Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vhCjqSECk8cGnSqj-4ezEMFj5FA.roa
File: vhCjqSECk8cGnSqj-4ezEMFj5FA.roa (raw, json)
Hash identifier: 3cGFNBGZ8k3vQfkjtN/FVFsBrZ5n3E/5242KUmPu9/g=
Subject key identifier: BE:10:A3:A9:21:02:93:C7:06:9D:2A:A3:FB:87:B3:10:C1:63:E4:50
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01916132763CC2C52176FC514EE8DAB879F0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vhCjqSECk8cGnSqj-4ezEMFj5FA.roa
Signing time: Sat 17 Aug 2024 16:36:22 +0000
ROA not before: Sat 17 Aug 2024 16:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 15:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:61:32:76:3c:c2:c5:21:76:fc:51:4e:e8:da:b8:79:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 17 16:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be10a3a9210293c7069d2aa3fb87b310c163e450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ca:95:8b:9a:a3:fc:67:ba:1b:7f:1a:d6:67:
85:46:28:a5:0b:ad:00:1a:98:bf:0f:76:11:40:0a:
6b:f3:71:5c:31:7b:98:70:b8:90:3c:31:93:aa:81:
15:c9:28:b2:90:55:ba:81:df:64:ac:f3:eb:4b:77:
44:03:e6:d2:71:50:fc:24:7b:d9:3d:ea:4d:78:63:
2f:01:73:26:95:d7:7e:d1:9a:c9:54:a1:7b:ff:92:
5a:78:a8:ea:32:ba:82:32:b7:f9:7e:db:af:2b:60:
3d:10:d8:29:26:6e:7f:34:5a:2a:3f:0b:a2:fb:bc:
a2:79:4e:86:41:27:43:ba:61:a0:4c:46:2e:fc:86:
49:85:c4:77:55:c0:e0:9d:47:fb:51:18:0d:de:c4:
f4:63:98:94:33:05:db:1e:e9:94:f7:7c:d0:0b:b9:
97:6b:95:3a:25:ec:b0:fa:b0:f2:eb:8d:35:c8:8a:
66:30:17:d1:2e:5b:3d:e8:47:c2:75:f1:e5:2c:66:
28:31:a5:1a:fd:ba:0c:26:10:19:67:5b:a9:6f:c1:
1a:1a:da:b5:99:61:cd:f9:4f:8a:f6:64:8e:af:81:
35:cc:2c:ec:09:b0:f4:76:3d:81:c6:df:bb:04:b5:
0a:2d:c6:07:20:04:75:4f:ad:b3:1e:54:40:fc:32:
78:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:10:A3:A9:21:02:93:C7:06:9D:2A:A3:FB:87:B3:10:C1:63:E4:50
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vhCjqSECk8cGnSqj-4ezEMFj5FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.34.0/24
194.58.40.0/24
194.58.45.0/24
194.58.68.0/24
194.87.10.0/24
194.87.39.0/24
194.87.47.0/24
194.87.189.0/24
194.87.198.0/24
194.87.227.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.193.1.0-212.193.2.255
Signature Algorithm: sha256WithRSAEncryption
62:c8:ab:96:8d:7a:de:b9:20:14:4f:a6:bb:53:06:01:24:a9:
c6:e7:5e:1a:97:d3:10:10:50:37:6b:3b:71:d6:58:6c:88:e9:
61:2a:06:15:ee:cc:6f:d8:ca:63:71:da:40:16:55:73:ef:de:
b0:68:90:13:fa:2d:e2:cc:c0:33:ff:e5:09:2c:b3:b0:ad:8d:
83:d1:60:00:00:d5:93:b0:29:36:51:f5:bc:28:3a:a6:ec:d9:
07:f5:97:d9:ab:2a:ac:c5:7d:cf:63:00:7e:76:68:3c:42:4a:
52:d5:8d:77:a1:68:8e:06:88:0d:90:55:42:a4:1d:32:e1:93:
09:3c:10:e9:16:2a:35:52:a7:f2:a0:b0:07:d2:bd:6c:d6:94:
11:e3:d1:cd:ab:be:ca:31:40:60:ab:1a:3e:bf:f0:b6:d7:0b:
d4:be:60:f7:2e:13:cb:16:c5:49:46:28:c7:74:0f:50:0e:1e:
18:8f:e8:f4:98:b7:57:6c:f9:1c:63:f2:3c:b2:5b:fc:94:5b:
5e:d6:0e:eb:15:d1:fe:8b:f9:cb:55:0f:c0:07:cd:f4:92:8f:
89:80:1b:50:f5:a1:7c:c2:92:62:b8:46:69:4a:94:ba:ad:55:
98:52:70:a7:97:c4:3d:aa:d1:e4:38:7e:87:83:64:27:c0:5f:
3d:01:4b:29
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZFhMnY8wsUhdvxRTujauHnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODE3MTYzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTEwYTNhOTIxMDI5M2M3MDY5ZDJhYTNmYjg3YjMxMGMxNjNlNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosqVi5qj/Ge6G38a1meFRiilC60A
Gpi/D3YRQApr83FcMXuYcLiQPDGTqoEVySiykFW6gd9krPPrS3dEA+bScVD8JHvZ
PepNeGMvAXMmldd+0ZrJVKF7/5JaeKjqMrqCMrf5ftuvK2A9ENgpJm5/NFoqPwui
+7yieU6GQSdDumGgTEYu/IZJhcR3VcDgnUf7URgN3sT0Y5iUMwXbHumU93zQC7mX
a5U6Jeyw+rDy6401yIpmMBfRLls96EfCdfHlLGYoMaUa/boMJhAZZ1upb8EaGtq1
mWHN+U+K9mSOr4E1zCzsCbD0dj2Bxt+7BLUKLcYHIAR1T62zHlRA/DJ4pwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFL4Qo6khApPHBp0qo/uHsxDBY+RQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdmhDanFTRUNrOGNHblNxai00ZXpFTUZqNUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADBfBYDBADBfCkDBADBfC4DBADCOiIDBADC
OigDBADCOi0DBADCOkQDBADCVwoDBADCVycDBADCVy8DBADCV70DBADCV8YDBADC
V+MDBADDhUMDBADDhVwDBAHUwAwDBADUwA8DBADUwNcDBADUwN0wDAMEANTBAQME
ANTBAjANBgkqhkiG9w0BAQsFAAOCAQEAYsirlo163rkgFE+mu1MGASSpxudeGpfT
EBBQN2s7cdZYbIjpYSoGFe7Mb9jKY3HaQBZVc+/esGiQE/ot4szAM//lCSyzsK2N
g9FgAADVk7ApNlH1vCg6puzZB/WX2asqrMV9z2MAfnZoPEJKUtWNd6FojgaIDZBV
QqQdMuGTCTwQ6RYqNVKn8qCwB9K9bNaUEePRzau+yjFAYKsaPr/wttcL1L5g9y4T
yxbFSUYox3QPUA4eGI/o9Ji3V2z5HGPyPLJb/JRbXtYO6xXR/ov5y1UPwAfN9JKP
iYAbUPWhfMKSYrhGaUqUuq1VmFJwp5fEParR5Dh+h4NkJ8BfPQFLKQ==
-----END CERTIFICATE-----
Generated at Wed Aug 21 19:41:06 2024 by rpki-client on console-fra.rpki-client.org