Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uFfh56bTqi-fNWVG-GAWq2bMwEo.roa
File: uFfh56bTqi-fNWVG-GAWq2bMwEo.roa (raw, json)
Hash identifier: qHaxuKD1BNZ+//al9437ZBah962mgN82+YWjA3HTKiE=
Subject key identifier: B8:57:E1:E7:A6:D3:AA:2F:9F:35:65:46:F8:60:16:AB:66:CC:C0:4A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CAB08EE996DD248A45E0FE45AA81BAAEF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uFfh56bTqi-fNWVG-GAWq2bMwEo.roa
Signing time: Wed 27 Dec 2023 11:28:58 +0000
ROA not before: Wed 27 Dec 2023 11:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 62.76.227.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
194.87.66.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 03:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:08:ee:99:6d:d2:48:a4:5e:0f:e4:5a:a8:1b:aa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 27 11:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b857e1e7a6d3aa2f9f356546f86016ab66ccc04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1b:50:13:ef:73:cd:c3:56:b4:e8:1f:b8:c9:
93:69:38:18:37:02:28:fd:ab:ca:4c:bd:8c:a7:60:
69:40:a8:56:11:b1:dc:14:b3:6f:d9:c9:cc:95:13:
84:65:b1:05:0c:6f:3c:d4:60:a8:d6:b9:0b:0f:16:
74:63:53:82:6a:e0:da:d2:83:dd:bc:d3:26:a9:88:
ff:1b:19:cd:ba:9b:1a:32:5a:7a:13:9d:68:53:66:
cc:64:17:80:22:93:ca:cc:5c:25:53:06:b5:8a:85:
12:25:9c:a0:48:80:68:53:c4:00:60:e1:69:f1:22:
fb:25:77:b9:57:84:d8:3e:fd:2a:ca:b5:28:18:e9:
20:19:e0:ad:d9:63:55:36:06:55:bc:b8:fd:7b:7c:
78:c8:fb:a2:17:2b:14:33:97:c8:49:15:dd:58:b8:
10:fd:d2:84:d4:0f:71:b6:1f:01:1a:05:9d:38:f0:
85:08:86:d5:8e:4d:61:27:0b:8b:56:5b:f4:33:bc:
45:38:37:92:7d:16:e5:63:d4:a4:69:c7:1d:d7:34:
31:b1:79:1b:1b:4c:32:aa:c4:f9:2c:26:70:c4:ba:
d2:76:d5:e4:b4:da:eb:d5:16:f3:06:9d:55:af:a7:
15:4a:36:21:b7:ea:01:83:35:53:31:27:1c:dc:79:
28:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:57:E1:E7:A6:D3:AA:2F:9F:35:65:46:F8:60:16:AB:66:CC:C0:4A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uFfh56bTqi-fNWVG-GAWq2bMwEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
194.58.66.0/24
194.87.40.0/24
194.87.66.0/24
195.58.35.0/24
195.133.25.0/24
195.133.27.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
18:fd:12:85:dd:be:f8:2c:e4:9a:4c:d2:e0:72:db:c2:97:07:
20:bb:18:1d:85:6f:5f:d5:1c:69:10:b4:63:55:b9:f8:2c:0c:
68:8e:09:c3:96:da:41:47:20:99:22:06:f8:ce:d7:c4:f3:4b:
44:9d:97:b0:88:ce:6e:bd:fa:0e:38:48:22:69:84:d4:f9:7d:
2d:d6:6f:d8:64:8f:a9:06:59:80:90:bb:3a:b0:70:09:b6:09:
08:fd:33:02:04:a6:5f:89:38:43:20:bc:6d:3e:b6:cb:64:b4:
41:44:f2:e6:c7:4d:e6:6c:25:09:f3:22:74:a1:d5:55:2f:24:
f9:69:4b:25:8f:c9:aa:fa:7a:d6:4a:55:96:3e:e9:81:14:e5:
2c:5f:fe:06:e7:cc:38:85:bb:a1:6f:c3:0a:fb:79:ea:28:ee:
9e:cb:80:9c:f2:76:37:29:0c:d7:dc:f6:6f:f9:f1:ec:cc:a9:
ab:33:11:c6:87:91:eb:db:75:d0:f5:22:74:9f:81:4e:ea:55:
9b:8c:be:5c:d4:e8:48:06:ff:27:9b:a7:51:06:d9:b8:3f:8c:
be:3f:b9:2e:96:ef:07:dc:31:69:59:f9:b1:90:27:88:4b:93:
12:df:7c:22:2a:65:4c:a7:d9:d8:b0:3d:50:17:e0:dc:4c:73:
02:72:03:aa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYyrCO6ZbdJIpF4P5FqoG6rvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI3MTEyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU3ZTFlN2E2ZDNhYTJmOWYzNTY1NDZmODYwMTZhYjY2Y2NjMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihtQE+9zzcNWtOgfuMmTaTgYNwIo
/avKTL2Mp2BpQKhWEbHcFLNv2cnMlROEZbEFDG881GCo1rkLDxZ0Y1OCauDa0oPd
vNMmqYj/GxnNupsaMlp6E51oU2bMZBeAIpPKzFwlUwa1ioUSJZygSIBoU8QAYOFp
8SL7JXe5V4TYPv0qyrUoGOkgGeCt2WNVNgZVvLj9e3x4yPuiFysUM5fISRXdWLgQ
/dKE1A9xth8BGgWdOPCFCIbVjk1hJwuLVlv0M7xFODeSfRblY9Skaccd1zQxsXkb
G0wyqsT5LCZwxLrSdtXktNrr1RbzBp1Vr6cVSjYht+oBgzVTMScc3HkoGQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLhX4eem06ovnzVlRvhgFqtmzMBKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdUZmaDU2YlRxaS1mTldWRy1HQVdxMmJNd0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkzjAwQA
wjpCAwQAwlcoAwQAwldCAwQAwzojAwQAw4UZAwQAw4UbAwQCw4UoAwQA1MD+MA0G
CSqGSIb3DQEBCwUAA4IBAQAY/RKF3b74LOSaTNLgctvClwcguxgdhW9f1RxpELRj
Vbn4LAxojgnDltpBRyCZIgb4ztfE80tEnZewiM5uvfoOOEgiaYTU+X0t1m/YZI+p
BlmAkLs6sHAJtgkI/TMCBKZfiThDILxtPrbLZLRBRPLmx03mbCUJ8yJ0odVVLyT5
aUslj8mq+nrWSlWWPumBFOUsX/4G58w4hbuhb8MK+3nqKO6ey4Cc8nY3KQzX3PZv
+fHszKmrMxHGh5Hr23XQ9SJ0n4FO6lWbjL5c1OhIBv8nm6dRBtm4P4y+P7kulu8H
3DFpWfmxkCeIS5MS33wiKmVMp9nYsD1QF+DcTHMCcgOq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org