Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mqNVgyzTqx6XOXOVTzfIc2U7x5w.roa
File: mqNVgyzTqx6XOXOVTzfIc2U7x5w.roa (raw, json)
Hash identifier: ZxL5ETZMkeUCrIuZK2zBp0l+J8nGzptSIVvJZyyOJ/E=
Subject key identifier: 9A:A3:55:83:2C:D3:AB:1E:97:39:73:95:4F:37:C8:73:65:3B:C7:9C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018857DDF93AC376B0A0FDDB804BFA605941
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mqNVgyzTqx6XOXOVTzfIc2U7x5w.roa
Signing time: Fri 26 May 2023 11:42:24 +0000
ROA not before: Fri 26 May 2023 11:42:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.124.226.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.254.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
192.124.176.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
195.133.52.0/23 maxlen: 23
195.133.56.0/22 maxlen: 22
195.133.59.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.6.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 13:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:dd:f9:3a:c3:76:b0:a0:fd:db:80:4b:fa:60:59:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 26 11:42:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9aa355832cd3ab1e973973954f37c873653bc79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0e:4a:12:8d:86:97:c6:8d:f5:ac:ba:a5:4f:
25:a7:1d:1b:f9:21:76:28:a6:f0:cb:78:ed:3f:02:
58:55:ad:19:88:69:a1:78:65:40:c8:79:67:60:e6:
27:82:2c:f1:13:04:d1:35:16:be:d6:16:4d:46:5a:
a7:5a:fd:a0:fe:42:b1:ab:7b:c4:40:e7:85:71:aa:
45:e4:aa:1e:b1:dc:a3:78:d7:e2:58:39:8d:b4:6a:
42:65:5d:52:ef:9c:11:26:fa:86:08:3b:15:ae:8a:
30:56:b9:3a:02:0c:3c:59:c9:04:d0:66:df:02:09:
bc:0c:b4:66:ba:7e:d9:e0:d8:8c:61:57:0c:c4:cf:
92:1c:05:91:51:bf:fd:dc:8e:25:fe:e5:fa:04:f0:
11:f1:71:98:3e:0d:1c:17:0c:88:3f:e5:09:d3:62:
7f:01:46:57:90:74:94:7f:73:dc:03:2b:48:e0:f5:
41:df:32:fc:ee:ce:6c:e3:f5:69:d0:99:ba:bc:e0:
51:af:fb:b2:e6:8c:a9:1e:33:da:97:81:b6:e8:2c:
e0:4c:09:bd:32:62:6a:f0:62:e3:34:35:07:51:3d:
4b:55:74:73:08:9c:92:f9:b7:52:bc:25:1b:f8:e6:
95:7a:14:d8:71:9d:b7:9d:db:c9:d5:9b:83:1b:5c:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A3:55:83:2C:D3:AB:1E:97:39:73:95:4F:37:C8:73:65:3B:C7:9C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mqNVgyzTqx6XOXOVTzfIc2U7x5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.176.0/24
193.124.36.0/24
193.124.226.0/24
193.124.254.0/24
194.87.40.0/24
194.87.118.0/23
194.87.221.0/24
194.135.32.0/24
195.133.6.0/23
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.56.0/22
212.192.13.0/24
Signature Algorithm: sha256WithRSAEncryption
78:97:05:07:97:96:6e:51:f2:83:87:8b:c1:a5:89:1b:f4:39:
ce:58:e5:ed:7a:d0:2b:8b:e5:3d:b0:27:c2:69:06:37:0c:05:
c7:87:93:7a:f7:79:1e:b2:60:c2:ea:ee:71:01:2c:29:9f:0f:
c1:fc:74:b4:0a:5b:c5:5d:dc:f2:1a:bb:69:83:71:eb:9e:8e:
a5:5a:95:59:ec:4b:1b:d9:ca:9b:82:e4:56:4a:79:c4:ed:4e:
e5:ac:e1:10:8e:7f:41:6f:f0:3d:af:23:a4:f9:89:c5:fd:fd:
60:07:cc:4a:ef:fc:ff:a1:52:43:dd:a6:03:3f:fe:74:2d:03:
3f:10:81:ca:d4:3d:1c:34:75:13:53:23:f7:da:a6:fd:3e:10:
87:c6:f5:e3:e7:ce:41:7e:fd:7b:e7:f6:d8:c1:81:2e:c6:e4:
c6:b6:58:80:4f:94:00:63:9b:c8:e8:7f:c1:e0:7a:86:d3:17:
93:57:c7:fc:07:cf:37:45:e6:a0:cf:1f:c9:91:ba:84:78:c2:
53:eb:ad:d7:c0:22:31:80:b0:d7:ee:8d:2a:f6:e1:04:4c:5e:
4f:dc:7e:16:59:8e:b0:7e:58:f8:94:6f:c4:1e:b5:c6:36:1d:
63:0e:ec:0b:5c:c3:17:fb:f1:c7:c1:04:cf:91:92:71:e8:72:
11:f9:a5:13
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYhX3fk6w3awoP3bgEv6YFlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTI2MTE0MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWEzNTU4MzJjZDNhYjFlOTczOTczOTU0ZjM3Yzg3MzY1M2JjNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ5KEo2Gl8aN9ay6pU8lpx0b+SF2
KKbwy3jtPwJYVa0ZiGmheGVAyHlnYOYngizxEwTRNRa+1hZNRlqnWv2g/kKxq3vE
QOeFcapF5KoesdyjeNfiWDmNtGpCZV1S75wRJvqGCDsVroowVrk6Agw8WckE0Gbf
Agm8DLRmun7Z4NiMYVcMxM+SHAWRUb/93I4l/uX6BPAR8XGYPg0cFwyIP+UJ02J/
AUZXkHSUf3PcAytI4PVB3zL87s5s4/Vp0Jm6vOBRr/uy5oypHjPal4G26CzgTAm9
MmJq8GLjNDUHUT1LVXRzCJyS+bdSvCUb+OaVehTYcZ23ndvJ1ZuDG1wtbQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFJqjVYMs06selzlzlU83yHNlO8ecMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbXFOVmd5elRxeDZYT1hPVlR6ZkljMlU3eDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAuUgKAwQA
wHywAwQAwXwkAwQAwXziAwQAwXz+AwQAwlcoAwQBwld2AwQAwlfdAwQAwocgAwQB
w4UGAwQBw4UKAwQBw4UaAwQBw4U0AwQCw4U4AwQA1MANMA0GCSqGSIb3DQEBCwUA
A4IBAQB4lwUHl5ZuUfKDh4vBpYkb9DnOWOXtetAri+U9sCfCaQY3DAXHh5N693ke
smDC6u5xASwpnw/B/HS0ClvFXdzyGrtpg3Hrno6lWpVZ7Esb2cqbguRWSnnE7U7l
rOEQjn9Bb/A9ryOk+YnF/f1gB8xK7/z/oVJD3aYDP/50LQM/EIHK1D0cNHUTUyP3
2qb9PhCHxvXj585Bfv175/bYwYEuxuTGtliAT5QAY5vI6H/B4HqG0xeTV8f8B883
Reagzx/JkbqEeMJT663XwCIxgLDX7o0q9uEETF5P3H4WWY6wflj4lG/EHrXGNh1j
DuwLXMMX+/HHwQTPkZJx6HIR+aUT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org