Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tzJDoX5wSwxlzgfAt_OKLt3a0i0.roa
File: tzJDoX5wSwxlzgfAt_OKLt3a0i0.roa (raw, json)
Hash identifier: OOpitIXrSLQJvBVznhZh++xmA6tbU4pc7X8G5l3FFV8=
Subject key identifier: B7:32:43:A1:7E:70:4B:0C:65:CE:07:C0:B7:F3:8A:2E:DD:DA:D2:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CD443E446980BCB2E976914B94D02E3F8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tzJDoX5wSwxlzgfAt_OKLt3a0i0.roa
Signing time: Thu 04 Jan 2024 11:37:48 +0000
ROA not before: Thu 04 Jan 2024 11:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 62.76.227.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
194.87.66.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 08:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:43:e4:46:98:0b:cb:2e:97:69:14:b9:4d:02:e3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 4 11:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b73243a17e704b0c65ce07c0b7f38a2edddad22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:20:6a:03:be:4e:d3:f2:64:85:b5:45:7a:b3:
59:ac:e3:48:eb:f6:f5:7d:05:65:11:97:d5:b2:f7:
a8:35:5f:20:9c:74:f6:01:4f:37:8e:89:2d:05:32:
8d:50:57:42:67:81:d7:57:97:fd:4a:bd:84:26:d1:
05:6b:f7:be:ac:36:15:e8:5c:97:5a:b4:a4:c8:29:
1b:5c:14:bf:47:bf:6e:df:23:47:63:04:24:b6:63:
84:34:50:8d:8b:84:e8:a7:7b:b4:28:36:40:45:ea:
0d:60:ae:63:5c:4e:f0:3a:c1:21:a0:ce:c0:3a:40:
70:d6:ce:43:cc:f5:b5:5d:ce:2f:f9:9c:dd:a5:c3:
ad:21:df:ca:cf:d6:97:d8:a1:6c:80:2e:02:93:65:
08:12:05:7d:85:b0:ba:59:27:00:5e:eb:7b:6f:a3:
e3:ab:fd:1f:55:3a:74:21:78:ea:98:13:6b:0a:89:
a2:37:3a:86:d7:df:c8:2c:62:05:97:59:21:11:47:
73:9e:8b:8b:a4:39:4f:95:c0:e6:ec:da:cb:50:50:
db:f8:f6:2d:c3:7b:64:3b:87:d1:b6:df:03:b3:f0:
90:e8:7b:5a:ce:81:35:83:8c:90:58:26:64:86:3a:
16:d6:b5:24:c0:2f:a9:27:2d:fc:bb:95:b5:db:ff:
69:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:32:43:A1:7E:70:4B:0C:65:CE:07:C0:B7:F3:8A:2E:DD:DA:D2:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tzJDoX5wSwxlzgfAt_OKLt3a0i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
194.87.40.0/24
194.87.66.0/24
195.58.35.0/24
195.58.60.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
53:f9:5e:df:f1:8a:ef:59:c9:1f:f8:f8:0d:78:00:c2:61:12:
70:a4:31:34:9f:d9:e5:5b:1b:9d:32:9e:70:26:40:19:a4:0f:
2c:81:41:17:3c:df:59:8c:32:08:8a:fb:cf:78:9b:0c:3f:d1:
e0:47:19:53:e8:a2:11:bb:02:fa:33:55:a3:5f:47:be:fe:a7:
5e:f7:97:a5:80:0c:a5:fd:fa:c7:37:dd:82:7b:4a:62:cf:a4:
44:d0:56:75:b0:80:36:c1:ad:73:68:b5:71:4b:0a:83:0e:71:
60:3a:62:41:b8:9e:e7:7a:e3:af:39:4e:71:0c:1b:ae:ed:62:
ec:5f:6a:85:07:58:15:8d:3a:92:48:d5:e1:0c:e2:02:6a:19:
32:61:bb:c1:05:9e:8e:09:04:81:41:76:c8:ab:99:ad:e5:ab:
a0:c1:70:67:10:92:62:38:13:b4:4b:a0:b7:d0:91:e9:7b:2e:
95:68:51:4b:7d:4a:32:e9:32:7d:e0:db:c4:8b:18:02:04:94:
41:90:3a:a3:3a:97:ff:50:d7:6a:16:61:8a:73:51:04:52:51:
3f:2a:b4:0e:c7:19:f8:a9:17:48:69:39:0d:b1:3b:34:5d:a6:
3b:dd:e7:16:66:b3:b0:93:48:ca:b6:10:09:da:a1:06:f1:64:
51:01:8f:54
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzUQ+RGmAvLLpdpFLlNAuP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA0MTEzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzMyNDNhMTdlNzA0YjBjNjVjZTA3YzBiN2YzOGEyZWRkZGFkMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyBqA75O0/JkhbVFerNZrONI6/b1
fQVlEZfVsveoNV8gnHT2AU83joktBTKNUFdCZ4HXV5f9Sr2EJtEFa/e+rDYV6FyX
WrSkyCkbXBS/R79u3yNHYwQktmOENFCNi4Top3u0KDZAReoNYK5jXE7wOsEhoM7A
OkBw1s5DzPW1Xc4v+ZzdpcOtId/Kz9aX2KFsgC4Ck2UIEgV9hbC6WScAXut7b6Pj
q/0fVTp0IXjqmBNrComiNzqG19/ILGIFl1khEUdznouLpDlPlcDm7NrLUFDb+PYt
w3tkO4fRtt8Ds/CQ6HtazoE1g4yQWCZkhjoW1rUkwC+pJy38u5W12/9paQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLcyQ6F+cEsMZc4HwLfzii7d2tItMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdHpKRG9YNXdTd3hsemdmQXRfT0tMdDNhMGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkzjAwQA
wlcoAwQAwldCAwQAwzojAwQAwzo8AwQCw4UoAwQA1MD+MA0GCSqGSIb3DQEBCwUA
A4IBAQBT+V7f8YrvWckf+PgNeADCYRJwpDE0n9nlWxudMp5wJkAZpA8sgUEXPN9Z
jDIIivvPeJsMP9HgRxlT6KIRuwL6M1WjX0e+/qde95elgAyl/frHN92Ce0piz6RE
0FZ1sIA2wa1zaLVxSwqDDnFgOmJBuJ7neuOvOU5xDBuu7WLsX2qFB1gVjTqSSNXh
DOICahkyYbvBBZ6OCQSBQXbIq5mt5augwXBnEJJiOBO0S6C30JHpey6VaFFLfUoy
6TJ94NvEixgCBJRBkDqjOpf/UNdqFmGKc1EEUlE/KrQOxxn4qRdIaTkNsTs0XaY7
3ecWZrOwk0jKthAJ2qEG8WRRAY9U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org