Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oP4TjA3vyM2YP19289SEUhII-yc.roa
File: oP4TjA3vyM2YP19289SEUhII-yc.roa (raw, json)
Hash identifier: hM0xXThIYiYSHVS6Awt23k21htkjMVRR6HAwNErlkeI=
Subject key identifier: A0:FE:13:8C:0D:EF:C8:CD:98:3F:5F:76:F3:D4:84:52:12:08:FB:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D212382D6214284E71AE128200998677D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oP4TjA3vyM2YP19289SEUhII-yc.roa
Signing time: Fri 19 Jan 2024 09:53:11 +0000
ROA not before: Fri 19 Jan 2024 09:53:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 17:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:23:82:d6:21:42:84:e7:1a:e1:28:20:09:98:67:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 09:53:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0fe138c0defc8cd983f5f76f3d484521208fb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:b5:d2:3e:ff:96:b3:eb:4b:fd:57:d6:55:
1c:be:62:51:48:8a:41:18:71:10:7b:42:23:ee:1f:
46:3e:5f:ff:65:ce:1d:93:31:02:fc:4a:e2:aa:ec:
97:6d:28:61:7b:9a:2b:03:e0:b1:94:49:a4:af:19:
fb:8a:bf:50:61:a6:32:ee:5e:0c:df:39:33:54:de:
b4:e1:1a:2e:3e:51:d1:45:cf:ff:73:14:b0:b5:a1:
3b:ba:f3:ac:8a:b8:76:f0:66:b2:8e:33:a9:c3:51:
3d:f6:4e:f4:44:97:37:94:ed:a9:ba:84:32:3e:9a:
89:fb:9d:08:9a:0e:9a:9a:40:68:a2:9d:b3:6f:26:
81:d6:88:02:af:fc:db:31:75:ad:12:19:06:56:4e:
bf:23:3e:91:d8:f7:a9:6b:2f:46:61:55:00:76:48:
f5:15:2a:c9:66:fe:4f:c9:78:a3:1f:1a:54:69:2b:
a3:dd:a3:84:d3:92:00:0b:c9:7f:5f:b9:5c:6c:ed:
e5:02:ff:65:a3:80:c7:8d:13:70:1f:28:ae:39:dd:
fa:e5:5d:c1:81:f5:ac:3b:06:97:57:32:09:7b:c4:
44:60:a3:e0:bd:bb:c3:b1:5e:d9:04:d3:2b:0a:21:
62:9a:f1:24:31:9a:ff:a1:9c:38:25:ed:29:36:c2:
5d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FE:13:8C:0D:EF:C8:CD:98:3F:5F:76:F3:D4:84:52:12:08:FB:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oP4TjA3vyM2YP19289SEUhII-yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.5.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.40.0/24
194.87.76.0/24
194.87.81.0/24
194.87.88.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.87.245.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ce:aa:b0:04:28:d3:36:05:92:bd:53:1e:9f:10:d6:a7:51:
73:9b:ab:5b:d2:47:57:2b:f5:4a:92:cb:50:88:6a:46:e7:cf:
93:5a:63:68:6c:c1:9e:4e:f7:29:5a:aa:7c:b7:4c:c9:29:d3:
7e:8c:25:dd:94:fe:45:7b:16:2d:d8:8c:a1:50:b1:af:c7:e0:
86:47:d7:1e:94:6d:8d:b0:d3:9d:df:e1:40:ed:f9:cb:c1:6a:
b4:85:20:5b:2a:dc:fd:65:62:59:96:3c:51:f3:37:9c:00:98:
57:64:bd:8f:3e:e7:c5:fa:9f:25:1d:37:62:4f:b7:e0:49:d7:
49:0d:9a:a6:dd:64:bf:09:a6:ef:8f:db:d7:ae:78:fd:d1:f9:
6d:7a:75:35:23:75:e4:d5:97:19:9d:53:76:52:53:4f:eb:21:
66:d9:b6:21:cc:78:03:04:22:c1:f0:16:69:f1:19:5c:1c:e4:
cf:1b:a3:de:a7:2d:03:de:48:68:61:ff:47:c1:71:0a:21:ba:
eb:b1:e2:20:ad:5c:06:01:4e:bc:a2:fa:4c:6d:b7:64:22:39:
30:9d:73:8c:68:26:f6:19:d8:37:03:88:cf:de:92:da:d5:f4:
47:9c:e4:15:89:f2:da:a4:df:26:e3:bb:ab:cd:52:50:1d:11:
88:59:a3:6d
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAY0hI4LWIUKE5xrhKCAJmGd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE5MDk1MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZlMTM4YzBkZWZjOGNkOTgzZjVmNzZmM2Q0ODQ1MjEyMDhmYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0C10j7/lrPrS/1X1lUcvmJRSIpB
GHEQe0Ij7h9GPl//Zc4dkzEC/EriquyXbShhe5orA+CxlEmkrxn7ir9QYaYy7l4M
3zkzVN604RouPlHRRc//cxSwtaE7uvOsirh28GayjjOpw1E99k70RJc3lO2puoQy
PpqJ+50Img6amkBoop2zbyaB1ogCr/zbMXWtEhkGVk6/Iz6R2Pepay9GYVUAdkj1
FSrJZv5PyXijHxpUaSuj3aOE05IAC8l/X7lcbO3lAv9lo4DHjRNwHyiuOd365V3B
gfWsOwaXVzIJe8REYKPgvbvDsV7ZBNMrCiFimvEkMZr/oZw4Je0pNsJdbwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFKD+E4wN78jNmD9fdvPUhFISCPsnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb1A0VGpBM3Z5TTJZUDE5Mjg5U0VVaElJLXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAD5M4wMEALlICgMEAMB8twMEAMF8BQMEAMF8LwMEAMF8XwMEAMF8yjAMAwQA
wjopAwQAwjoqAwQAwjpCAwQAwjqaAwQAwlcaAwQAwlcoAwQAwldMAwQAwldRAwQA
wldYAwQAwleAAwQAwleVAwQAwleXAwQAwleqAwQAwlesAwQAwle7AwQAwle+AwQA
wlfJAwQAwlfXAwQAwlfgAwQAwlflAwQAwlfnAwQAwlf1AwQAwochAwQAwzo2AwQA
wzo8AwQAwzo/AwQAw4UCAwQAw4UZAwQAw4UbAwQAw4VIAwQAw4VUAwQAw4XAAwQA
1MABAwQA1MDWAwQA1MDeAwQA1MENAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQB6
zqqwBCjTNgWSvVMenxDWp1Fzm6tb0kdXK/VKkstQiGpG58+TWmNobMGeTvcpWqp8
t0zJKdN+jCXdlP5FexYt2IyhULGvx+CGR9celG2NsNOd3+FA7fnLwWq0hSBbKtz9
ZWJZljxR8zecAJhXZL2PPufF+p8lHTdiT7fgSddJDZqm3WS/Cabvj9vXrnj90flt
enU1I3Xk1ZcZnVN2UlNP6yFm2bYhzHgDBCLB8BZp8RlcHOTPG6Pepy0D3khoYf9H
wXEKIbrrseIgrVwGAU68ovpMbbdkIjkwnXOMaCb2Gdg3A4jP3pLa1fRHnOQVifLa
pN8m47urzVJQHRGIWaNt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org