Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pkQE4CysV6382L69cE_dGvgtugA.roa
File: pkQE4CysV6382L69cE_dGvgtugA.roa (raw, json)
Hash identifier: jr2Nj8lIfvz/l7hW0QfFCRQVF5FRnC0/3NtTjpuaPvw=
Subject key identifier: A6:44:04:E0:2C:AC:57:AD:FC:D8:BE:BD:70:4F:DD:1A:F8:2D:BA:00
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A09128D523190AB2A6B4F593DD6355D75
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pkQE4CysV6382L69cE_dGvgtugA.roa
Signing time: Fri 18 Aug 2023 14:35:25 +0000
ROA not before: Fri 18 Aug 2023 14:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 62.76.226.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:09:12:8d:52:31:90:ab:2a:6b:4f:59:3d:d6:35:5d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 18 14:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a64404e02cac57adfcd8bebd704fdd1af82dba00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1a:c2:81:ea:8e:f8:aa:07:5c:0d:c5:a7:a5:
45:d3:61:37:a3:e1:f2:a4:fa:17:4d:4b:73:f9:4f:
ec:11:c1:b3:08:f2:5a:a5:7f:63:13:9e:fc:89:9f:
ce:c5:46:a0:62:9c:96:9c:cf:4f:80:22:bc:c0:77:
e1:cf:f8:f3:35:06:36:a8:48:7c:91:4b:a5:4c:f6:
fa:46:25:63:bc:3a:8d:2e:12:b8:42:13:92:33:a7:
ae:39:2b:c0:71:3d:23:cd:b4:d5:bd:cd:8a:31:d7:
a7:2c:38:30:bf:65:7f:64:88:b5:dc:74:87:c0:82:
c3:f9:d2:bb:79:4c:a1:f3:1d:e8:28:be:cd:c9:c5:
7a:3b:6f:d7:33:45:54:c9:c0:e8:48:53:3f:34:d0:
97:86:9d:25:37:32:e5:b8:76:de:b8:73:ea:e8:39:
8f:79:22:4f:02:89:c0:8d:26:45:5b:6e:01:86:68:
17:e4:27:c1:36:40:05:ac:74:3c:9a:7f:03:eb:d4:
5e:49:15:ad:1c:08:06:15:29:e3:e2:9c:a4:0d:91:
34:63:67:64:5d:fd:6d:77:33:46:a3:96:11:24:a5:
b1:2f:c2:c7:f4:f7:9d:43:24:6b:20:fa:8c:da:d4:
de:ba:7e:30:93:7f:5c:47:c8:d2:eb:52:61:74:37:
02:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:44:04:E0:2C:AC:57:AD:FC:D8:BE:BD:70:4F:DD:1A:F8:2D:BA:00
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pkQE4CysV6382L69cE_dGvgtugA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
193.124.17.0/24
194.87.3.0/24
194.87.16.0/24
194.87.36.0/24
194.87.117.0-194.87.120.255
194.87.176.0/24
195.58.56.0/24
212.192.0.0/24
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:06:98:75:90:b4:d1:df:20:a6:6e:df:d7:98:40:c3:e9:2a:
4a:42:08:f7:3b:26:e0:54:ad:40:80:34:4a:92:08:c8:c6:64:
cf:9c:74:b4:30:a1:91:4a:b9:ee:58:83:37:35:ce:16:58:b8:
ed:f1:4d:bc:c8:03:11:b9:ef:1e:44:68:2c:25:58:6d:49:fe:
8c:f1:70:41:29:b6:14:e0:c2:e8:37:c4:00:50:e4:05:8a:4b:
f3:97:56:5e:a9:60:a1:bc:98:8f:9a:38:b8:10:b5:3d:27:75:
bb:0e:f6:86:22:f8:2c:b6:a7:ac:da:b6:28:21:89:cb:15:9a:
5c:ad:e7:78:62:de:47:a4:72:f0:4f:6f:9e:f7:e7:62:00:01:
4c:f1:fb:77:ec:1b:5b:a3:cc:3b:8d:ef:d0:1c:68:21:26:b7:
a9:c6:34:0e:f7:51:65:50:ae:a4:03:61:15:eb:fe:e9:8f:dc:
c1:7e:3d:90:77:ee:eb:7f:a4:aa:d1:6b:40:1c:8d:ea:86:ae:
40:6c:70:87:c1:d7:b8:bf:e3:e8:40:56:8a:d1:aa:d8:ab:58:
ad:26:d4:58:97:35:05:a9:00:ce:7d:cf:8e:d9:bd:d5:da:aa:
b0:9c:27:e2:bb:6b:59:01:88:01:df:9a:f1:a2:ba:1f:61:68:
8e:b5:2a:0d
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYoJEo1SMZCrKmtPWT3WNV11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE4MTQzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQ0MDRlMDJjYWM1N2FkZmNkOGJlYmQ3MDRmZGQxYWY4MmRiYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghrCgeqO+KoHXA3Fp6VF02E3o+Hy
pPoXTUtz+U/sEcGzCPJapX9jE578iZ/OxUagYpyWnM9PgCK8wHfhz/jzNQY2qEh8
kUulTPb6RiVjvDqNLhK4QhOSM6euOSvAcT0jzbTVvc2KMdenLDgwv2V/ZIi13HSH
wILD+dK7eUyh8x3oKL7NycV6O2/XM0VUycDoSFM/NNCXhp0lNzLluHbeuHPq6DmP
eSJPAonAjSZFW24BhmgX5CfBNkAFrHQ8mn8D69ReSRWtHAgGFSnj4pykDZE0Y2dk
Xf1tdzNGo5YRJKWxL8LH9PedQyRrIPqM2tTeun4wk39cR8jS61JhdDcCMwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKZEBOAsrFet/Ni+vXBP3Rr4LboAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcGtRRTRDeXNWNjM4Mkw2OWNFX2RHdmd0dWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAPkziAwQA
wXwRAwQAwlcDAwQAwlcQAwQAwlckMAwDBADCV3UDBADCV3gDBADCV7ADBADDOjgD
BADUwAADBADUwAgwDQYJKoZIhvcNAQELBQADggEBAE8GmHWQtNHfIKZu39eYQMPp
KkpCCPc7JuBUrUCANEqSCMjGZM+cdLQwoZFKue5Ygzc1zhZYuO3xTbzIAxG57x5E
aCwlWG1J/ozxcEEpthTgwug3xABQ5AWKS/OXVl6pYKG8mI+aOLgQtT0ndbsO9oYi
+Cy2p6zatighicsVmlyt53hi3kekcvBPb57352IAAUzx+3fsG1ujzDuN79AcaCEm
t6nGNA73UWVQrqQDYRXr/umP3MF+PZB37ut/pKrRa0AcjeqGrkBscIfB17i/4+hA
VorRqtirWK0m1FiXNQWpAM59z47ZvdXaqrCcJ+K7a1kBiAHfmvGiuh9haI61Kg0=
-----END CERTIFICATE-----
Generated at Fri Aug 25 10:58:30 2023 by rpki-client on console-fra.rpki-client.org