Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2W8jBhMn24NtzAgGnLgrijXKHzs.roa
File: 2W8jBhMn24NtzAgGnLgrijXKHzs.roa (raw, json)
Hash identifier: s2zTwdHvHJCx5GuiRBboVC+FkWNmRjx6WGyCN7Z9Lrc=
Subject key identifier: D9:6F:23:06:13:27:DB:83:6D:CC:08:06:9C:B8:2B:8A:35:CA:1F:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018805276B8A588AEB4CFDD14D5C41F7F3B8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2W8jBhMn24NtzAgGnLgrijXKHzs.roa
Signing time: Wed 10 May 2023 10:14:09 +0000
ROA not before: Wed 10 May 2023 10:14:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:27:6b:8a:58:8a:eb:4c:fd:d1:4d:5c:41:f7:f3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 10 10:14:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d96f23061327db836dcc08069cb82b8a35ca1f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:25:25:cb:c7:f6:fb:dc:f1:cd:3b:d5:92:
10:ca:4a:64:c4:b6:90:e3:dc:a4:74:98:07:f4:39:
37:72:39:b7:5a:c8:38:70:77:70:b6:4f:34:49:cd:
ed:6c:97:04:01:46:38:6f:18:9c:6a:3b:57:a1:5f:
52:21:cc:64:22:17:87:46:28:bc:23:12:f4:d5:c1:
36:cd:24:f4:94:84:7c:ce:81:58:fe:63:6c:a7:c6:
81:32:4b:79:2f:fc:df:8a:9f:b2:0f:09:bd:eb:2a:
65:f9:c4:64:fc:29:55:fc:fe:44:56:84:dc:94:80:
12:68:02:65:af:6d:ae:00:35:93:ec:df:29:db:01:
db:78:82:98:aa:da:bb:f1:e0:d1:b7:04:b9:34:df:
05:1b:15:08:42:9e:b8:8a:e9:89:fc:8f:63:b0:60:
3e:97:80:27:74:70:11:05:d9:c6:da:2f:13:3f:c3:
07:a3:f8:f8:2e:bf:9e:be:c0:ae:84:d1:0f:21:2a:
8c:4e:a4:39:fc:71:5d:60:46:88:6e:5e:0f:a8:61:
f3:aa:9f:c7:b5:eb:70:c1:6b:06:00:26:b8:a9:08:
ba:74:87:2a:bc:07:9f:f2:8c:c1:ca:17:7e:54:1c:
d2:0e:6e:f3:d7:f5:94:ec:b9:b7:ee:5d:a5:c6:27:
6a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6F:23:06:13:27:DB:83:6D:CC:08:06:9C:B8:2B:8A:35:CA:1F:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2W8jBhMn24NtzAgGnLgrijXKHzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.82.0/24
194.87.191.0/24
194.87.219.0/24
194.87.252.0/24
195.58.50.0/24
195.133.75.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:75:f3:a3:dc:3a:c5:da:6e:2b:0b:29:05:a7:01:c3:d3:c8:
e6:9a:5a:32:b4:10:ef:cb:79:9b:f0:92:66:ed:17:98:bc:02:
cc:c3:32:b9:0f:b2:d5:de:ab:fb:fc:93:5d:bc:38:a3:74:27:
76:60:d3:a2:55:4f:22:50:ec:e5:7f:f3:89:48:80:87:23:1c:
61:58:ac:69:b6:b7:f7:33:2d:dd:ff:49:69:e2:52:c1:74:de:
1c:8e:67:2e:ef:b9:dc:0f:d2:f7:ab:f5:a6:b9:15:d8:2a:5e:
34:2a:f1:9c:26:32:dd:1d:5c:65:f2:73:3d:0e:3b:17:ad:5c:
a9:6e:0d:db:d8:c7:74:e7:d4:ac:d3:42:ae:c9:de:78:27:e4:
b4:f0:fb:74:cf:87:68:af:4f:a7:d3:9b:d5:97:54:a5:0f:7f:
3e:c1:10:ef:b6:01:72:2c:55:b0:75:9c:79:b2:7b:ee:d4:d2:
c9:c2:68:aa:94:1b:24:7e:ae:bd:83:02:65:40:56:b4:36:d7:
31:ab:9c:35:50:6d:4e:c0:fb:71:2b:ed:9b:b3:6f:88:c7:3d:
72:b5:27:d8:24:3f:bc:84:dc:cf:5d:68:68:3c:49:85:dc:51:
a0:24:9e:44:a5:31:f0:dd:d2:1e:71:19:99:54:5c:30:21:5c:
58:ec:6e:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYgFJ2uKWIrrTP3RTVxB9/O4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTEwMTAxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTZmMjMwNjEzMjdkYjgzNmRjYzA4MDY5Y2I4MmI4YTM1Y2ExZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprIlJcvH9vvc8c071ZIQykpkxLaQ
49ykdJgH9Dk3cjm3Wsg4cHdwtk80Sc3tbJcEAUY4bxicajtXoV9SIcxkIheHRii8
IxL01cE2zST0lIR8zoFY/mNsp8aBMkt5L/zfip+yDwm96ypl+cRk/ClV/P5EVoTc
lIASaAJlr22uADWT7N8p2wHbeIKYqtq78eDRtwS5NN8FGxUIQp64iumJ/I9jsGA+
l4AndHARBdnG2i8TP8MHo/j4Lr+evsCuhNEPISqMTqQ5/HFdYEaIbl4PqGHzqp/H
tetwwWsGACa4qQi6dIcqvAef8ozByhd+VBzSDm7z1/WU7Lm37l2lxidqnQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNlvIwYTJ9uDbcwIBpy4K4o1yh87MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMlc4akJoTW4yNE50ekFnR25MZ3JpalhLSHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwXwhAwQA
wlcjAwQAwlc+AwQAwldSAwQAwle/AwQAwlfbAwQAwlf8AwQAwzoyAwQAw4VLAwQA
1MAJMA0GCSqGSIb3DQEBCwUAA4IBAQCPdfOj3DrF2m4rCykFpwHD08jmmloytBDv
y3mb8JJm7ReYvALMwzK5D7LV3qv7/JNdvDijdCd2YNOiVU8iUOzlf/OJSICHIxxh
WKxptrf3My3d/0lp4lLBdN4cjmcu77ncD9L3q/WmuRXYKl40KvGcJjLdHVxl8nM9
DjsXrVypbg3b2Md059Ss00Kuyd54J+S08Pt0z4dor0+n05vVl1SlD38+wRDvtgFy
LFWwdZx5snvu1NLJwmiqlBskfq69gwJlQFa0Ntcxq5w1UG1OwPtxK+2bs2+Ixz1y
tSfYJD+8hNzPXWhoPEmF3FGgJJ5EpTHw3dIecRmZVFwwIVxY7G6W
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org