Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u0d-Zr4PLR0B_CEPJAMXl3PstGQ.roa
File: u0d-Zr4PLR0B_CEPJAMXl3PstGQ.roa (raw, json)
Hash identifier: tH+kvYz0oRLqPdr4EuCSM4zpAwF1K1LUAjr3tPJ+vOw=
Subject key identifier: BB:47:7E:66:BE:0F:2D:1D:01:FC:21:0F:24:03:17:97:73:EC:B4:64
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01916F3496E0CBA55E2DCED05B91544C31B7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u0d-Zr4PLR0B_CEPJAMXl3PstGQ.roa
Signing time: Tue 20 Aug 2024 09:53:22 +0000
ROA not before: Tue 20 Aug 2024 09:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.44.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.63.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 23 Aug 2024 09:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:34:96:e0:cb:a5:5e:2d:ce:d0:5b:91:54:4c:31:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 20 09:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb477e66be0f2d1d01fc210f2403179773ecb464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:11:15:86:cd:bd:7b:28:48:e1:d3:2c:57:b3:
b9:d6:12:d5:82:7b:9f:53:b7:0c:c1:fc:0f:74:af:
31:dd:83:47:86:c0:26:a9:71:82:89:d5:ab:75:33:
a8:9d:9c:97:81:26:34:0a:1d:46:89:e4:af:00:33:
3f:92:ad:50:9b:50:36:ae:cd:f1:ee:e9:59:80:eb:
4e:f0:0b:46:f5:fe:e8:77:f9:15:a4:35:ec:af:e7:
a0:0c:42:fa:4c:cd:a9:86:f4:70:e2:47:2a:37:f4:
08:d6:b9:c8:dd:e6:06:8a:cc:54:ea:a5:97:a5:91:
bb:e0:fe:71:a2:13:00:fe:2a:e8:13:49:c1:1a:8b:
bc:7b:d6:89:4d:04:53:da:53:70:0b:30:be:77:b8:
12:e7:35:3c:35:bd:4a:76:75:3b:6f:b2:f0:3e:85:
25:83:70:a8:e0:c1:79:d8:92:5b:0c:82:0a:7e:83:
a5:7f:4c:72:e1:ec:78:3a:ad:e6:3f:99:c9:24:54:
e4:63:d4:6d:93:50:91:59:2a:d3:d4:86:9d:10:3f:
d1:28:ee:3b:68:15:86:64:8b:d9:5b:f0:12:3d:9e:
45:b3:7f:e3:dc:2c:5d:79:7c:ad:ef:94:82:5d:97:
e5:55:bb:01:29:94:22:e8:04:5a:d1:c3:5d:75:bf:
fa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:47:7E:66:BE:0F:2D:1D:01:FC:21:0F:24:03:17:97:73:EC:B4:64
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u0d-Zr4PLR0B_CEPJAMXl3PstGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.58.66.0/24
194.58.155.0/24
194.87.26.0/23
194.87.44.0/24
194.87.49.0/24
194.87.76.0/24
194.87.83.0-194.87.84.255
194.87.104.0/24
194.87.115.0/24
194.87.130.0/24
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.169.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.208.0/24
194.87.215.0/24
194.87.220.0/23
194.87.226.0/24
194.87.250.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/23
195.133.14.0/23
195.133.18.0/24
195.133.21.0/24
195.133.25.0/24
195.133.27.0/24
195.133.30.0/24
195.133.50.0/23
195.133.63.0/24
195.133.73.0/24
195.133.81.0/24
195.133.92.0/23
195.133.194.0/24
212.192.1.0/24
212.192.217.0/24
212.192.223.0/24
212.192.246.0/24
212.192.248.0/24
212.193.24.0/24
212.193.30.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
18:db:76:d4:0f:71:bc:ba:87:9f:21:d1:38:a9:03:47:d4:08:
9d:37:e4:87:76:aa:d9:78:6d:e2:d0:ff:55:a6:bd:b4:c2:34:
fb:b7:11:15:0c:aa:34:98:21:3c:2c:d3:d8:19:5e:f4:ee:8f:
2b:c0:75:0d:7f:fd:c5:b9:61:c9:70:34:34:59:86:1d:6a:61:
2d:f7:cf:59:52:4a:22:70:79:ae:e0:1e:53:f6:36:91:ac:88:
bc:a1:4d:98:db:74:04:fa:c3:39:6e:ec:3f:c6:95:d9:fb:a1:
ac:02:7c:3d:12:12:a1:62:dd:31:5a:68:7c:d2:f6:31:1e:a7:
1a:0d:c3:ae:38:28:65:9f:02:f4:37:0b:7f:2f:f1:4c:47:aa:
5f:1a:11:0e:4d:fb:01:4f:b6:a3:cd:3a:83:cf:d8:b8:08:2c:
8a:ac:97:61:d5:79:f4:75:61:1d:84:d4:e4:61:84:69:6a:c2:
c5:09:dd:cd:23:c3:f6:cf:a4:84:86:16:9a:4a:7d:4b:c4:13:
01:6d:6c:43:5f:83:a3:d7:95:8e:63:32:3e:15:d8:a5:78:ae:
f4:03:08:db:f9:38:a2:cc:62:1e:c9:ad:fa:3c:20:43:aa:b8:
d6:fb:87:1f:86:ea:eb:30:05:c1:3d:27:27:00:98:7f:f2:78:
d2:dc:1e:9b
-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgISAZFvNJbgy6VeLc7QW5FUTDG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODIwMDk1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ3N2U2NmJlMGYyZDFkMDFmYzIxMGYyNDAzMTc5NzczZWNiNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhEVhs29eyhI4dMsV7O51hLVgnuf
U7cMwfwPdK8x3YNHhsAmqXGCidWrdTOonZyXgSY0Ch1GieSvADM/kq1Qm1A2rs3x
7ulZgOtO8AtG9f7od/kVpDXsr+egDEL6TM2phvRw4kcqN/QI1rnI3eYGisxU6qWX
pZG74P5xohMA/iroE0nBGou8e9aJTQRT2lNwCzC+d7gS5zU8Nb1KdnU7b7LwPoUl
g3Co4MF52JJbDIIKfoOlf0xy4ex4Oq3mP5nJJFTkY9Rtk1CRWSrT1IadED/RKO47
aBWGZIvZW/ASPZ5Fs3/j3CxdeXyt75SCXZflVbsBKZQi6ARa0cNddb/6ywIDAQAB
o4IDXzCCA1swHQYDVR0OBBYEFLtHfma+Dy0dAfwhDyQDF5dz7LRkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdTBkLVpyNFBMUjBCX0NFUEpBTVhsM1BzdEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcwYIKwYBBQUHAQcBAf8EggFiMIIBXjCCAUQEAgABMIIB
PAMEAMI6LAMEAMI6QgMEAMI6mwMEAcJXGgMEAMJXLAMEAMJXMQMEAMJXTDAMAwQA
wldTAwQAwldUAwQAwldoAwQAwldzAwQAwleCMAwDBADCV4UDBADCV4YDBADCV4oD
BADCV4wDBADCV48DBADCV5cDBADCV6EDBADCV6kDBADCV7sDBADCV74DBADCV8gD
BADCV8oDBADCV9ADBADCV9cDBAHCV9wDBADCV+IDBADCV/oDBADChyYDBADCh2kD
BADDOiIDBAHDOiQDBAHDhQ4DBADDhRIDBADDhRUDBADDhRkDBADDhRsDBADDhR4D
BAHDhTIDBADDhT8DBADDhUkDBADDhVEDBAHDhVwDBADDhcIDBADUwAEDBADUwNkD
BADUwN8DBADUwPYDBADUwPgDBADUwRgDBADUwR4wFAQCAAIwDgMFAyoBV8ADBQMq
DP9AMA0GCSqGSIb3DQEBCwUAA4IBAQAY23bUD3G8uoefIdE4qQNH1AidN+SHdqrZ
eG3i0P9Vpr20wjT7txEVDKo0mCE8LNPYGV707o8rwHUNf/3FuWHJcDQ0WYYdamEt
989ZUkoicHmu4B5T9jaRrIi8oU2Y23QE+sM5buw/xpXZ+6GsAnw9EhKhYt0xWmh8
0vYxHqcaDcOuOChlnwL0Nwt/L/FMR6pfGhEOTfsBT7ajzTqDz9i4CCyKrJdh1Xn0
dWEdhNTkYYRpasLFCd3NI8P2z6SEhhaaSn1LxBMBbWxDX4Oj15WOYzI+FdileK70
Awjb+TiizGIeya36PCBDqrjW+4cfhurrMAXBPScnAJh/8njS3B6b
-----END CERTIFICATE-----
Generated at Fri Aug 23 12:55:03 2024 by rpki-client on console-ams.rpki-client.org