Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rzjI3BBBf6k-rJbCophTuJ5myxM.roa
File: rzjI3BBBf6k-rJbCophTuJ5myxM.roa (raw, json)
Hash identifier: 70hIG7h+dtQte6w19drnxXbLmaDVuZFDjSN5wHdpbxY=
Subject key identifier: AF:38:C8:DC:10:41:7F:A9:3E:AC:96:C2:A2:98:53:B8:9E:66:CB:13
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01858199DB81B5D8349483370D5EC27A1BC7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rzjI3BBBf6k-rJbCophTuJ5myxM.roa
Signing time: Thu 05 Jan 2023 11:03:41 +0000
ROA not before: Thu 05 Jan 2023 11:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.4.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 13:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:99:db:81:b5:d8:34:94:83:37:0d:5e:c2:7a:1b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 5 11:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af38c8dc10417fa93eac96c2a29853b89e66cb13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:38:09:61:ee:bb:0c:42:bf:89:ce:57:34:7d:
51:89:ee:c2:87:08:4f:9a:a6:8c:89:7e:c6:50:7e:
47:d7:7b:ca:93:d3:42:15:63:51:79:e7:fc:68:09:
18:ac:72:2c:2d:e1:0d:43:e7:04:a5:bc:63:b8:39:
23:31:95:3c:35:47:dd:e2:47:08:1c:20:c8:ff:c1:
c3:4a:ef:24:42:c3:58:13:de:9d:e8:9e:02:37:bc:
d7:91:22:a0:03:96:3a:42:55:6b:94:b6:61:67:ac:
54:57:5d:09:23:d7:11:e9:a2:d2:1d:2a:8e:ed:c4:
5c:8c:9c:87:0d:87:73:e7:db:45:fc:17:d4:37:ae:
c4:a6:35:8b:54:61:ee:aa:2f:e5:ac:9a:6d:c0:12:
1d:54:ee:9d:80:ab:cf:18:fb:84:43:46:32:1e:0c:
07:83:30:8c:b3:8d:5b:06:3c:44:84:01:d5:29:e0:
37:a5:f5:7f:d1:3d:30:2a:a1:bf:3f:0c:04:aa:a4:
b1:9e:7e:21:d0:28:0f:94:69:a8:45:f8:58:09:af:
53:7a:5d:8e:14:00:73:89:94:f4:27:64:ad:8c:f9:
06:fc:ca:ca:3e:78:bb:14:e3:1f:e1:77:2a:26:66:
ad:45:5d:73:d5:70:82:55:20:c1:dc:88:cd:9a:72:
e3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:38:C8:DC:10:41:7F:A9:3E:AC:96:C2:A2:98:53:B8:9E:66:CB:13
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rzjI3BBBf6k-rJbCophTuJ5myxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.3.0-193.124.4.255
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.41.0/24
193.124.93.0/24
193.124.125.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/23
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.58.0/23
194.87.7.0/24
194.87.24.0/22
194.87.36.0/24
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.190.0/24
194.87.198.0-194.87.200.255
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.30.0/24
212.192.222.0/24
212.193.0.0/24
212.193.8.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
03:49:87:f3:95:57:11:a9:e8:4c:23:2a:ff:d6:79:35:e3:f0:
42:e5:56:60:e5:f5:4e:2d:d6:00:04:3c:ab:94:d8:19:a1:bf:
2f:ed:19:e8:f3:e1:10:dd:e9:1d:65:3e:5f:d8:d7:1b:21:ac:
f3:0e:5e:c4:68:62:61:c7:90:2e:d7:0e:b3:9d:fa:ef:3a:c7:
ce:4d:9d:a4:0f:a8:7a:79:8a:4e:cd:51:09:87:ee:e4:49:98:
50:f5:66:cd:22:07:2c:67:eb:7a:6f:34:89:e0:24:ac:12:d8:
45:ac:e6:e4:18:68:8a:7f:03:a1:22:e0:ce:07:66:cc:6c:83:
d3:72:f5:b5:0e:e4:49:97:ec:e0:b7:d3:b0:75:90:b6:0a:bc:
dd:b9:33:a5:a6:5d:0f:b0:5c:67:8f:e2:f7:d5:69:c9:d4:d8:
c0:e3:69:4b:de:0e:51:3d:42:0f:69:14:8e:72:5a:eb:e4:3c:
f9:df:52:07:45:02:bf:6c:1f:ca:b9:0b:ff:8f:5c:7a:a6:df:
52:d6:41:02:9e:da:cf:5f:be:b5:b2:09:aa:f0:97:86:40:79:
2a:f3:c0:aa:86:b9:1a:ed:8b:fe:63:97:53:5b:23:69:4d:e5:
46:c0:0c:36:c4:3f:5e:b8:51:75:94:28:df:14:fb:43:f4:04:
58:78:e1:8c
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgISAYWBmduBtdg0lIM3DV7CehvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA1MTEwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM4YzhkYzEwNDE3ZmE5M2VhYzk2YzJhMjk4NTNiODllNjZjYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzgJYe67DEK/ic5XNH1Rie7ChwhP
mqaMiX7GUH5H13vKk9NCFWNReef8aAkYrHIsLeENQ+cEpbxjuDkjMZU8NUfd4kcI
HCDI/8HDSu8kQsNYE96d6J4CN7zXkSKgA5Y6QlVrlLZhZ6xUV10JI9cR6aLSHSqO
7cRcjJyHDYdz59tF/BfUN67EpjWLVGHuqi/lrJptwBIdVO6dgKvPGPuEQ0YyHgwH
gzCMs41bBjxEhAHVKeA3pfV/0T0wKqG/PwwEqqSxnn4h0CgPlGmoRfhYCa9Tel2O
FABziZT0J2StjPkG/MrKPni7FOMf4XcqJmatRV1z1XCCVSDB3IjNmnLjBQIDAQAB
o4IDizCCA4cwHQYDVR0OBBYEFK84yNwQQX+pPqyWwqKYU7ieZssTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcnpqSTNCQkJmNmstckpiQ29waFR1SjVteXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnwYIKwYBBQUHAQcBAf8EggGOMIIBijCCAYYEAgABMIIB
fgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vjAMAwQAwXwDAwQAwXwEAwQA
wXwGAwQAwXwIAwQAwXwSAwQAwXwpAwQAwXxdAwQAwXx9AwQAwXyFAwQAwXzJAwQA
wXzLAwQAwXzPAwQBwjomAwQAwjoqMAwDBADCOi0DBATCOiADBAHCOjoDBADCVwcD
BALCVxgDBADCVyQDBADCVzgDBADCV0wDBAHCV1IDBADCV2gDBADCV3QDBADCV3YD
BADCV3sDBADCV4gDBAHCV4oDBADCV5UDBADCV6MDBADCV6UwDAMEAMJXqwMEAMJX
rAMEAMJXsAMEAMJXtgMEAMJXvjAMAwQBwlfGAwQAwlfIAwQAwlfKAwQBwlfQAwQB
wlfeAwQAwlfpAwQAwzoyMAwDBALDOjQDBAbDOgADBADDhQwDBADDhTcDBADDhV4D
BADDhcMDBAHUwAADBADUwAoDBADUwB4DBADUwN4DBADUwQADBADUwQgDBADUwQww
DQYJKoZIhvcNAQELBQADggEBAANJh/OVVxGp6EwjKv/WeTXj8ELlVmDl9U4t1gAE
PKuU2Bmhvy/tGejz4RDd6R1lPl/Y1xshrPMOXsRoYmHHkC7XDrOd+u86x85NnaQP
qHp5ik7NUQmH7uRJmFD1Zs0iByxn63pvNIngJKwS2EWs5uQYaIp/A6Ei4M4HZsxs
g9Ny9bUO5EmX7OC307B1kLYKvN25M6WmXQ+wXGeP4vfVacnU2MDjaUveDlE9Qg9p
FI5yWuvkPPnfUgdFAr9sH8q5C/+PXHqm31LWQQKe2s9fvrWyCarwl4ZAeSrzwKqG
uRrti/5jl1NbI2lN5UbADDbEP164UXWUKN8U+0P0BFh44Yw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org