Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tFju87pFwW9v3isxowuQ4cj7fIU.roa
File: tFju87pFwW9v3isxowuQ4cj7fIU.roa (raw, json)
Hash identifier: 8kh/moOzk+4vp7L8eTfx3SCCbFnuB8uCQYI4reicbfQ=
Subject key identifier: B4:58:EE:F3:BA:45:C1:6F:6F:DE:2B:31:A3:0B:90:E1:C8:FB:7C:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185958F6978AF891496CF313DBB6CEB7AC0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tFju87pFwW9v3isxowuQ4cj7fIU.roa
Signing time: Mon 09 Jan 2023 08:04:41 +0000
ROA not before: Mon 09 Jan 2023 08:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:8f:69:78:af:89:14:96:cf:31:3d:bb:6c:eb:7a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 9 08:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b458eef3ba45c16f6fde2b31a30b90e1c8fb7c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:79:e1:f2:05:72:05:fd:c0:c0:bf:49:a5:
63:1d:f1:e0:3b:db:a1:db:39:9f:d2:d1:8f:fb:0d:
1b:7a:cb:b1:13:d1:c0:48:57:74:e2:0f:6a:ce:06:
28:e0:d2:9b:9d:00:41:11:0a:31:c4:3b:6a:85:07:
ef:37:6d:31:f3:ed:67:6d:be:76:e4:d4:c1:be:c8:
e7:04:22:e1:d0:ff:27:df:ff:74:75:b9:4b:c7:5e:
50:06:e8:f0:9c:02:67:6e:e3:83:be:17:87:27:ed:
1c:40:26:04:75:20:60:c5:d2:f8:37:5e:e0:e0:0e:
55:23:25:fb:eb:1a:f9:7f:89:e5:f3:96:1a:c0:99:
82:0c:9e:f5:dd:f6:67:11:98:24:ba:ea:3b:f5:0f:
10:57:ff:6d:ef:7d:11:39:53:5b:34:ed:d3:75:e8:
f7:cd:42:3f:9f:16:d7:f5:3b:c4:d9:30:53:88:22:
d7:83:ad:9c:6f:a5:67:9d:be:99:38:8d:64:86:ab:
67:0f:57:2d:b6:fa:de:21:30:f5:aa:30:54:dc:ca:
ad:b7:c8:0c:08:6f:93:44:15:69:7b:2a:16:0d:ee:
13:94:7c:8c:fe:3d:cc:0f:9a:15:35:1c:79:ce:fb:
75:90:20:c2:07:7e:d4:84:37:7e:e7:b6:bd:62:00:
53:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:58:EE:F3:BA:45:C1:6F:6F:DE:2B:31:A3:0B:90:E1:C8:FB:7C:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tFju87pFwW9v3isxowuQ4cj7fIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.45.0/24
193.124.125.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/23
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.6.0/24
194.87.24.0/22
194.87.36.0/24
194.87.56.0/24
194.87.62.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.190.0/24
194.87.198.0/23
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.30.0/24
212.193.0.0/24
212.193.8.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
52:1d:6e:b6:be:dd:b5:50:28:84:bf:1a:e0:39:71:ce:34:8d:
ce:fd:71:36:e6:c1:31:30:7c:6a:dd:d8:f5:76:46:dc:83:e5:
a4:ba:8b:5d:a5:be:21:b5:28:8f:8f:36:8c:d6:dc:a3:db:0d:
8f:e6:4b:00:16:96:f7:4b:3b:40:14:40:7b:6b:f6:20:22:4b:
c2:05:3c:12:79:fd:86:05:68:bc:fa:4a:7f:14:7a:47:3d:b7:
8f:07:3a:1f:55:48:83:b8:a8:a5:37:42:ed:7e:c5:d4:71:67:
8e:66:a4:43:67:0a:70:0b:89:69:22:34:d9:72:30:bc:50:92:
2a:8e:8e:42:05:3f:d0:65:24:42:b1:88:de:1e:c2:2f:c0:9b:
12:3d:8e:60:b9:83:db:a2:e1:43:50:58:12:bd:d9:8a:20:39:
ab:6d:e7:aa:90:7f:03:b3:9e:71:5d:0c:f8:da:ce:28:3e:21:
ee:d1:7e:b2:b9:82:cf:14:43:91:48:e2:e9:9a:4d:2a:34:1b:
e4:e3:26:75:7a:3c:c1:13:56:af:e3:df:a6:40:e5:44:b7:17:
94:0a:ac:99:f7:18:10:f6:39:65:83:f3:f5:99:13:cd:f6:62:
e3:43:2a:c6:26:43:5b:c9:ab:7c:5b:1d:e9:ad:7a:94:9c:85:
af:95:b3:01
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAYWVj2l4r4kUls8xPbts63rAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA5MDgwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDU4ZWVmM2JhNDVjMTZmNmZkZTJiMzFhMzBiOTBlMWM4ZmI3Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7l54fIFcgX9wMC/SaVjHfHgO9uh
2zmf0tGP+w0besuxE9HASFd04g9qzgYo4NKbnQBBEQoxxDtqhQfvN20x8+1nbb52
5NTBvsjnBCLh0P8n3/90dblLx15QBujwnAJnbuODvheHJ+0cQCYEdSBgxdL4N17g
4A5VIyX76xr5f4nl85YawJmCDJ713fZnEZgkuuo79Q8QV/9t730ROVNbNO3Tdej3
zUI/nxbX9TvE2TBTiCLXg62cb6Vnnb6ZOI1khqtnD1cttvreITD1qjBU3Mqtt8gM
CG+TRBVpeyoWDe4TlHyM/j3MD5oVNRx5zvt1kCDCB37UhDd+57a9YgBTwwIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFLRY7vO6RcFvb94rMaMLkOHI+3yFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdEZqdTg3cEZ3Vzl2M2lzeG93dVE0Y2o3ZklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCCAV4EAgABMIIB
VgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8EgMEAMF8LQMEAMF8fQMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAcI6
JgMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcGAwQCwlcYAwQAwlckAwQA
wlc4AwQAwlc+AwQAwldMAwQBwldSAwQAwldoAwQAwld0AwQAwld2AwQAwld7AwQA
wleIAwQBwleKAwQAwleVAwQAwlejAwQAwlelMAwDBADCV6sDBADCV6wDBADCV7AD
BADCV74DBAHCV8YDBAHCV9ADBAHCV94DBADCV+kDBADDOjIwDAMEAsM6NAMEBsM6
AAMEAMOFDAMEAMOFNwMEAMOFXgMEAMOFwwMEAdTAAAMEANTAHgMEANTBAAMEANTB
CAMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEAUh1utr7dtVAohL8a4DlxzjSNzv1x
NubBMTB8at3Y9XZG3IPlpLqLXaW+IbUoj482jNbco9sNj+ZLABaW90s7QBRAe2v2
ICJLwgU8Enn9hgVovPpKfxR6Rz23jwc6H1VIg7iopTdC7X7F1HFnjmakQ2cKcAuJ
aSI02XIwvFCSKo6OQgU/0GUkQrGI3h7CL8CbEj2OYLmD26LhQ1BYEr3ZiiA5q23n
qpB/A7OecV0M+NrOKD4h7tF+srmCzxRDkUji6ZpNKjQb5OMmdXo8wRNWr+PfpkDl
RLcXlAqsmfcYEPY5ZYPz9ZkTzfZi40MqxiZDW8mrfFsd6a16lJyFr5WzAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:13 2023 by rpki-client on console-fra.rpki-client.org