Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rwhj_Z9vOiQKG1rNYdJoVqq4v4s.roa
File: rwhj_Z9vOiQKG1rNYdJoVqq4v4s.roa (raw, json)
Hash identifier: Z9BROpGzpVW1pTGRoUaHkda62YEdfu9p06iDGrDncg4=
Subject key identifier: AF:08:63:FD:9F:6F:3A:24:0A:1B:5A:CD:61:D2:68:56:AA:B8:BF:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01897404689458E3170766E5C2DE2BB8B902
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rwhj_Z9vOiQKG1rNYdJoVqq4v4s.roa
Signing time: Thu 20 Jul 2023 15:56:33 +0000
ROA not before: Thu 20 Jul 2023 15:56:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 193.124.227.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 17:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:04:68:94:58:e3:17:07:66:e5:c2:de:2b:b8:b9:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 20 15:56:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af0863fd9f6f3a240a1b5acd61d26856aab8bf8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:27:b5:fa:34:52:dc:a4:ef:2a:5e:ae:8c:09:
95:24:fa:72:1a:25:cd:6b:1f:6c:b9:7e:83:eb:f7:
87:d6:c4:98:ba:c5:9f:d3:e5:a3:e3:62:b6:01:be:
17:b7:af:18:03:8f:02:d2:59:0c:1d:57:16:72:7f:
eb:f7:c5:25:20:b4:0b:aa:96:75:cb:3a:e4:98:3f:
7d:e6:fd:dd:84:30:09:d3:4a:c4:1b:cc:61:7d:34:
dd:16:af:7f:bd:02:34:3a:96:85:34:dd:c9:59:a7:
32:0e:fd:11:df:55:ca:e4:80:76:69:9b:15:4c:f4:
b4:8c:42:85:a5:17:f3:81:8a:65:ea:e1:b7:40:4e:
a1:c7:3e:30:d7:eb:87:b5:b8:28:5d:04:b4:83:51:
82:cc:ed:0b:1b:f3:ab:12:01:50:8a:a7:ab:31:3e:
67:9c:c2:83:51:e2:5f:99:7f:a1:f7:d9:e7:d3:b3:
a5:c2:27:34:95:53:57:33:59:2d:46:b3:b7:c4:a0:
e6:64:e7:f7:57:76:c9:2a:c9:ce:ff:c6:37:90:1b:
a9:4e:77:fb:fb:58:9a:11:92:e0:61:15:18:7d:63:
67:11:0c:f4:8f:8b:e8:64:13:85:e0:f7:dc:52:64:
80:9c:d6:cf:ba:ed:30:8c:4c:d0:d2:f4:8c:16:d4:
9c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:08:63:FD:9F:6F:3A:24:0A:1B:5A:CD:61:D2:68:56:AA:B8:BF:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rwhj_Z9vOiQKG1rNYdJoVqq4v4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.18.0/24
193.124.49.0/24
193.124.227.0/24
194.87.23.0/24
194.87.53.0/24
194.87.160.0/24
194.87.243.0/24
194.135.23.0/24
194.135.46.0/24
195.133.37.0/24
Signature Algorithm: sha256WithRSAEncryption
19:81:ba:e0:26:e4:7b:d2:67:53:ad:e2:37:c8:da:83:06:e9:
ba:7d:f8:0f:c6:fa:32:08:42:34:ab:44:41:0b:de:49:a7:0a:
ed:77:1b:ea:60:32:fd:ea:29:6d:d0:e0:b1:08:29:7b:58:8a:
ea:9e:b0:08:92:21:ff:1e:25:a8:03:2f:57:c6:81:c9:f0:c0:
88:1c:22:81:87:eb:e5:48:34:7a:78:0a:cc:27:dc:ed:b5:b0:
c5:2c:aa:62:a6:02:06:61:83:ba:69:22:11:0f:f3:7d:40:29:
a3:03:0c:1f:66:d9:b1:06:f5:2f:dd:ed:1d:21:5d:81:3e:3a:
94:85:72:bb:3a:0c:0f:55:11:dd:4a:6e:4a:45:99:07:5e:00:
4e:52:aa:04:40:de:58:cc:5d:8a:8e:cb:67:f0:02:b3:ad:8d:
25:93:d4:a7:ef:ab:f4:34:e6:84:8d:0a:5a:a1:7f:2b:17:1f:
c3:3e:56:da:4a:d3:e4:9f:8c:65:9a:82:d5:c5:23:58:ff:94:
f2:f4:96:66:6f:6b:a1:08:f3:18:17:61:02:db:39:16:5a:ce:
24:f8:74:37:f9:7d:3a:e5:97:ee:70:05:b4:77:6b:cf:97:ca:
b1:66:7f:e7:e0:3b:d7:27:85:c4:34:e4:35:08:41:cf:bd:a2:
18:7b:46:99
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYl0BGiUWOMXB2blwt4ruLkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTU1NjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA4NjNmZDlmNmYzYTI0MGExYjVhY2Q2MWQyNjg1NmFhYjhiZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ie1+jRS3KTvKl6ujAmVJPpyGiXN
ax9suX6D6/eH1sSYusWf0+Wj42K2Ab4Xt68YA48C0lkMHVcWcn/r98UlILQLqpZ1
yzrkmD995v3dhDAJ00rEG8xhfTTdFq9/vQI0OpaFNN3JWacyDv0R31XK5IB2aZsV
TPS0jEKFpRfzgYpl6uG3QE6hxz4w1+uHtbgoXQS0g1GCzO0LG/OrEgFQiqerMT5n
nMKDUeJfmX+h99nn07Olwic0lVNXM1ktRrO3xKDmZOf3V3bJKsnO/8Y3kBupTnf7
+1iaEZLgYRUYfWNnEQz0j4voZBOF4PfcUmSAnNbPuu0wjEzQ0vSMFtSc8wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFK8IY/2fbzokChtazWHSaFaquL+LMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcndoal9aOXZPaVFLRzFyTllkSm9WcXE0djRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwlegAwQAwlfzAwQAwocXAwQA
wocuAwQAw4UlMA0GCSqGSIb3DQEBCwUAA4IBAQAZgbrgJuR70mdTreI3yNqDBum6
ffgPxvoyCEI0q0RBC95JpwrtdxvqYDL96ilt0OCxCCl7WIrqnrAIkiH/HiWoAy9X
xoHJ8MCIHCKBh+vlSDR6eArMJ9zttbDFLKpipgIGYYO6aSIRD/N9QCmjAwwfZtmx
BvUv3e0dIV2BPjqUhXK7OgwPVRHdSm5KRZkHXgBOUqoEQN5YzF2Kjstn8AKzrY0l
k9Sn76v0NOaEjQpaoX8rFx/DPlbaStPkn4xlmoLVxSNY/5Ty9JZmb2uhCPMYF2EC
2zkWWs4k+HQ3+X065ZfucAW0d2vPl8qxZn/n4DvXJ4XENOQ1CEHPvaIYe0aZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org