Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mch34F6422SamwnJ1lcX5eeDtOc.roa
File: mch34F6422SamwnJ1lcX5eeDtOc.roa (raw, json)
Hash identifier: z7zVZRMmUF0hswhE/KTZ8ZKql/wtWkviFRUCmpnQuPo=
Subject key identifier: 99:C8:77:E0:5E:B8:DB:64:9A:9B:09:C9:D6:57:17:E5:E7:83:B4:E7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019302FEA01F458955C901114FE8472F5D43
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mch34F6422SamwnJ1lcX5eeDtOc.roa
Signing time: Wed 06 Nov 2024 19:41:01 +0000
ROA not before: Wed 06 Nov 2024 19:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 11:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:fe:a0:1f:45:89:55:c9:01:11:4f:e8:47:2f:5d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 19:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99c877e05eb8db649a9b09c9d65717e5e783b4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8a:be:8a:8f:db:56:4f:3b:fe:e4:81:bf:6d:
3d:ce:1f:dd:af:3b:d1:1e:4b:27:7c:56:2e:91:82:
80:b5:8c:36:bd:94:7b:8f:28:78:7a:43:1a:f7:42:
82:3b:25:97:0b:d8:97:dd:a9:a2:8e:61:20:f6:c9:
db:da:66:d8:b4:c8:7a:4c:61:70:1d:b7:68:25:9b:
0b:cf:d3:3d:54:5c:c9:82:c9:fd:64:81:df:89:c8:
f2:60:b6:14:4d:f8:ad:99:1f:9f:fe:46:3b:e0:15:
3d:6b:e0:d3:fe:a6:fc:16:8a:9f:75:e4:8c:05:4c:
c1:45:53:e8:d3:e5:e0:f2:7d:d0:6b:b8:36:cf:29:
33:f4:4d:c0:5d:fa:9f:70:b9:d4:ca:ab:3b:4f:96:
da:28:8b:54:b3:02:9e:c5:7a:23:37:e8:3e:81:80:
a6:f0:f6:2c:e5:31:a1:da:6c:bb:01:db:24:99:fe:
ed:60:cb:ab:31:9c:d8:6c:40:2f:53:db:56:6d:85:
2b:32:8a:58:5b:6f:7f:c0:38:76:03:bb:31:d5:f9:
27:7a:54:28:20:95:34:f4:c9:a1:44:b3:a1:d9:57:
ea:77:94:d6:03:16:9e:a8:15:3b:87:c7:bb:de:5f:
b4:2d:26:97:00:f1:26:28:0b:3d:ae:b0:1d:ed:ff:
96:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C8:77:E0:5E:B8:DB:64:9A:9B:09:C9:D6:57:17:E5:E7:83:B4:E7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mch34F6422SamwnJ1lcX5eeDtOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
193.124.49.0/24
194.58.34.0/24
194.58.38.0-194.58.40.255
194.58.44.0/23
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.18.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.82.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
20:49:33:0e:21:08:2a:30:57:7b:1f:af:c3:d0:bb:6c:34:80:
7a:c1:12:5d:a1:8f:93:4c:89:6f:ab:99:06:c4:9a:d4:17:01:
ac:55:48:1e:c6:f8:9b:30:85:bb:95:1c:65:2c:32:41:33:04:
1e:7c:44:66:96:13:0d:39:27:48:6d:5b:7c:06:a5:c0:11:3f:
b7:29:b1:e4:04:ea:2c:72:e7:b1:76:ae:9d:21:fe:33:dd:3f:
c7:10:d6:73:c8:7a:b6:14:ef:dd:c7:28:ff:71:74:78:aa:2e:
32:1f:ca:21:4f:f8:58:8f:45:1e:a6:60:80:ab:7a:0d:c1:59:
09:26:1d:e2:fd:0b:48:70:2a:97:2e:a0:11:f2:bc:7a:9e:b3:
c9:d6:30:9d:ae:78:83:49:2a:b8:fe:ed:30:fc:b0:ce:b0:24:
ca:95:98:91:0e:98:be:27:be:cb:e7:95:e9:6b:2b:0f:0b:53:
d1:9d:d8:29:f2:0c:4b:8f:23:2c:48:1d:10:19:af:07:fa:b1:
d5:33:1d:de:12:e6:fc:f3:f9:80:a1:d0:1d:e9:73:f0:3b:51:
e0:f5:3d:7c:ef:ad:5b:3b:b8:22:05:db:83:9c:20:03:86:5b:
63:61:ca:20:df:73:c5:83:d4:cc:a9:38:b5:42:29:d8:02:19:
3f:fe:9a:d3
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZMC/qAfRYlVyQERT+hHL11DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA2MTk0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM4NzdlMDVlYjhkYjY0OWE5YjA5YzlkNjU3MTdlNWU3ODNiNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Yq+io/bVk87/uSBv209zh/drzvR
HksnfFYukYKAtYw2vZR7jyh4ekMa90KCOyWXC9iX3amijmEg9snb2mbYtMh6TGFw
HbdoJZsLz9M9VFzJgsn9ZIHficjyYLYUTfitmR+f/kY74BU9a+DT/qb8FoqfdeSM
BUzBRVPo0+Xg8n3Qa7g2zykz9E3AXfqfcLnUyqs7T5baKItUswKexXojN+g+gYCm
8PYs5TGh2my7Adskmf7tYMurMZzYbEAvU9tWbYUrMopYW29/wDh2A7sx1fknelQo
IJU09MmhRLOh2Vfqd5TWAxaeqBU7h8e73l+0LSaXAPEmKAs9rrAd7f+WwwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFJnId+BeuNtkmpsJydZXF+Xng7TnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbWNoMzRGNjQyMlNhbXduSjFsY1g1ZWVEdE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADB
fDEDBADCOiIwDAMEAcI6JgMEAMI6KAMEAcI6LAMEAMI6QgMEAMI6RAMEAMJXCgME
AMJXEgMEAMJXHgMEAMJXJwMEAMJXLwMEAMJXOgMEAMJXUgMEAMJXxgMEAMJX4wME
AMJX5gMEAMOFQwMEAMOFXAMEAdTADAMEANTADwMEANTA1wMEANTA3QMEANTA3zAM
AwQA1MEBAwQA1MECAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQAgSTMOIQgqMFd7
H6/D0LtsNIB6wRJdoY+TTIlvq5kGxJrUFwGsVUgexvibMIW7lRxlLDJBMwQefERm
lhMNOSdIbVt8BqXAET+3KbHkBOoscuexdq6dIf4z3T/HENZzyHq2FO/dxyj/cXR4
qi4yH8ohT/hYj0UepmCAq3oNwVkJJh3i/QtIcCqXLqAR8rx6nrPJ1jCdrniDSSq4
/u0w/LDOsCTKlZiRDpi+J77L55XpaysPC1PRndgp8gxLjyMsSB0QGa8H+rHVMx3e
Eub88/mAodAd6XPwO1Hg9T18761bO7giBduDnCADhltjYcog33PFg9TMqTi1QinY
Ahk//prT
-----END CERTIFICATE-----
Generated at Sun Nov 17 14:38:35 2024 by rpki-client on console-fra.rpki-client.org