Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nzTWxPStYJ7eTyhJJH-RmHxv7qw.roa
File: nzTWxPStYJ7eTyhJJH-RmHxv7qw.roa (raw, json)
Hash identifier: nZWOf/ySKxDsBLUv4jIS+GefJTY1s9dMbNiH/lL/Zqo=
Subject key identifier: 9F:34:D6:C4:F4:AD:60:9E:DE:4F:28:49:24:7F:91:98:7C:6F:EE:AC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01897482A856956776511B77EE7B518F93AC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nzTWxPStYJ7eTyhJJH-RmHxv7qw.roa
Signing time: Thu 20 Jul 2023 18:14:27 +0000
ROA not before: Thu 20 Jul 2023 18:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 62.76.230.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 16:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:82:a8:56:95:67:76:51:1b:77:ee:7b:51:8f:93:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 20 18:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f34d6c4f4ad609ede4f2849247f91987c6feeac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8b:08:d1:cd:e7:26:0c:44:3b:0c:ea:b2:0f:
57:10:21:91:70:47:15:c4:46:a3:8a:02:6f:e2:8b:
cf:fc:87:bb:d1:ba:3b:16:7e:8a:7c:d9:d9:b9:a0:
af:91:59:78:72:14:8d:c7:38:c5:c7:ca:2d:4d:b5:
de:52:0e:4b:c1:40:0d:89:97:a0:d4:78:c8:0c:ba:
9a:2a:a0:0c:6d:db:ba:15:9b:42:48:b2:3a:7c:67:
05:40:12:30:ad:57:fa:93:5e:43:68:c1:ec:63:b6:
0f:45:59:22:62:9e:4e:6d:95:56:7b:ed:f0:aa:21:
9d:5e:7b:3a:61:b9:3d:b2:39:ed:b0:52:d9:cf:f7:
9d:bb:c8:1f:6b:ee:18:15:ba:70:a6:52:7c:77:4f:
a2:2c:78:6a:62:e5:e8:48:e4:f7:6c:94:12:b7:21:
9d:d9:1d:84:4e:11:43:ad:e3:fd:ff:ca:ab:64:99:
05:92:2a:45:66:a9:2c:f3:07:31:bb:13:32:f6:06:
5b:e2:8c:d7:7c:63:ea:5d:ec:f3:35:b4:3f:77:3b:
60:ab:19:be:08:c9:c5:f5:40:d5:15:5a:58:5a:3f:
15:88:e9:a8:d5:a7:c7:55:33:90:b5:e4:6a:1f:1d:
e7:cb:52:e1:df:9e:97:87:71:1d:db:5d:1f:0f:cf:
5e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:34:D6:C4:F4:AD:60:9E:DE:4F:28:49:24:7F:91:98:7C:6F:EE:AC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nzTWxPStYJ7eTyhJJH-RmHxv7qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/23
193.124.204.0/24
194.87.43.0/24
194.87.78.0/24
194.135.24.0/24
212.192.210.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:53:8b:8c:6d:ea:23:24:55:fa:51:f8:7d:ad:19:ee:1e:3d:
c3:40:34:83:82:16:75:a5:bb:c0:ee:72:2b:8a:9b:ba:f8:1d:
57:3a:8d:af:4c:17:97:46:6f:34:16:a1:07:d4:75:fb:90:b6:
0e:3f:a6:41:10:9b:4d:b3:e2:35:d4:d0:ca:f9:7b:a2:b1:f1:
1b:4d:0c:fc:75:77:bc:85:bb:97:4b:5f:b3:57:fa:43:8f:93:
15:00:27:d7:7e:00:09:67:19:3a:9c:37:c2:2a:ba:3c:c1:49:
fa:99:75:e2:58:e2:f9:6a:b8:c7:3a:01:bb:1e:65:cc:84:b5:
40:0a:cb:d2:5f:a3:18:b9:cc:d2:f2:5b:45:5f:5b:7b:a5:a8:
56:7a:53:0d:0c:cc:0f:89:7a:7c:a3:d3:55:d0:fc:94:1e:29:
3f:0a:28:1e:57:36:30:54:4e:cf:be:1b:4c:cd:0f:34:4f:43:
2d:d2:8c:18:0c:d1:7d:5c:62:73:59:1a:dc:10:80:59:03:fd:
7e:3d:4a:41:ce:03:cf:4d:e5:3d:63:8e:5a:ef:c0:aa:c7:f8:
3f:d5:99:e7:05:60:d8:e9:76:d1:b9:b6:ca:64:d9:4d:67:d3:
70:87:14:c6:5b:41:49:97:94:9a:1a:a0:5e:3e:5a:4a:1d:e1:
5c:d2:8c:0d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYl0gqhWlWd2URt37ntRj5OsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTgxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM0ZDZjNGY0YWQ2MDllZGU0ZjI4NDkyNDdmOTE5ODdjNmZlZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkosI0c3nJgxEOwzqsg9XECGRcEcV
xEajigJv4ovP/Ie70bo7Fn6KfNnZuaCvkVl4chSNxzjFx8otTbXeUg5LwUANiZeg
1HjIDLqaKqAMbdu6FZtCSLI6fGcFQBIwrVf6k15DaMHsY7YPRVkiYp5ObZVWe+3w
qiGdXns6Ybk9sjntsFLZz/edu8gfa+4YFbpwplJ8d0+iLHhqYuXoSOT3bJQStyGd
2R2EThFDreP9/8qrZJkFkipFZqks8wcxuxMy9gZb4ozXfGPqXezzNbQ/dztgqxm+
CMnF9UDVFVpYWj8ViOmo1afHVTOQteRqHx3ny1Lh356Xh3Ed210fD89eqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ801sT0rWCe3k8oSSR/kZh8b+6sMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbnpUV3hQU3RZSjdlVHloSkpILVJtSHh2N3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBPkzmAwQA
wXzMAwQAwlcrAwQAwldOAwQAwocYAwQA1MDSMA0GCSqGSIb3DQEBCwUAA4IBAQCM
U4uMbeojJFX6Ufh9rRnuHj3DQDSDghZ1pbvA7nIripu6+B1XOo2vTBeXRm80FqEH
1HX7kLYOP6ZBEJtNs+I11NDK+XuisfEbTQz8dXe8hbuXS1+zV/pDj5MVACfXfgAJ
Zxk6nDfCKro8wUn6mXXiWOL5arjHOgG7HmXMhLVACsvSX6MYuczS8ltFX1t7pahW
elMNDMwPiXp8o9NV0PyUHik/CigeVzYwVE7PvhtMzQ80T0Mt0owYDNF9XGJzWRrc
EIBZA/1+PUpBzgPPTeU9Y45a78Cqx/g/1ZnnBWDY6XbRubbKZNlNZ9NwhxTGW0FJ
l5SaGqBePlpKHeFc0owN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org