Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o0CpM3ipGilLzvSEHAT1aoG9EQA.roa
File: o0CpM3ipGilLzvSEHAT1aoG9EQA.roa (raw, json)
Hash identifier: A2k5vsOvGUgl40VfcJlPmJHzPt0Mj1TPWSp4ZGe4Aew=
Subject key identifier: A3:40:A9:33:78:A9:1A:29:4B:CE:F4:84:1C:04:F5:6A:81:BD:11:00
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019137BA09F398F10B34B6EAA7C45723AAEF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o0CpM3ipGilLzvSEHAT1aoG9EQA.roa
Signing time: Fri 09 Aug 2024 15:20:24 +0000
ROA not before: Fri 09 Aug 2024 15:20:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.44.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 11 Aug 2024 14:55:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:ba:09:f3:98:f1:0b:34:b6:ea:a7:c4:57:23:aa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 9 15:20:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a340a93378a91a294bcef4841c04f56a81bd1100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:cb:06:7c:4b:3e:18:16:9e:bd:47:30:5b:
60:1f:9c:1a:78:16:d7:25:b4:65:3c:d3:21:8e:54:
5a:3b:dc:c6:3d:4c:a5:eb:5d:79:4e:79:e4:3c:4c:
f7:20:70:72:41:c8:7a:2d:f2:1c:42:8f:f5:5f:06:
a3:00:e6:9c:a5:0b:f0:e6:2b:ef:6b:54:d9:56:e5:
9b:1c:a0:08:23:e1:ae:e0:d8:bf:95:bb:d9:65:24:
d8:8f:0a:5b:0c:de:df:90:e0:13:69:06:5c:00:ad:
6a:3d:d5:05:c1:21:8e:1e:43:ff:0e:6c:b5:10:61:
e2:ad:87:b0:01:75:9f:fd:1b:f2:ef:63:91:e8:e2:
93:14:91:36:f5:77:63:6e:94:19:4e:67:9e:fb:97:
d9:1f:88:69:53:80:62:5b:0e:53:d9:c3:3c:fb:54:
e5:6a:52:08:9b:50:10:56:4c:28:63:2c:77:f8:14:
01:6f:70:8b:c9:77:42:43:4c:13:36:1e:45:b9:1a:
f5:74:03:08:8c:60:fb:4a:79:99:24:11:23:d9:80:
53:a1:8f:72:65:d6:1a:f8:ad:2a:7c:0a:ab:e6:4a:
a0:ca:43:7a:67:fa:50:b0:3c:cb:51:fa:0d:98:a4:
4a:2a:0c:cf:00:44:a7:73:b1:e6:f3:c3:e3:ac:74:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:40:A9:33:78:A9:1A:29:4B:CE:F4:84:1C:04:F5:6A:81:BD:11:00
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o0CpM3ipGilLzvSEHAT1aoG9EQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.58.66.0/24
194.58.155.0/24
194.87.44.0/24
194.87.49.0/24
194.87.52.0/24
194.87.54.0/23
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/22
195.133.15.0/24
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.1.0/24
212.193.5.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
70:e3:35:db:9c:00:c6:9f:16:ea:b4:62:27:6d:3e:31:bb:6b:
33:80:98:ed:e6:40:9d:c7:8c:d8:80:8a:89:7f:3a:4a:76:9e:
95:79:e5:42:57:25:ba:22:c6:b6:99:17:1a:df:d3:ff:22:39:
57:09:25:99:19:3e:74:a3:e2:b7:f4:c3:15:ec:46:bd:b3:9c:
85:91:26:18:ac:21:a4:d8:74:ac:02:c0:c7:c2:e1:6c:5d:06:
0f:1d:48:02:1c:dc:44:7b:7c:fd:46:43:f6:47:a9:29:1b:c8:
48:2c:f1:17:1f:40:f7:33:83:21:0c:fe:c7:f9:9e:3c:57:d7:
9d:c6:ff:f2:ab:e8:c1:4a:81:73:34:0d:61:3b:6f:e2:4b:4d:
24:74:5d:c2:01:01:96:bb:17:ad:ad:65:5f:e1:f7:7d:50:ca:
a4:1c:8f:46:8a:e3:c8:d6:dd:ce:b3:ee:c1:a1:d1:41:22:15:
0a:5b:90:7d:cb:4d:b9:79:a6:a1:8e:43:3b:28:b9:16:20:45:
d9:ff:57:6f:5b:66:5c:92:2c:61:e1:9d:ad:95:4c:87:ec:43:
87:8e:8e:14:cb:92:9e:73:70:97:ef:c7:ed:df:62:5f:ec:59:
cc:e3:8e:e4:50:18:46:9c:0f:9d:e3:52:56:92:e3:9b:65:ed:
43:c2:ca:bf
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZE3ugnzmPELNLbqp8RXI6rvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODA5MTUyMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQwYTkzMzc4YTkxYTI5NGJjZWY0ODQxYzA0ZjU2YTgxYmQxMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAjLBnxLPhgWnr1HMFtgH5waeBbX
JbRlPNMhjlRaO9zGPUyl6115TnnkPEz3IHByQch6LfIcQo/1XwajAOacpQvw5ivv
a1TZVuWbHKAII+Gu4Ni/lbvZZSTYjwpbDN7fkOATaQZcAK1qPdUFwSGOHkP/Dmy1
EGHirYewAXWf/Rvy72OR6OKTFJE29XdjbpQZTmee+5fZH4hpU4BiWw5T2cM8+1Tl
alIIm1AQVkwoYyx3+BQBb3CLyXdCQ0wTNh5FuRr1dAMIjGD7SnmZJBEj2YBToY9y
ZdYa+K0qfAqr5kqgykN6Z/pQsDzLUfoNmKRKKgzPAESnc7Hm88PjrHS4uwIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFKNAqTN4qRopS870hBwE9WqBvREAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbzBDcE0zaXBHaWxMenZTRUhBVDFhb0c5RVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAUoEAgABMIIB
QgMEAMI6LAMEAMI6QgMEAMI6mwMEAMJXLAMEAMJXMQMEAMJXNAMEAcJXNjAMAwQA
wldTAwQAwldUAwQAwldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YDBADCV4oD
BADCV4wDBADCV48DBADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74DBADCV8gD
BADCV8oDBADCV9ADBADCV9cDBAHCV9wDBADCV+IDBADCV/oDBADChyYDBADCh2kD
BADDOiIDBALDOiQDBADDhQ8DBADDhRIDBADDhRUDBADDhRkDBADDhRsDBADDhR4D
BAHDhTIDBADDhT8DBADDhUkDBADDhVEDBAHDhVwDBADDhcIDBADUwAEDBADUwN8D
BADUwPYDBADUwPgDBADUwQEDBADUwQUDBADUwRgDBADUwR4wFAQCAAIwDgMFAyoB
V8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQBw4zXbnADGnxbqtGInbT4xu2sz
gJjt5kCdx4zYgIqJfzpKdp6VeeVCVyW6Isa2mRca39P/IjlXCSWZGT50o+K39MMV
7Ea9s5yFkSYYrCGk2HSsAsDHwuFsXQYPHUgCHNxEe3z9RkP2R6kpG8hILPEXH0D3
M4MhDP7H+Z48V9edxv/yq+jBSoFzNA1hO2/iS00kdF3CAQGWuxetrWVf4fd9UMqk
HI9GiuPI1t3Os+7BodFBIhUKW5B9y025eaahjkM7KLkWIEXZ/1dvW2Zckixh4Z2t
lUyH7EOHjo4Uy5Kec3CX78ft32Jf7FnM447kUBhGnA+d41JWkuObZe1Dwsq/
-----END CERTIFICATE-----
Generated at Sun Aug 11 17:04:45 2024 by rpki-client on console-fra.rpki-client.org