Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qnM_D6W2bWXZgKnGQkm0J1eokgU.roa
File: qnM_D6W2bWXZgKnGQkm0J1eokgU.roa (raw, json)
Hash identifier: /j+716uIrWbL6ao9uVAzDoKuib3u23MqBrA4Eh4t7LQ=
Subject key identifier: AA:73:3F:0F:A5:B6:6D:65:D9:80:A9:C6:42:49:B4:27:57:A8:92:05
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CEE40EAF28AAE5826E480B97B23E336F7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qnM_D6W2bWXZgKnGQkm0J1eokgU.roa
Signing time: Tue 09 Jan 2024 12:44:40 +0000
ROA not before: Tue 09 Jan 2024 12:44:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 195.133.74.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 11:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:40:ea:f2:8a:ae:58:26:e4:80:b9:7b:23:e3:36:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 9 12:44:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa733f0fa5b66d65d980a9c64249b42757a89205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3e:a0:f3:7f:94:e1:12:af:98:f9:31:0a:ec:
b1:40:b4:83:28:57:f6:0b:73:a1:43:59:2e:84:6d:
cf:b3:9a:cf:88:8d:fd:ff:9a:3f:5d:a2:c6:47:99:
dd:51:82:3b:55:91:a7:31:b9:b3:5d:21:7d:97:ed:
a5:aa:34:4f:5d:43:d1:3b:83:3f:ef:44:dc:d6:1a:
bb:58:e3:24:54:21:3e:c1:85:22:ba:df:06:9b:59:
af:ac:46:22:83:f9:4c:57:0e:d7:51:2c:dd:96:7e:
f9:5a:05:14:6e:c8:80:11:c6:1a:0f:6f:63:2d:7b:
48:02:e6:ba:44:ea:e5:ad:1d:9b:2a:12:4f:b7:d0:
f6:0e:46:28:e4:00:d8:67:73:c8:a8:a9:df:86:ec:
51:df:7b:d1:55:45:75:0d:f2:d7:de:67:c3:c4:10:
0c:10:76:66:49:2f:6b:1a:eb:dc:af:76:55:48:1e:
aa:46:79:67:c7:8b:9a:b1:f5:96:be:20:83:85:d8:
f3:0b:07:3b:dc:fd:c6:6c:1d:ae:34:87:24:ec:ee:
26:91:8c:0b:b7:be:9f:1e:41:5d:6f:65:8a:c3:6b:
97:49:af:70:1c:64:7f:a8:d4:09:6d:d0:44:de:db:
73:98:eb:32:be:f2:4e:55:ee:28:8e:64:b7:1b:3a:
17:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:73:3F:0F:A5:B6:6D:65:D9:80:A9:C6:42:49:B4:27:57:A8:92:05
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qnM_D6W2bWXZgKnGQkm0J1eokgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
193.124.47.0/24
193.124.95.0/24
194.58.66.0/24
194.87.26.0/24
194.87.128.0/24
194.87.169.0-194.87.170.255
194.87.224.0/24
194.87.229.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.25.0/24
195.133.27.0/24
195.133.74.0/24
195.133.84.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
71:43:7d:36:a9:be:80:8d:32:43:af:85:83:36:32:af:46:61:
36:ba:53:fb:fb:9d:5a:f8:1d:6a:a5:7f:4b:3c:cb:84:a5:d7:
26:ba:24:1e:50:b9:4f:d8:85:54:85:75:08:ae:6b:86:f2:72:
c6:dc:55:7d:43:82:25:90:a4:41:ac:ab:2f:dd:a9:e5:71:08:
c8:c4:4a:20:6a:3a:bc:aa:14:92:32:25:9c:82:21:52:cd:f1:
65:72:ef:c8:69:66:21:ac:f7:5e:e4:00:19:bd:cd:c3:49:e8:
79:57:93:9c:02:9f:2f:c8:a3:c1:44:d7:03:e7:63:69:3b:c1:
e7:dc:ad:6d:a2:88:46:7a:be:68:1d:bc:82:4d:2b:df:ac:79:
2a:7b:ea:b8:da:46:99:f2:0e:75:88:7a:0d:1c:5a:e3:04:f8:
4b:65:ab:c9:0f:58:af:07:20:45:be:bf:03:f8:22:b2:4a:9d:
b5:ba:08:74:39:c6:f5:c3:78:b2:6c:f3:a9:8b:43:e3:75:60:
a2:d0:f1:b8:c5:87:5b:2f:d8:53:36:46:40:76:15:44:db:f2:
37:67:e4:1d:ce:cd:b4:f7:b4:48:37:15:fd:fa:b3:43:96:87:
bb:6b:10:2b:ab:e6:f9:30:ac:2f:d0:9a:9e:16:b3:ec:f4:bc:
08:b8:e3:4b
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYzuQOryiq5YJuSAuXsj4zb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA5MTI0NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTczM2YwZmE1YjY2ZDY1ZDk4MGE5YzY0MjQ5YjQyNzU3YTg5MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz6g83+U4RKvmPkxCuyxQLSDKFf2
C3OhQ1kuhG3Ps5rPiI39/5o/XaLGR5ndUYI7VZGnMbmzXSF9l+2lqjRPXUPRO4M/
70Tc1hq7WOMkVCE+wYUiut8Gm1mvrEYig/lMVw7XUSzdln75WgUUbsiAEcYaD29j
LXtIAua6ROrlrR2bKhJPt9D2DkYo5ADYZ3PIqKnfhuxR33vRVUV1DfLX3mfDxBAM
EHZmSS9rGuvcr3ZVSB6qRnlnx4uasfWWviCDhdjzCwc73P3GbB2uNIck7O4mkYwL
t76fHkFdb2WKw2uXSa9wHGR/qNQJbdBE3ttzmOsyvvJOVe4ojmS3GzoXZwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKpzPw+ltm1l2YCpxkJJtCdXqJIFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcW5NX0Q2VzJiV1haZ0tuR1FrbTBKMWVva2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAD5M
4wMEAMF8LwMEAMF8XwMEAMI6QgMEAMJXGgMEAMJXgDAMAwQAwlepAwQAwleqAwQA
wlfgAwQAwlflAwQAwochAwQAwzo2AwQAwzo/AwQAw4UZAwQAw4UbAwQAw4VKAwQA
w4VUAwQA1MABAwQA1MDWAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQBxQ302qb6A
jTJDr4WDNjKvRmE2ulP7+51a+B1qpX9LPMuEpdcmuiQeULlP2IVUhXUIrmuG8nLG
3FV9Q4IlkKRBrKsv3anlcQjIxEogajq8qhSSMiWcgiFSzfFlcu/IaWYhrPde5AAZ
vc3DSeh5V5OcAp8vyKPBRNcD52NpO8Hn3K1toohGer5oHbyCTSvfrHkqe+q42kaZ
8g51iHoNHFrjBPhLZavJD1ivByBFvr8D+CKySp21ugh0Ocb1w3iybPOpi0PjdWCi
0PG4xYdbL9hTNkZAdhVE2/I3Z+Qdzs2097RINxX9+rNDloe7axArq+b5MKwv0Jqe
FrPs9LwIuONL
-----END CERTIFICATE-----
Generated at Wed Jan 10 16:51:17 2024 by rpki-client on console-ams.rpki-client.org