Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rK5BwCNZcxPhbenYKhUmLBnykvo.roa
File: rK5BwCNZcxPhbenYKhUmLBnykvo.roa (raw, json)
Hash identifier: 6Vo5SnVoE3UMYpoHKQmUZtLsEWODpdTipXfQ/CZGf8g=
Subject key identifier: AC:AE:41:C0:23:59:73:13:E1:6D:E9:D8:2A:15:26:2C:19:F2:92:FA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01916F34976B9CBC4421CADE2D7B092FFEE0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rK5BwCNZcxPhbenYKhUmLBnykvo.roa
Signing time: Tue 20 Aug 2024 09:53:23 +0000
ROA not before: Tue 20 Aug 2024 09:53:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.57.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.62.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:34:97:6b:9c:bc:44:21:ca:de:2d:7b:09:2f:fe:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 20 09:53:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acae41c023597313e16de9d82a15262c19f292fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ff:06:38:e0:a7:ce:61:f0:b9:27:5d:c5:c2:51:
65:0e:45:e9:4a:d2:fb:fa:f3:b9:38:02:98:4f:45:
13:74:61:e3:7a:16:8a:b7:78:0e:76:55:cd:fa:61:
09:39:34:d4:2c:59:23:6b:34:2d:1b:7e:45:d8:ae:
3b:57:fd:3f:5f:b6:03:04:92:aa:b9:bd:5b:1c:84:
33:2a:7f:37:3d:27:51:d4:ac:e5:5c:c6:90:8d:ca:
6b:d8:74:0c:0f:ea:8e:13:58:33:eb:f1:41:02:cc:
db:86:58:a1:3d:8c:34:38:01:ad:43:8d:b8:13:f9:
b3:90:0f:df:17:77:ee:01:3a:cf:76:cd:60:17:b6:
de:6f:d5:36:a2:12:57:ff:e2:d9:01:25:51:60:8f:
29:be:45:ea:3e:a2:8b:20:ab:2c:bc:e7:91:30:87:
14:f0:96:41:7a:dd:9c:99:74:e3:0c:7f:67:e2:57:
a7:77:38:3d:1e:20:56:4a:66:8d:b1:ff:b2:5f:ae:
2f:91:3e:09:fc:95:7e:c4:23:2b:e0:7e:62:29:21:
7a:2d:0e:00:6d:d3:21:33:51:9e:43:4e:aa:ae:18:
0f:2e:d3:db:bd:3b:c9:dd:af:8b:ce:01:52:9f:21:
db:dd:31:49:61:32:e7:f9:13:a3:27:43:3c:6d:f9:
9c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:AE:41:C0:23:59:73:13:E1:6D:E9:D8:2A:15:26:2C:19:F2:92:FA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rK5BwCNZcxPhbenYKhUmLBnykvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.180.0/22
192.124.188.0/24
192.124.190.0/24
193.124.4.0/24
194.87.24.0/24
194.87.33.0/24
194.87.90.0/24
194.87.178.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.33.0/24
195.133.31.0/24
195.133.35.0/24
195.133.56.0/23
195.133.60.0-195.133.62.255
195.133.94.0/24
212.192.8.0/24
212.192.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:8b:d7:94:f8:6c:49:ec:a1:a4:a7:d5:8d:19:17:6a:bf:ae:
2e:07:4d:dc:7d:2a:98:6f:77:45:78:f8:8c:50:2f:b8:d2:37:
2d:84:49:14:3f:06:69:af:1a:65:73:04:2f:d1:41:88:6c:45:
4b:b5:d5:35:6c:2c:8a:e7:69:89:c3:88:3b:21:47:b6:a2:f4:
76:45:6b:da:b8:3a:6f:41:2b:40:aa:db:21:68:b2:7d:1f:cd:
e2:59:ad:7f:10:3b:9e:6f:50:90:88:86:83:43:4f:66:ce:cc:
a4:b7:48:cc:b2:fc:93:7e:8a:ee:30:91:37:c7:19:37:c6:08:
71:77:e2:9d:d1:97:1a:96:03:4c:99:96:54:80:5f:ec:49:ca:
0e:65:aa:39:ba:9b:82:d6:63:e2:1e:3a:db:ff:5e:5a:27:b3:
3e:81:85:4d:16:db:d5:ca:64:1b:78:4d:cb:c1:89:83:6d:34:
44:92:99:b1:95:c7:24:aa:70:73:18:e4:26:af:1e:a9:6c:64:
7b:d9:f1:2a:19:8f:7a:1f:77:45:09:9d:ee:49:81:bd:4d:1d:
df:45:6e:32:98:94:0b:6b:da:b6:04:cc:09:f5:34:8c:9b:b7:
44:76:21:80:43:38:da:64:17:d0:96:74:2f:b1:98:76:77:28:
3e:b6:dc:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZFvNJdrnLxEIcreLXsJL/7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODIwMDk1MzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2FlNDFjMDIzNTk3MzEzZTE2ZGU5ZDgyYTE1MjYyYzE5ZjI5MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/wY44KfOYfC5J13FwlFlDkXpStL7
+vO5OAKYT0UTdGHjehaKt3gOdlXN+mEJOTTULFkjazQtG35F2K47V/0/X7YDBJKq
ub1bHIQzKn83PSdR1KzlXMaQjcpr2HQMD+qOE1gz6/FBAszbhlihPYw0OAGtQ424
E/mzkA/fF3fuATrPds1gF7beb9U2ohJX/+LZASVRYI8pvkXqPqKLIKssvOeRMIcU
8JZBet2cmXTjDH9n4lendzg9HiBWSmaNsf+yX64vkT4J/JV+xCMr4H5iKSF6LQ4A
bdMhM1GeQ06qrhgPLtPbvTvJ3a+LzgFSnyHb3TFJYTLn+ROjJ0M8bfmcdwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFKyuQcAjWXMT4W3p2CoVJiwZ8pL6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcks1QndDTlpjeFBoYmVuWUtoVW1MQm55a3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAA+
TOMDBAC5SAoDBALAfLQDBADAfLwDBADAfL4DBADBfAQDBADCVxgDBADCVyEDBADC
V1oDBADCV7IDBADCV+ADBADCV+UDBADCV+cDBADChyEDBADDhR8DBADDhSMDBAHD
hTgwDAMEAsOFPAMEAMOFPgMEAMOFXgMEANTACAMEANTA8jANBgkqhkiG9w0BAQsF
AAOCAQEAXIvXlPhsSeyhpKfVjRkXar+uLgdN3H0qmG93RXj4jFAvuNI3LYRJFD8G
aa8aZXMEL9FBiGxFS7XVNWwsiudpicOIOyFHtqL0dkVr2rg6b0ErQKrbIWiyfR/N
4lmtfxA7nm9QkIiGg0NPZs7MpLdIzLL8k36K7jCRN8cZN8YIcXfindGXGpYDTJmW
VIBf7EnKDmWqObqbgtZj4h462/9eWiezPoGFTRbb1cpkG3hNy8GJg200RJKZsZXH
JKpwcxjkJq8eqWxke9nxKhmPeh93RQmd7kmBvU0d30VuMpiUC2vatgTMCfU0jJu3
RHYhgEM42mQX0JZ0L7GYdncoPrbcoQ==
-----END CERTIFICATE-----
Generated at Tue Oct 8 18:03:46 2024 by rpki-client on console-ams.rpki-client.org