:78:58:c7:76:8f:9e:d2:ea:42:bc:ac:e7:ee:68:
ab:9d:de:34:df:22:01:5d:87:c5:17:7a:1f:a0:41:
ed:52:0f:16:90:2f:10:97:0d:85:d8:d8:bb:9f:97:
fc:32:95:ac:d2:cf:d8:f7:b9:ab:de:41:c6:c7:59:
83:eb:26:21:14:f7:b3:e6:08:ac:98:90:b4:40:b4:
54:5a:49:7f:77:d9:4f:0f:d5:1a:68:96:a7:21:a8:
44:49:01:1e:23:4a:db:43:58:93:de:92:3d:0f:35:
2f:46:1f:f7:91:69:3b:17:d3:c3:e4:53:e4:9d:01:
87:96:fb:ff:31:1b:ca:33:8d:50:fc:bf:fa:68:9e:
57:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:78:38:42:9F:92:BE:8F:B9:05:61:07:BF:1B:20:E4:F3:94:3E:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/m3g4Qp-Svo-5BWEHvxsg5POUPts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.233.0/24
193.124.47.0/24
194.58.57.0/24
194.58.155.0/24
194.87.26.0/23
194.87.44.0/24
194.87.49.0/24
194.87.76.0/24
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.243.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/23
195.133.14.0/23
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.217.0/24
212.192.246.0/24
212.192.248.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
91:a2:93:37:ec:3b:d7:e5:df:d2:b2:7c:b2:10:aa:50:7a:37:
b9:e8:3b:1a:ed:3d:e7:e9:67:87:db:ff:d3:ea:a0:e6:0e:6d:
29:a1:e3:18:ce:b5:0a:a7:b0:9a:63:b1:4a:3b:50:1f:19:e5:
27:54:23:82:ef:73:09:21:0f:c5:43:24:e7:4f:9c:08:c7:f0:
dd:86:1e:10:90:79:53:e3:1e:5f:23:ce:9b:de:61:52:48:3a:
3a:36:4d:46:d6:20:a0:49:5f:ab:c3:09:f5:c1:2d:02:85:9c:
0b:63:1a:7f:3b:e5:ff:a9:3e:aa:b1:e0:7c:a7:30:71:1e:2f:
0d:aa:7d:b4:6f:e4:fd:67:7b:de:23:97:9e:ec:08:ee:ab:1b:
21:0d:ef:e4:14:fc:78:64:41:b1:2e:a1:9f:d3:e1:29:a8:9f:
03:e9:ac:7c:b4:70:eb:1d:74:95:be:ff:8f:b3:60:3e:21:fd:
cd:86:bb:05:dc:e4:02:c8:c9:03:6e:77:67:d0:a6:1e:50:fc:
27:5e:7b:cb:89:72:3b:b5:2a:cb:c4:50:e5:b4:86:b0:e8:46:
90:ef:da:c6:f8:00:db:3d:54:14:6f:3a:aa:b3:3c:c3:14:f9:
31:9a:81:f6:89:7d:40:ca:49:29:2c:d0:2c:4b:ad:aa:1b:ea:
57:4f:d3:31
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZGxfPfo2gWOdiwZczB/d6ySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTAyMDY0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc4Mzg0MjlmOTJiZThmYjkwNTYxMDdiZjFiMjBlNGYzOTQzZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSFNJqEF3yj1saXcntm7CQurJqSk
oH3G3foSslv68SWpfCd0pxz2ebgZ8AE+IBlcSCZtAZVlCW8ym0xobwisgBQg+xaE
pREdOnVkvgcJejVelmDo24JbXFn++p4g7rQ+T10w+s2KOdPT87JRqdr9ddaaA9o2
S8COeFjHdo+e0upCvKzn7mirnd403yIBXYfFF3ofoEHtUg8WkC8Qlw2F2Ni7n5f8
MpWs0s/Y97mr3kHGx1mD6yYhFPez5gismJC0QLRUWkl/d9lPD9UaaJanIahESQEe
I0rbQ1iT3pI9DzUvRh/3kWk7F9PD5FPknQGHlvv/MRvKM41Q/L/6aJ5XgQIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFJt4OEKfkr6PuQVhB78bIOTzlD7bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbTNnNFFwLVN2by01QldFSHZ4c2c1UE9VUHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAUoEAgABMIIB
QgMEAD5M6QMEAMF8LwMEAMI6OQMEAMI6mwMEAcJXGgMEAMJXLAMEAMJXMQMEAMJX
TDAMAwQAwldTAwQAwldUAwQAwldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YD
BADCV4oDBADCV4wDBADCV48DBADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74D
BADCV8gDBADCV8oDBADCV9ADBADCV9cDBAHCV9wDBADCV+IDBADCV/MDBADCV/oD
BADChyYDBADCh2kDBADDOiIDBAHDOiQDBAHDhQ4DBADDhRIDBADDhRUDBADDhRkD
BADDhRsDBADDhR4DBAHDhTIDBADDhT8DBADDhUkDBADDhVEDBAHDhVwDBADDhcID
BADUwAEDBADUwNkDBADUwPYDBADUwPgDBADUwRgDBADUwR4wFAQCAAIwDgMFAyoB
V8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQCRopM37DvX5d/SsnyyEKpQeje5
6Dsa7T3n6WeH2//T6qDmDm0poeMYzrUKp7CaY7FKO1AfGeUnVCOC73MJIQ/FQyTn
T5wIx/Ddhh4QkHlT4x5fI86b3mFSSDo6Nk1G1iCgSV+rwwn1wS0ChZwLYxp/O+X/
qT6qseB8pzBxHi8Nqn20b+T9Z3veI5ee7AjuqxshDe/kFPx4ZEGxLqGf0+EpqJ8D
6ax8tHDrHXSVvv+Ps2A+If3NhrsF3OQCyMkDbndn0KYeUPwnXnvLiXI7tSrLxFDl
tIaw6EaQ79rG+ADbPVQUbzqqszzDFPkxmoH2iX1AykkpLNAsS62qG+pXT9Mx
-----END CERTIFICATE-----
Generated at Mon Sep 2 12:49:59 2024 by rpki-client on console-ams.rpki-client.org