Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vqP0S82Tfb0EYIek03oWrMHQG7Y.roa
File: vqP0S82Tfb0EYIek03oWrMHQG7Y.roa (raw, json)
Hash identifier: Xete+H/npL3XPz0guhteN/kT1/28WbORjwDrNQ3JdoU=
Subject key identifier: BE:A3:F4:4B:CD:93:7D:BD:04:60:87:A4:D3:7A:16:AC:C1:D0:1B:B6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189C09D8E0E223DEDB38CA86443403B6E87
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vqP0S82Tfb0EYIek03oWrMHQG7Y.roa
Signing time: Fri 04 Aug 2023 12:54:58 +0000
ROA not before: Fri 04 Aug 2023 12:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 193.124.227.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 06:06:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:9d:8e:0e:22:3d:ed:b3:8c:a8:64:43:40:3b:6e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 4 12:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bea3f44bcd937dbd046087a4d37a16acc1d01bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:21:f6:70:a4:1e:98:c2:5c:ea:aa:3c:28:54:
d4:62:9c:ca:22:ee:da:40:7c:38:85:c4:7e:4b:d9:
68:1c:37:0a:b3:d2:d2:16:35:77:f3:7c:b8:bd:80:
99:7e:9f:ca:85:09:3b:97:53:07:4d:8b:6e:8f:ba:
34:e8:b6:08:44:69:5f:fc:6a:26:be:d5:4b:2e:a8:
1b:d5:c3:4f:b0:5a:8c:54:ff:8b:a5:4b:be:75:d5:
9a:1d:c9:ad:eb:9a:cc:6b:26:a2:7f:8e:2e:8d:87:
2f:88:15:39:68:ff:27:b3:e2:fe:9a:14:b7:f5:93:
b9:40:e7:19:13:22:db:99:ce:80:03:0f:3a:34:90:
c5:68:7a:18:ec:72:bd:05:24:63:90:b5:73:85:0d:
d8:10:e5:e7:fc:42:41:45:d8:00:be:3a:24:13:2c:
50:36:85:dd:b9:fc:d2:e1:df:ab:53:b9:58:6c:a4:
d4:45:e0:71:29:00:de:1f:90:d2:f7:1d:c9:ca:8c:
24:09:32:8f:2d:f7:a8:7a:0e:13:09:31:a4:6c:c9:
de:a0:34:22:1d:48:f1:bc:7b:d4:9a:08:ae:61:b5:
32:07:03:4f:34:b0:cd:48:8a:72:1f:3b:6d:7f:ee:
a1:d7:38:58:d4:af:cf:78:0a:29:ce:05:d3:a5:1a:
c1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A3:F4:4B:CD:93:7D:BD:04:60:87:A4:D3:7A:16:AC:C1:D0:1B:B6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vqP0S82Tfb0EYIek03oWrMHQG7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.18.0/24
193.124.49.0/24
193.124.227.0/24
194.87.23.0/24
194.87.53.0/24
194.87.85.0/24
194.87.160.0/24
194.87.230.0/24
194.87.240.0/24
194.87.243.0/24
195.133.37.0/24
212.192.10.0/24
212.192.249.0/24
Signature Algorithm: sha256WithRSAEncryption
22:55:b8:89:7f:b8:19:a5:3b:cd:3d:42:43:ef:bc:7d:1f:6c:
d1:de:fb:e8:a2:f1:c1:5d:02:96:3d:14:ca:22:c4:13:f6:fd:
9b:bf:ec:1c:51:be:41:67:9e:b6:c2:7d:55:43:a6:e0:97:c6:
82:79:d1:87:97:00:bb:31:23:d3:fa:f2:36:dc:f8:ef:2d:82:
58:c0:9e:14:e4:7f:bf:86:88:12:c5:63:a1:ba:5f:78:3a:1b:
19:ae:a3:2d:88:c1:11:a0:59:6a:03:bf:1b:f7:29:d8:12:11:
82:09:42:3c:6f:5d:d6:4b:41:f0:46:8b:37:88:51:cb:d4:f0:
a7:07:b0:80:1f:6a:41:c2:dc:71:b7:b2:10:bc:72:f2:04:5e:
01:c4:bf:81:9a:23:9f:44:b8:6e:cd:86:94:90:79:6c:ab:90:
3b:87:ce:1d:dd:1b:f9:65:f9:54:88:55:7b:04:40:2e:64:0b:
64:06:3f:5f:cc:70:10:c8:fe:46:0b:80:50:38:33:e1:7b:26:
a2:d7:cd:26:00:95:9a:1a:57:03:b1:ce:3e:2e:1f:25:04:01:
a3:bf:dc:c3:3b:25:54:a9:8b:e9:5e:94:58:11:6c:a9:cd:af:
44:de:d3:27:fa:5e:69:3e:e4:b2:9d:09:dd:39:39:e6:2f:6f:
e6:3a:7c:75
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYnAnY4OIj3ts4yoZENAO26HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA0MTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWEzZjQ0YmNkOTM3ZGJkMDQ2MDg3YTRkMzdhMTZhY2MxZDAxYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCH2cKQemMJc6qo8KFTUYpzKIu7a
QHw4hcR+S9loHDcKs9LSFjV383y4vYCZfp/KhQk7l1MHTYtuj7o06LYIRGlf/Gom
vtVLLqgb1cNPsFqMVP+LpUu+ddWaHcmt65rMayaif44ujYcviBU5aP8ns+L+mhS3
9ZO5QOcZEyLbmc6AAw86NJDFaHoY7HK9BSRjkLVzhQ3YEOXn/EJBRdgAvjokEyxQ
NoXdufzS4d+rU7lYbKTUReBxKQDeH5DS9x3JyowkCTKPLfeoeg4TCTGkbMneoDQi
HUjxvHvUmgiuYbUyBwNPNLDNSIpyHzttf+6h1zhY1K/PeAopzgXTpRrBRQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFL6j9EvNk329BGCHpNN6FqzB0Bu2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdnFQMFM4MlRmYjBFWUllazAzb1dyTUhRRzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwldVAwQAwlegAwQAwlfmAwQA
wlfwAwQAwlfzAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQAi
VbiJf7gZpTvNPUJD77x9H2zR3vvoovHBXQKWPRTKIsQT9v2bv+wcUb5BZ562wn1V
Q6bgl8aCedGHlwC7MSPT+vI23PjvLYJYwJ4U5H+/hogSxWOhul94OhsZrqMtiMER
oFlqA78b9ynYEhGCCUI8b13WS0HwRos3iFHL1PCnB7CAH2pBwtxxt7IQvHLyBF4B
xL+BmiOfRLhuzYaUkHlsq5A7h84d3Rv5ZflUiFV7BEAuZAtkBj9fzHAQyP5GC4BQ
ODPheyai180mAJWaGlcDsc4+Lh8lBAGjv9zDOyVUqYvpXpRYEWypza9E3tMn+l5p
PuSynQndOTnmL2/mOnx1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org