Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mDRoexWQInrS6GzaFd_VpuoiJv4.roa
File: mDRoexWQInrS6GzaFd_VpuoiJv4.roa (raw, json)
Hash identifier: inThu+T83hy9M7SD3N32s6fVV6Wn58eUW9/RYaYc1H4=
Subject key identifier: 98:34:68:7B:15:90:22:7A:D2:E8:6C:DA:15:DF:D5:A6:EA:22:26:FE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186EDE6BF0B483F769C4D8302C4B400ABE2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mDRoexWQInrS6GzaFd_VpuoiJv4.roa
Signing time: Fri 17 Mar 2023 04:49:27 +0000
ROA not before: Fri 17 Mar 2023 04:49:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Mar 2023 05:28:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ed:e6:bf:0b:48:3f:76:9c:4d:83:02:c4:b4:00:ab:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 17 04:49:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9834687b1590227ad2e86cda15dfd5a6ea2226fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:33:45:49:5f:21:be:8e:d8:45:04:b0:d9:1f:
26:be:c5:06:8c:4e:ec:7e:5e:83:cc:0b:5a:e9:28:
dd:fc:1d:bf:d4:81:3a:ab:32:4d:87:3e:96:d2:79:
aa:a6:69:a6:15:a5:e1:e8:35:a5:e1:a6:15:d4:64:
d7:ea:ab:4e:f7:29:2c:11:b7:24:c1:75:71:17:20:
09:b8:0b:0b:e8:8a:a4:3a:a2:c8:5e:16:d5:20:1d:
cc:c6:8a:fa:c3:ec:6a:68:ed:97:ba:ae:f8:59:52:
19:a2:7e:cf:9d:ff:b4:b7:5b:01:9b:7b:06:d9:fc:
c7:4c:2d:00:cf:2c:c3:f2:e8:c9:2c:43:48:a0:ad:
22:60:1f:e3:08:4a:87:f7:fc:25:33:4a:19:ca:cb:
f2:6e:8d:46:c9:1f:bf:01:e7:21:f7:22:b2:43:b8:
7e:1c:4f:a2:0e:a5:0a:75:ba:b2:d6:c2:e1:bb:60:
6b:d3:a6:51:af:25:3f:b8:c3:5d:37:38:c8:20:43:
3d:81:f6:a8:1e:3e:af:81:e7:d9:be:bf:cc:e7:04:
e3:b9:45:7a:f7:6a:cc:24:cc:88:82:fb:f8:d3:ed:
7c:58:07:ef:e9:d7:bf:70:ec:a7:9c:02:0d:45:6f:
fc:dc:5c:f9:9f:f8:e5:e4:82:75:99:95:4a:f9:02:
79:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:34:68:7B:15:90:22:7A:D2:E8:6C:DA:15:DF:D5:A6:EA:22:26:FE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mDRoexWQInrS6GzaFd_VpuoiJv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.180.0/24
193.124.90.0/24
193.124.200.0/24
194.87.124.0/24
194.87.252.0/24
195.58.51.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
23:0f:b9:c4:c3:a4:4f:1f:35:29:8d:4f:78:3d:52:fb:26:42:
7d:b1:ff:a2:02:2e:d4:6e:0e:59:b0:5c:b7:64:9c:b1:bf:67:
63:38:26:00:aa:20:63:1e:08:8e:4e:6f:95:ff:d4:41:5a:c5:
be:cd:98:d6:b9:6c:c3:83:77:b9:55:89:13:64:e5:eb:d8:12:
b0:5b:20:7b:c9:23:9e:23:41:ab:64:11:64:73:22:d4:b8:31:
54:6a:88:0e:6a:a1:21:61:d1:2c:4f:6e:0e:26:ec:54:9c:39:
88:c1:b2:06:9a:5c:f0:81:a5:fa:25:41:fb:cf:05:09:0c:52:
5d:23:fe:25:4c:30:79:d5:77:cb:b0:09:e7:3f:28:52:b3:65:
30:26:fd:fd:2f:a0:43:dc:b2:6d:45:a7:68:fb:af:50:a9:c8:
c6:f2:bc:ac:02:76:c1:ee:c9:e9:2d:ce:c0:72:5c:f0:c8:79:
3e:79:a7:10:5c:43:2c:c6:da:1c:a5:99:19:7f:c0:00:83:de:
81:57:56:9a:f2:a7:3c:51:2f:de:e2:3f:c1:f0:8f:47:db:02:
16:a6:a9:7c:c2:4e:7e:b2:3b:b1:cf:c6:80:58:c5:86:3b:3f:
c6:fb:9a:cf:d3:e6:71:b9:d3:8d:86:19:a6:71:38:cd:76:85:
21:b4:fa:f2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYbt5r8LSD92nE2DAsS0AKviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzE3MDQ0OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM0Njg3YjE1OTAyMjdhZDJlODZjZGExNWRmZDVhNmVhMjIyNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjNFSV8hvo7YRQSw2R8mvsUGjE7s
fl6DzAta6Sjd/B2/1IE6qzJNhz6W0nmqpmmmFaXh6DWl4aYV1GTX6qtO9yksEbck
wXVxFyAJuAsL6IqkOqLIXhbVIB3Mxor6w+xqaO2Xuq74WVIZon7Pnf+0t1sBm3sG
2fzHTC0AzyzD8ujJLENIoK0iYB/jCEqH9/wlM0oZysvybo1GyR+/Aech9yKyQ7h+
HE+iDqUKdbqy1sLhu2Br06ZRryU/uMNdNzjIIEM9gfaoHj6vgefZvr/M5wTjuUV6
92rMJMyIgvv40+18WAfv6de/cOynnAINRW/83Fz5n/jl5IJ1mZVK+QJ5SQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJg0aHsVkCJ60uhs2hXf1abqIib+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbURSb2V4V1FJbnJTNkd6YUZkX1ZwdW9pSnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPkziAwQA
wHy0AwQAwXxaAwQAwXzIAwQAwld8AwQAwlf8AwQAwzozAwQA1MAJMA0GCSqGSIb3
DQEBCwUAA4IBAQAjD7nEw6RPHzUpjU94PVL7JkJ9sf+iAi7Ubg5ZsFy3ZJyxv2dj
OCYAqiBjHgiOTm+V/9RBWsW+zZjWuWzDg3e5VYkTZOXr2BKwWyB7ySOeI0GrZBFk
cyLUuDFUaogOaqEhYdEsT24OJuxUnDmIwbIGmlzwgaX6JUH7zwUJDFJdI/4lTDB5
1XfLsAnnPyhSs2UwJv39L6BD3LJtRado+69QqcjG8rysAnbB7snpLc7AclzwyHk+
eacQXEMsxtocpZkZf8AAg96BV1aa8qc8US/e4j/B8I9H2wIWpql8wk5+sjuxz8aA
WMWGOz/G+5rP0+ZxudONhhmmcTjNdoUhtPry
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org