Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zRhTUDOExiV9MHOgYHvk5wUPfh4.roa
File: zRhTUDOExiV9MHOgYHvk5wUPfh4.roa (raw, json)
Hash identifier: 1X8B4KfO6+cFSmD7Nb4OiYkv8tJmo+BBKze2SEM8BPA=
Subject key identifier: CD:18:53:50:33:84:C6:25:7D:30:73:A0:60:7B:E4:E7:05:0F:7E:1E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D1732AFDFC24C58CADC2101080DF6338D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zRhTUDOExiV9MHOgYHvk5wUPfh4.roa
Signing time: Wed 17 Jan 2024 11:33:34 +0000
ROA not before: Wed 17 Jan 2024 11:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 16:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:32:af:df:c2:4c:58:ca:dc:21:01:08:0d:f6:33:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 17 11:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd1853503384c6257d3073a0607be4e7050f7e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:97:bd:26:8c:6d:bd:de:63:04:0f:40:c0:8a:
4c:1b:25:7c:06:64:1f:be:f3:fb:a7:50:1a:6e:e2:
23:3a:b0:cd:49:49:b9:6f:2d:de:40:9a:4f:0e:81:
bf:63:eb:dc:bf:0b:76:68:2f:7b:90:20:67:01:6d:
30:e1:2b:0a:31:32:3c:57:40:dd:c8:e7:02:00:61:
aa:31:bf:85:d8:c5:2a:07:b1:85:9b:c2:8f:53:fb:
57:3a:2a:68:80:d9:21:f1:ed:6b:71:31:02:38:41:
55:4b:a9:1a:0b:61:1c:61:41:b7:13:76:94:1f:c5:
a3:ec:3e:c5:4f:b1:c2:ab:f3:cd:d9:dd:cf:3a:43:
88:f0:6b:f2:7d:74:7e:ed:53:de:7a:18:b4:7f:8e:
17:44:9c:af:5c:8d:7f:80:dd:32:93:14:2f:72:cc:
85:ad:d2:a0:89:00:06:43:73:a2:e7:e7:d5:74:42:
32:36:ed:45:9b:2a:f3:56:0a:7f:e0:91:a5:99:d2:
af:71:0b:19:8b:e8:ea:c2:45:4e:a5:a4:42:82:b0:
e8:12:0c:7b:b8:e8:95:af:4e:5a:ea:c3:25:97:18:
0c:15:5a:76:64:aa:bf:b6:bf:5e:42:84:9b:33:34:
73:56:f5:3c:e2:a5:e0:c3:b8:15:e6:e8:32:13:95:
d2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:18:53:50:33:84:C6:25:7D:30:73:A0:60:7B:E4:E7:05:0F:7E:1E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zRhTUDOExiV9MHOgYHvk5wUPfh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.42.0/24
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.88.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.87.245.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
98:85:1f:73:52:47:1d:3d:15:b9:d4:98:e5:22:0c:59:9e:67:
3e:0f:f8:7f:f5:8c:c2:e1:c7:f8:35:d5:0d:7c:51:16:20:54:
62:28:fc:c4:ba:2c:38:1a:0f:f9:cf:9f:ca:e2:6d:3d:10:3e:
f4:f2:72:96:8a:e0:1d:43:e9:15:8d:22:be:39:5e:36:25:ca:
31:e4:b6:fe:2b:48:9e:97:b1:85:a9:57:52:87:c7:18:bd:7c:
f3:57:56:8c:9c:46:59:c0:80:d2:3c:5c:97:3a:cc:d6:cb:1d:
9c:93:49:47:17:f6:c5:f8:81:8c:6f:69:39:09:89:b8:64:c8:
bd:f2:58:9b:b2:b0:7f:42:15:89:58:32:f5:05:6b:8e:6f:ff:
84:87:73:c9:cc:db:77:6a:10:b1:6e:28:7f:bd:da:7a:ef:c5:
6f:bd:ad:ab:b6:f0:b8:96:d1:bd:a9:60:8a:3d:ba:f3:34:f9:
69:7b:51:00:f7:b4:5e:7a:af:19:bc:fe:c3:36:d2:d9:48:5a:
b1:30:b5:75:bc:43:2a:c9:08:16:8d:7b:8a:14:6b:98:bd:96:
d2:34:fc:85:09:48:ee:e8:26:b4:e9:18:f7:9c:0b:aa:fa:14:
5f:9b:9d:e5:1e:a2:01:67:ab:5f:95:a9:9f:98:2b:d0:ef:4d:
45:05:29:1b
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAY0XMq/fwkxYytwhAQgN9jONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE3MTEzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDE4NTM1MDMzODRjNjI1N2QzMDczYTA2MDdiZTRlNzA1MGY3ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5e9Joxtvd5jBA9AwIpMGyV8BmQf
vvP7p1AabuIjOrDNSUm5by3eQJpPDoG/Y+vcvwt2aC97kCBnAW0w4SsKMTI8V0Dd
yOcCAGGqMb+F2MUqB7GFm8KPU/tXOipogNkh8e1rcTECOEFVS6kaC2EcYUG3E3aU
H8Wj7D7FT7HCq/PN2d3POkOI8GvyfXR+7VPeehi0f44XRJyvXI1/gN0ykxQvcsyF
rdKgiQAGQ3Oi5+fVdEIyNu1FmyrzVgp/4JGlmdKvcQsZi+jqwkVOpaRCgrDoEgx7
uOiVr05a6sMllxgMFVp2ZKq/tr9eQoSbMzRzVvU84qXgw7gV5ugyE5XSZQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFM0YU1AzhMYlfTBzoGB75OcFD34eMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvelJoVFVET0V4aVY5TUhPZ1lIdms1d1VQZmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAA+TOMDBAC5SAoDBADAfLcDBADBfC8DBADBfF8DBADBfMoDBADCOioDBADCOkID
BADCOpoDBADCVxoDBADCV0wDBADCV1EDBADCV1gDBADCV4ADBADCV5UDBADCV5cD
BADCV6oDBADCV6wDBADCV7sDBADCV74DBADCV8kDBADCV9cDBADCV+ADBADCV+UD
BADCV+cDBADCV/UDBADChyEDBADDOjYDBADDOjwDBADDOj8DBADDhQIDBADDhRkD
BADDhRsDBADDhUgDBADDhVQDBADDhcADBADUwAEDBADUwNYDBADUwN4DBADUwQ0D
BADUwRkwDQYJKoZIhvcNAQELBQADggEBAJiFH3NSRx09FbnUmOUiDFmeZz4P+H/1
jMLhx/g11Q18URYgVGIo/MS6LDgaD/nPn8ribT0QPvTycpaK4B1D6RWNIr45XjYl
yjHktv4rSJ6XsYWpV1KHxxi9fPNXVoycRlnAgNI8XJc6zNbLHZyTSUcX9sX4gYxv
aTkJibhkyL3yWJuysH9CFYlYMvUFa45v/4SHc8nM23dqELFuKH+92nrvxW+9rau2
8LiW0b2pYIo9uvM0+Wl7UQD3tF56rxm8/sM20tlIWrEwtXW8QyrJCBaNe4oUa5i9
ltI0/IUJSO7oJrTpGPecC6r6FF+bneUeogFnq1+VqZ+YK9DvTUUFKRs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:31 2024 by rpki-client on console-fra.rpki-client.org