Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDPnCI8Ia5k_TPVnPMl4nqddLV8.roa
File: vDPnCI8Ia5k_TPVnPMl4nqddLV8.roa (raw, json)
Hash identifier: GSJEMPuzmMQ699jEZJGQcgC2I2S7q37Jy5xUMPPP7uE=
Subject key identifier: BC:33:E7:08:8F:08:6B:99:3F:4C:F5:67:3C:C9:78:9E:A7:5D:2D:5F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185CA77C15B5E57BBF9F9BAA73A4F7CADD0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDPnCI8Ia5k_TPVnPMl4nqddLV8.roa
Signing time: Thu 19 Jan 2023 14:38:43 +0000
ROA not before: Thu 19 Jan 2023 14:38:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:77:c1:5b:5e:57:bb:f9:f9:ba:a7:3a:4f:7c:ad:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 14:38:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc33e7088f086b993f4cf5673cc9789ea75d2d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:c3:36:93:d5:a9:c1:be:34:88:d2:f3:c8:
14:e6:a0:94:1e:63:d2:5c:18:b9:a9:32:cd:99:65:
23:7f:12:12:a1:f4:2e:c2:4f:c7:2a:30:3f:ed:db:
92:6b:16:89:bf:03:ca:58:3f:5f:b6:c4:35:f6:d6:
c6:21:d5:17:82:83:36:75:97:e4:2e:2d:b0:81:74:
bc:fa:f3:0a:e5:26:23:65:76:90:4f:3f:5d:1b:c4:
ae:fc:1c:87:fe:4e:65:04:33:63:96:0b:58:5b:b6:
0c:8f:43:ca:9c:86:44:58:91:ae:ee:d4:7b:23:e3:
87:8c:f4:7b:a7:76:bd:62:d9:ad:6d:39:69:eb:88:
47:94:96:58:cc:9e:1d:58:c9:32:f1:47:15:3c:95:
ea:7b:1b:78:0f:57:af:25:77:84:11:3f:13:16:b2:
db:fe:94:df:6f:59:35:bd:c5:3f:66:d5:35:e2:45:
62:80:c1:dd:d6:a3:78:b3:93:3b:44:df:5f:de:57:
68:5f:f4:15:a1:b6:95:1e:2d:e5:1f:5f:b4:2c:fc:
4d:63:54:28:cf:04:b7:25:7a:a7:58:d9:0d:06:3b:
94:18:17:fc:52:e0:62:a3:f7:30:6b:71:18:8e:cc:
70:e5:48:90:84:8a:32:5c:e2:02:4d:d7:7a:bb:82:
25:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:33:E7:08:8F:08:6B:99:3F:4C:F5:67:3C:C9:78:9E:A7:5D:2D:5F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDPnCI8Ia5k_TPVnPMl4nqddLV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.133.0/24
193.124.202.0/23
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.3.0/24
194.87.6.0/23
194.87.11.0/24
194.87.16.0/24
194.87.22.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.190.0/24
194.87.198.0/23
194.87.202.0/24
194.87.204.0/24
194.87.208.0/23
194.87.222.0/23
194.87.226.0/24
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.193.0-195.133.195.255
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.11.0-212.193.12.255
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:be:21:07:d8:c9:f4:e6:96:0d:3d:26:2e:3b:8b:da:31:fc:
f3:4b:07:4e:5f:9d:d8:d4:f1:e5:dd:3f:7e:f1:71:51:e0:86:
9b:18:6d:9b:08:90:ad:c2:ec:11:a5:87:8b:51:47:aa:ff:c7:
d5:06:a4:d4:1f:0b:9a:d8:c6:8f:d0:9b:40:b3:26:8d:45:ef:
78:79:46:30:30:c1:5f:83:a6:5a:2e:fb:29:f1:eb:96:5b:ce:
6a:f9:3e:31:6b:9b:a7:c8:88:4c:18:d3:b9:cb:0e:b9:6b:e8:
8b:cb:8a:00:cb:19:14:5e:f1:78:40:18:6c:af:83:ae:64:3d:
d1:34:c9:7e:aa:d4:c8:46:31:29:70:5f:2f:7b:2b:bb:68:92:
19:a4:f8:9c:c0:e2:3c:9d:c8:29:0c:5b:cc:63:5c:14:4e:88:
0f:28:1f:2d:0b:55:bb:05:76:03:31:93:dc:63:7a:01:c2:1c:
0a:47:c3:b7:5a:ea:d5:ed:db:c2:b6:d8:7e:c5:84:4b:e8:02:
d7:1e:12:9d:3c:62:98:55:38:e4:a2:2f:a2:47:75:22:15:78:
87:5a:e8:05:5f:03:79:67:69:27:ec:d4:28:c4:da:c5:3b:83:
94:5a:df:bc:b4:cb:17:1a:3b:f7:01:ab:ae:63:5a:ae:1c:11:
e1:94:b6:63
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAYXKd8FbXle7+fm6pzpPfK3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE5MTQzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzMzZTcwODhmMDg2Yjk5M2Y0Y2Y1NjczY2M5Nzg5ZWE3NWQyZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKjDNpPVqcG+NIjS88gU5qCUHmPS
XBi5qTLNmWUjfxISofQuwk/HKjA/7duSaxaJvwPKWD9ftsQ19tbGIdUXgoM2dZfk
Li2wgXS8+vMK5SYjZXaQTz9dG8Su/ByH/k5lBDNjlgtYW7YMj0PKnIZEWJGu7tR7
I+OHjPR7p3a9YtmtbTlp64hHlJZYzJ4dWMky8UcVPJXqext4D1evJXeEET8TFrLb
/pTfb1k1vcU/ZtU14kVigMHd1qN4s5M7RN9f3ldoX/QVobaVHi3lH1+0LPxNY1Qo
zwS3JXqnWNkNBjuUGBf8UuBio/cwa3EYjsxw5UiQhIoyXOICTdd6u4IlVQIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFLwz5wiPCGuZP0z1ZzzJeJ6nXS1fMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdkRQbkNJOElhNWtfVFBWblBNbDRucWRkTFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8hQMEAcF8ygMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwlcDAwQBwlcGAwQAwlcLAwQAwlcQAwQAwlcWAwQCwlcYAwQAwlc4AwQA
wldMAwQBwldSAwQAwldoMAwDBAHCV3IDBADCV3QDBADCV3YDBADCV3sDBADCV34D
BADCV4gDBAHCV4oDBADCV5UDBADCV6MDBADCV6UwDAMEAMJXqwMEAMJXrAMEAMJX
sAMEAMJXvgMEAcJXxgMEAMJXygMEAMJXzAMEAcJX0AMEAcJX3gMEAMJX4gMEAMJX
6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VeMAwDBADDhcED
BALDhcADBAHUwAADBAHUwNADBADUwQAwDAMEANTBCwMEANTBDAMEANTBDjANBgkq
hkiG9w0BAQsFAAOCAQEAf74hB9jJ9OaWDT0mLjuL2jH880sHTl+d2NTx5d0/fvFx
UeCGmxhtmwiQrcLsEaWHi1FHqv/H1Qak1B8LmtjGj9CbQLMmjUXveHlGMDDBX4Om
Wi77KfHrllvOavk+MWubp8iITBjTucsOuWvoi8uKAMsZFF7xeEAYbK+DrmQ90TTJ
fqrUyEYxKXBfL3sru2iSGaT4nMDiPJ3IKQxbzGNcFE6IDygfLQtVuwV2AzGT3GN6
AcIcCkfDt1rq1e3bwrbYfsWES+gC1x4SnTximFU45KIvokd1IhV4h1roBV8DeWdp
J+zUKMTaxTuDlFrfvLTLFxo79wGrrmNarhwR4ZS2Yw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org