Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/28bK2wrxYb4bEJ0UZZ9HAQtCq00.roa
File: 28bK2wrxYb4bEJ0UZZ9HAQtCq00.roa (raw, json)
Hash identifier: bbUMb96QMhwmO492LOjYSA/juz1OXeYAaARuEUG4MkE=
Subject key identifier: DB:C6:CA:DB:0A:F1:61:BE:1B:10:9D:14:65:9F:47:01:0B:42:AB:4D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018998D6970586FAC1F72EAE3F1AF8DCCDD4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/28bK2wrxYb4bEJ0UZZ9HAQtCq00.roa
Signing time: Thu 27 Jul 2023 19:32:27 +0000
ROA not before: Thu 27 Jul 2023 19:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.16.0/24 maxlen: 24
212.192.218.0/24 maxlen: 24
212.192.216.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
212.192.219.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:98:d6:97:05:86:fa:c1:f7:2e:ae:3f:1a:f8:dc:cd:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 27 19:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbc6cadb0af161be1b109d14659f47010b42ab4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a1:7f:ad:9a:0c:73:69:67:06:3a:f0:23:0e:
0e:99:58:58:fb:db:be:86:30:91:86:e9:13:ae:00:
b0:29:94:24:92:19:47:33:be:55:d3:04:2b:47:bb:
2b:8c:1f:d2:03:31:f0:c5:95:01:31:a0:fa:e8:fa:
8a:b5:ea:33:56:ad:7a:e5:c2:a3:4c:9f:66:02:a4:
c4:73:71:7f:2d:ce:83:d7:c7:ca:19:eb:81:cd:43:
ab:17:70:82:2a:ad:2f:c5:a3:a8:0a:3e:12:e4:79:
ed:df:f1:7e:b6:10:0a:29:04:2b:bd:92:45:7e:3d:
1e:0a:5e:29:9a:ba:15:b9:b0:37:0b:3d:03:af:16:
38:4e:ec:5a:3c:37:13:22:0d:b9:c3:24:ac:10:18:
07:b9:4f:60:60:af:1e:a8:46:f7:ed:8d:bb:56:4a:
64:92:23:29:ba:ae:98:da:7d:a2:05:ee:b7:26:87:
d7:61:57:e8:4e:99:f0:6d:b9:7d:01:17:d1:24:cc:
33:0d:f2:8f:9e:5c:17:30:ab:ec:e6:16:cc:79:59:
79:f8:7c:8d:ba:94:7a:bf:64:be:3a:49:8a:af:2e:
bf:f9:36:81:ba:d8:3f:eb:3a:ea:05:51:c8:11:56:
e9:c8:46:dd:76:f2:0c:17:dc:81:a0:6f:58:90:da:
0f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C6:CA:DB:0A:F1:61:BE:1B:10:9D:14:65:9F:47:01:0B:42:AB:4D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/28bK2wrxYb4bEJ0UZZ9HAQtCq00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.188.0/24
195.133.16.0/23
195.133.42.0/23
212.192.216.0/22
212.192.240.0/24
212.192.243.0/24
212.193.28.0/23
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
24:bb:18:9b:c8:69:1e:d6:a3:dd:12:24:d0:94:d9:d2:77:2a:
6e:72:29:0b:cc:1d:37:dd:7e:f8:31:26:ad:eb:2c:86:53:ae:
65:da:87:4b:5a:67:00:65:23:45:30:58:d7:ba:b0:4f:a5:8a:
7f:de:48:42:90:75:1a:1a:31:74:10:3a:95:7b:94:5a:3e:e3:
7e:ee:25:02:88:b7:99:b3:d2:21:81:0b:1c:52:fb:8f:ed:67:
56:3c:d2:8e:fc:05:16:81:96:3c:61:b1:fb:44:26:98:5b:19:
35:8d:59:e1:dd:6d:40:91:49:af:16:1f:19:6f:73:6c:98:e5:
bb:57:ce:54:16:64:ef:66:ef:ff:15:66:2c:5c:39:b7:75:5e:
70:76:e1:ca:7f:70:7c:84:01:1e:c1:89:d9:cf:38:9a:61:bd:
40:58:d9:71:a0:47:ce:31:87:3a:34:75:c2:67:95:d3:ce:5e:
63:a2:b8:24:33:80:f6:b2:01:95:74:72:6c:c2:b6:84:61:cf:
fa:9d:5c:f3:db:d8:f9:7d:56:77:f6:86:f5:3d:6f:65:f5:71:
4a:98:2c:e8:31:8b:9e:56:5f:ad:bd:6f:6d:69:b4:fa:19:b1:
73:d6:fd:8a:c1:2a:ec:76:04:3d:00:4b:af:e0:c1:cc:0f:e9:
cd:4c:07:85
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYmY1pcFhvrB9y6uPxr43M3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MTkzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM2Y2FkYjBhZjE2MWJlMWIxMDlkMTQ2NTlmNDcwMTBiNDJhYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqF/rZoMc2lnBjrwIw4OmVhY+9u+
hjCRhukTrgCwKZQkkhlHM75V0wQrR7srjB/SAzHwxZUBMaD66PqKteozVq165cKj
TJ9mAqTEc3F/Lc6D18fKGeuBzUOrF3CCKq0vxaOoCj4S5Hnt3/F+thAKKQQrvZJF
fj0eCl4pmroVubA3Cz0DrxY4TuxaPDcTIg25wySsEBgHuU9gYK8eqEb37Y27Vkpk
kiMpuq6Y2n2iBe63JofXYVfoTpnwbbl9ARfRJMwzDfKPnlwXMKvs5hbMeVl5+HyN
upR6v2S+OkmKry6/+TaButg/6zrqBVHIEVbpyEbddvIMF9yBoG9YkNoPdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNvGytsK8WG+GxCdFGWfRwELQqtNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMjhiSzJ3cnhZYjRiRUowVVpaOUhBUXRDcTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwHy8AwQB
w4UQAwQBw4UqAwQC1MDYAwQA1MDwAwQA1MDzAwQB1MEcAwQA1MEfMA0GCSqGSIb3
DQEBCwUAA4IBAQAkuxibyGke1qPdEiTQlNnSdypucikLzB033X74MSat6yyGU65l
2odLWmcAZSNFMFjXurBPpYp/3khCkHUaGjF0EDqVe5RaPuN+7iUCiLeZs9IhgQsc
UvuP7WdWPNKO/AUWgZY8YbH7RCaYWxk1jVnh3W1AkUmvFh8Zb3NsmOW7V85UFmTv
Zu//FWYsXDm3dV5wduHKf3B8hAEewYnZzziaYb1AWNlxoEfOMYc6NHXCZ5XTzl5j
orgkM4D2sgGVdHJswraEYc/6nVzz29j5fVZ39ob1PW9l9XFKmCzoMYueVl+tvW9t
abT6GbFz1v2KwSrsdgQ9AEuv4MHMD+nNTAeF
-----END CERTIFICATE-----
Generated at Sun Aug 6 15:27:26 2023 by rpki-client on console-ams.rpki-client.org