Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tMOKmWquRVwhAkhT9yPffsIEiKw.roa
File: tMOKmWquRVwhAkhT9yPffsIEiKw.roa (raw, json)
Hash identifier: O65FIQ4BmF4km+OzXdO88ZavSkB3FXZGoQjI7n6Kt4I=
Subject key identifier: B4:C3:8A:99:6A:AE:45:5C:21:02:48:53:F7:23:DF:7E:C2:04:88:AC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CF38927E000E9F3F2AFF77984E4FEAE88
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tMOKmWquRVwhAkhT9yPffsIEiKw.roa
Signing time: Wed 10 Jan 2024 13:21:41 +0000
ROA not before: Wed 10 Jan 2024 13:21:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 212.193.13.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 16:16:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:89:27:e0:00:e9:f3:f2:af:f7:79:84:e4:fe:ae:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 10 13:21:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4c38a996aae455c21024853f723df7ec20488ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4d:d0:69:9a:30:ef:c4:78:7c:f3:cb:a3:85:
36:f2:1d:29:b6:5e:ed:6c:2b:f6:2c:a1:32:5c:5e:
88:b8:0d:53:e8:a6:9f:79:c5:10:0c:ff:30:5f:dd:
e8:d1:bf:9f:1a:62:d7:69:cf:25:d9:0b:a2:e0:2d:
d4:df:58:a8:e5:f5:52:dc:1e:89:15:84:f6:8a:f1:
d0:33:c4:f9:ac:6a:9b:09:4a:a5:3e:13:c7:fb:28:
89:9d:2a:e8:c0:40:1b:43:55:4d:5b:3e:9f:15:2d:
ff:da:69:19:32:71:b6:12:33:f8:fc:77:f2:4f:96:
99:4a:0b:81:1e:b8:db:11:8f:b1:8c:9b:05:ba:ca:
bb:1e:4b:04:b0:9f:70:90:55:75:58:e4:b2:fb:d4:
3c:e5:ff:67:70:a0:b4:68:13:7f:56:8d:83:aa:de:
d1:8c:ea:a9:0a:dd:b7:8f:60:df:f9:d3:02:35:82:
fa:44:90:88:59:ba:85:d6:e3:4c:dc:18:89:39:db:
78:5b:81:27:7a:53:ea:8c:3b:31:a1:a5:61:df:7e:
1b:2f:9e:ed:f6:d4:55:ca:35:76:01:65:81:d0:13:
6c:d8:4d:4f:0c:22:a3:a7:c8:f1:86:b1:0f:34:77:
64:7c:b9:87:70:04:c7:34:67:16:1a:8a:78:3a:d4:
6f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C3:8A:99:6A:AE:45:5C:21:02:48:53:F7:23:DF:7E:C2:04:88:AC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tMOKmWquRVwhAkhT9yPffsIEiKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.42.0/24
194.58.66.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.74.0/24
195.133.84.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
60:70:5e:8a:47:81:e2:37:2e:d4:01:c5:0c:7b:64:2d:be:7e:
d3:58:ee:f8:b9:ab:5a:8a:0e:b8:0b:50:41:15:94:db:5a:ce:
2b:53:a7:9c:00:2c:13:09:b5:5d:53:80:88:89:fb:1c:23:45:
e2:fa:6f:67:dc:d8:e0:bd:b7:4c:d9:f0:63:82:9e:4c:53:13:
49:21:11:89:ff:57:74:6e:5f:ac:c3:69:4a:2b:57:8a:44:be:
ea:e3:e7:d5:db:3d:1f:07:d9:9a:8e:1f:23:97:0d:c4:6e:82:
79:86:5d:07:d5:72:51:2f:0c:80:92:3b:39:c0:1b:9a:af:ab:
93:17:0e:e0:3e:9e:0f:a9:54:8b:97:91:3f:5c:62:41:63:35:
41:b7:a6:e3:88:76:d0:2b:b9:9f:83:08:74:5d:01:08:f8:40:
cf:3b:52:53:ae:ff:4e:3e:e0:dd:1d:c7:2c:d9:b4:9f:d2:dc:
ab:95:9d:3e:91:9d:de:ab:85:de:3b:f2:51:c0:12:48:47:56:
96:8c:ff:a6:0b:06:58:2a:2e:ba:10:c3:87:2b:90:55:24:d2:
54:fc:a5:f6:c2:72:67:5e:79:91:21:46:ed:17:0a:af:63:e4:
d5:00:fc:ec:dc:80:74:5a:4a:3f:ea:9d:af:90:ea:2f:e3:d1:
14:0b:60:bd
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYzziSfgAOnz8q/3eYTk/q6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTEwMTMyMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGMzOGE5OTZhYWU0NTVjMjEwMjQ4NTNmNzIzZGY3ZWMyMDQ4OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE3QaZow78R4fPPLo4U28h0ptl7t
bCv2LKEyXF6IuA1T6KafecUQDP8wX93o0b+fGmLXac8l2Qui4C3U31io5fVS3B6J
FYT2ivHQM8T5rGqbCUqlPhPH+yiJnSrowEAbQ1VNWz6fFS3/2mkZMnG2EjP4/Hfy
T5aZSguBHrjbEY+xjJsFusq7HksEsJ9wkFV1WOSy+9Q85f9ncKC0aBN/Vo2Dqt7R
jOqpCt23j2Df+dMCNYL6RJCIWbqF1uNM3BiJOdt4W4EnelPqjDsxoaVh334bL57t
9tRVyjV2AWWB0BNs2E1PDCKjp8jxhrEPNHdkfLmHcATHNGcWGop4OtRvGQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFLTDiplqrkVcIQJIU/cj337CBIisMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdE1PS21XcXVSVndoQWtoVDl5UGZmc0lFaUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAA+
TOMDBADAfLcDBADBfC8DBADBfF8DBADBfMoDBADCOioDBADCOkIDBADCVxoDBADC
V0wDBADCV1EDBADCV4ADBADCV5UDBADCV6oDBADCV6wDBADCV+ADBADCV+UDBADC
V+cDBADChyEDBADDOjYDBADDOj8DBADDhQIDBADDhRkDBADDhRsDBADDhUoDBADD
hVQDBADUwAEDBADUwNYDBADUwN4DBADUwQ0wDQYJKoZIhvcNAQELBQADggEBAGBw
XopHgeI3LtQBxQx7ZC2+ftNY7vi5q1qKDrgLUEEVlNtazitTp5wALBMJtV1TgIiJ
+xwjReL6b2fc2OC9t0zZ8GOCnkxTE0khEYn/V3RuX6zDaUorV4pEvurj59XbPR8H
2ZqOHyOXDcRugnmGXQfVclEvDICSOznAG5qvq5MXDuA+ng+pVIuXkT9cYkFjNUG3
puOIdtAruZ+DCHRdAQj4QM87UlOu/04+4N0dxyzZtJ/S3KuVnT6Rnd6rhd478lHA
EkhHVpaM/6YLBlgqLroQw4crkFUk0lT8pfbCcmdeeZEhRu0XCq9j5NUA/OzcgHRa
Sj/qna+Q6i/j0RQLYL0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org