Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/slZUvd05safuWJtHzt12V5PRSwA.roa
File: slZUvd05safuWJtHzt12V5PRSwA.roa (raw, json)
Hash identifier: n4CUJHJP6/TY6BqrF9DMQsGzGYBgWGojSYCw40b7k5w=
Subject key identifier: B2:56:54:BD:DD:39:B1:A7:EE:58:9B:47:CE:DD:76:57:93:D1:4B:00
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193C0B4B177E0F0E6E2259FD8A4AB463227
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/slZUvd05safuWJtHzt12V5PRSwA.roa
Signing time: Fri 13 Dec 2024 15:48:07 +0000
ROA not before: Fri 13 Dec 2024 15:48:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:b4:b1:77:e0:f0:e6:e2:25:9f:d8:a4:ab:46:32:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 15:48:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b25654bddd39b1a7ee589b47cedd765793d14b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:89:20:a6:5f:0b:d6:4c:ba:43:af:68:04:7e:
d7:6b:3d:c3:e7:ab:99:46:9e:7f:59:b1:25:36:72:
51:82:05:2b:2d:fc:6e:86:75:07:5d:ed:50:30:cc:
85:f7:c2:27:75:af:7e:60:f7:ed:6c:e3:4f:f9:20:
2b:42:54:ca:d8:41:b4:b3:a4:14:82:1f:68:21:3c:
45:05:a0:67:06:68:8f:06:dc:cf:d3:41:a9:4c:38:
bd:ff:e1:fb:61:7d:cd:ca:6b:6d:fe:e0:3d:bb:11:
a5:f8:2e:0f:6a:39:47:06:28:8e:02:14:47:e5:57:
f8:10:f9:27:37:0f:1c:c3:4d:eb:db:f4:86:c4:82:
3c:59:ed:ea:51:0a:b5:e0:8d:6c:4f:33:a7:f5:52:
66:c0:95:b7:48:cb:82:94:fa:92:72:b9:f4:1d:48:
10:e4:58:ab:b7:f2:1f:d6:a1:c4:e3:76:62:66:12:
6e:46:50:71:2e:ae:1c:5a:90:8b:46:82:0f:b2:7f:
c4:fc:c6:2e:7b:5f:d5:9a:dc:59:72:eb:18:a7:2d:
98:b2:d5:ea:6b:4f:0d:3d:f7:74:51:5f:06:95:58:
e1:3b:32:c4:fb:95:5e:c8:26:1c:af:af:9d:57:1d:
ff:d8:d1:78:b0:2f:af:41:3a:ca:24:e2:3f:7d:37:
a7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:56:54:BD:DD:39:B1:A7:EE:58:9B:47:CE:DD:76:57:93:D1:4B:00
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/slZUvd05safuWJtHzt12V5PRSwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
62.76.235.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.91.0/24
193.124.94.0/24
193.124.133.0/24
193.124.226.0/24
194.58.43.0/24
194.58.58.0/24
194.58.60.0/24
194.58.67.0/24
194.87.6.0/23
194.87.16.0/24
194.87.34.0/24
194.87.42.0/24
194.87.63.0/24
194.87.78.0/24
194.87.116.0/23
194.87.120.0/23
194.87.160.0/24
194.87.163.0/24
194.87.176.0/23
194.87.180.0-194.87.182.255
194.135.23.0-194.135.24.255
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.19.0/24
195.133.58.0/24
195.133.80.0/24
195.133.82.0/24
195.133.195.0/24
212.192.210.0/23
212.193.10.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f8:94:27:ad:ea:01:ce:c2:39:1c:47:83:6d:3d:b9:2e:05:
7f:3f:6f:a0:ce:71:af:b3:5b:ac:bc:ea:b9:46:4e:33:75:19:
fc:2b:c6:e0:e1:d6:e4:f7:88:cd:51:95:0e:33:72:7c:7d:a0:
9a:3c:3d:04:80:61:3f:b0:bc:59:8b:cc:ad:86:19:51:41:10:
69:83:05:4a:af:94:7d:26:b0:e5:ac:21:c4:6c:21:c6:f5:87:
41:71:17:61:1b:15:3e:1f:72:b9:d3:36:63:07:f0:ac:af:23:
22:0d:00:f1:b2:73:76:0f:f0:5b:fc:b2:c1:2a:41:33:66:1d:
15:e5:42:5a:d8:3c:53:d2:92:2c:70:58:84:c8:04:61:52:89:
b3:27:46:a9:b6:ce:17:22:bc:d8:cd:cf:d3:f1:ba:ea:26:79:
35:b1:0b:4d:c0:67:fc:51:58:05:a0:0a:d3:34:cf:fe:61:44:
65:f7:4b:80:ac:12:9e:67:fb:5c:f7:08:60:4b:de:de:be:fe:
89:50:2a:c0:aa:e1:8e:6c:e1:e9:ea:2f:df:b4:ce:ea:2a:e2:
c2:06:fc:76:2f:e3:61:77:91:5b:1c:c2:23:8c:14:ab:72:0c:
45:6c:42:2e:d0:1d:f6:fd:19:35:0b:77:c3:c1:9d:64:54:88:
c0:60:27:56
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZPAtLF34PDm4iWf2KSrRjInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMTU0ODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU2NTRiZGRkMzliMWE3ZWU1ODliNDdjZWRkNzY1NzkzZDE0YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44kgpl8L1ky6Q69oBH7Xaz3D56uZ
Rp5/WbElNnJRggUrLfxuhnUHXe1QMMyF98Inda9+YPftbONP+SArQlTK2EG0s6QU
gh9oITxFBaBnBmiPBtzP00GpTDi9/+H7YX3Nymtt/uA9uxGl+C4PajlHBiiOAhRH
5Vf4EPknNw8cw03r2/SGxII8We3qUQq14I1sTzOn9VJmwJW3SMuClPqScrn0HUgQ
5Firt/If1qHE43ZiZhJuRlBxLq4cWpCLRoIPsn/E/MYue1/VmtxZcusYpy2YstXq
a08NPfd0UV8GlVjhOzLE+5VeyCYcr6+dVx3/2NF4sC+vQTrKJOI/fTen4wIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFLJWVL3dObGn7libR87ddleT0UsAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc2xaVXZkMDVzYWZ1V0p0SHp0MTJWNVBSU3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQAPkznAwQAPkzrAwQAwXwDAwQAwXwGAwQAwXwIAwQAwXxbAwQAwXxeAwQAwXyF
AwQAwXziAwQAwjorAwQAwjo6AwQAwjo8AwQAwjpDAwQBwlcGAwQAwlcQAwQAwlci
AwQAwlcqAwQAwlc/AwQAwldOAwQBwld0AwQBwld4AwQAwlegAwQAwlejAwQBwlew
MAwDBALCV7QDBADCV7YwDAMEAMKHFwMEAMKHGDAMAwQAwzo3AwQAwzo4AwQAwzo7
AwQAwzo+AwQAw4UMAwQAw4UTAwQAw4U6AwQAw4VQAwQAw4VSAwQAw4XDAwQB1MDS
AwQA1MEKAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQCJ+JQnreoBzsI5HEeDbT25
LgV/P2+gznGvs1usvOq5Rk4zdRn8K8bg4dbk94jNUZUOM3J8faCaPD0EgGE/sLxZ
i8ythhlRQRBpgwVKr5R9JrDlrCHEbCHG9YdBcRdhGxU+H3K50zZjB/CsryMiDQDx
snN2D/Bb/LLBKkEzZh0V5UJa2DxT0pIscFiEyARhUomzJ0apts4XIrzYzc/T8brq
Jnk1sQtNwGf8UVgFoArTNM/+YURl90uArBKeZ/tc9whgS97evv6JUCrAquGObOHp
6i/ftM7qKuLCBvx2L+Nhd5FbHMIjjBSrcgxFbEIu0B32/Rk1C3fDwZ1kVIjAYCdW
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:42:41 2025 by rpki-client