Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2vPZL5O0k-_ZLYLGSQK_9wskwoI.roa
File: 2vPZL5O0k-_ZLYLGSQK_9wskwoI.roa (raw, json)
Hash identifier: C858KCqAmLaNrdKubyD86wsRgE/Jy2GYm2Dq72cUR2E=
Subject key identifier: DA:F3:D9:2F:93:B4:93:EF:D9:2D:82:C6:49:02:BF:F7:0B:24:C2:82
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018827FF86CC0A4EC0A1B93BE16A8B250A13
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2vPZL5O0k-_ZLYLGSQK_9wskwoI.roa
Signing time: Wed 17 May 2023 04:37:17 +0000
ROA not before: Wed 17 May 2023 04:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:27:ff:86:cc:0a:4e:c0:a1:b9:3b:e1:6a:8b:25:0a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 17 04:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daf3d92f93b493efd92d82c64902bff70b24c282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e8:96:33:71:91:4f:ac:cc:e8:37:fe:a0:fc:
99:d0:db:05:61:a8:31:93:d6:5e:2c:c2:8f:68:5f:
0c:30:44:cf:91:0a:57:ff:66:93:ff:42:a8:ee:ad:
ce:8f:8f:bb:7b:6a:b7:a4:f9:89:f3:68:e7:de:d6:
f0:7a:b1:09:f2:ea:78:2a:ed:fc:da:ae:9b:c2:67:
81:a5:e6:9e:45:65:30:d6:3a:89:e2:d2:49:a7:ee:
3c:51:94:7f:8e:3f:12:0c:fc:53:63:03:3e:56:84:
ae:fd:b9:75:0e:5c:d0:89:e6:50:09:01:2f:c5:93:
1a:15:ec:e6:cf:b8:00:3d:2d:51:c4:03:89:bf:73:
5a:df:29:c3:79:57:45:db:4e:65:ff:03:72:17:0c:
9f:b1:d5:19:b2:a4:2a:40:89:73:c9:8f:aa:ff:e2:
79:61:cf:fd:6b:25:46:91:ff:3f:30:e1:3a:71:3d:
71:68:8f:dc:1c:25:57:6a:42:d2:3c:7c:28:81:57:
7c:43:7e:8d:06:ef:0c:03:ff:1c:88:7f:24:cb:cd:
74:69:41:62:39:cb:a5:b6:27:1b:e5:68:69:8e:8e:
00:7c:92:01:8f:ad:44:9a:b2:72:a6:1c:04:d8:14:
a7:66:2c:d3:21:fd:52:90:51:29:d2:23:c1:27:f7:
f6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F3:D9:2F:93:B4:93:EF:D9:2D:82:C6:49:02:BF:F7:0B:24:C2:82
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2vPZL5O0k-_ZLYLGSQK_9wskwoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.47.0/24
194.58.46.0/24
194.87.30.0/24
194.87.42.0/24
194.87.108.0/24
194.87.161.0/24
194.87.163.0/24
194.87.205.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:e8:2a:7a:77:f6:a2:29:67:c6:57:b4:f6:35:c5:4d:0e:d3:
8d:bf:6e:b6:9f:96:e2:95:46:bc:77:0b:89:9d:fd:97:e9:e8:
c6:28:38:6d:57:8b:07:3e:c5:a6:44:ed:1b:e0:60:c3:23:a6:
7c:4f:be:fc:d3:4d:68:88:12:06:e1:93:5b:35:1d:7f:66:08:
62:ba:56:72:df:f9:b4:55:0d:87:96:3a:f0:c7:3e:f3:3c:78:
1e:39:fb:01:49:85:94:1e:ea:19:97:bb:61:e7:bd:e5:05:e5:
48:c7:8a:00:bf:a2:5f:bd:c9:80:e7:cd:e0:6e:c2:9f:af:1b:
94:54:8b:f3:c5:0d:3a:51:a6:d8:33:13:44:6a:75:a1:53:25:
ea:f2:93:0d:9c:67:8c:c4:bc:bc:c7:d5:05:3d:eb:c9:f3:40:
74:8c:03:b2:00:6c:86:7e:19:9d:0f:1d:41:13:37:d9:b7:9a:
d0:d9:43:74:be:be:73:7e:c8:55:6d:ca:e0:58:b0:e5:4f:b6:
04:81:c9:96:17:55:c6:b4:77:e9:09:32:6b:fc:7e:c3:ce:24:
85:80:31:b2:71:67:c1:8a:f8:e9:c1:94:39:28:e0:33:4b:a0:
e5:c9:30:5e:ba:95:ae:78:5e:6b:e2:99:8e:b0:c2:2f:0a:b2:
cf:26:66:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYgn/4bMCk7Aobk74WqLJQoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE3MDQzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWYzZDkyZjkzYjQ5M2VmZDkyZDgyYzY0OTAyYmZmNzBiMjRjMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+iWM3GRT6zM6Df+oPyZ0NsFYagx
k9ZeLMKPaF8MMETPkQpX/2aT/0Ko7q3Oj4+7e2q3pPmJ82jn3tbwerEJ8up4Ku38
2q6bwmeBpeaeRWUw1jqJ4tJJp+48UZR/jj8SDPxTYwM+VoSu/bl1DlzQieZQCQEv
xZMaFezmz7gAPS1RxAOJv3Na3ynDeVdF205l/wNyFwyfsdUZsqQqQIlzyY+q/+J5
Yc/9ayVGkf8/MOE6cT1xaI/cHCVXakLSPHwogVd8Q36NBu8MA/8ciH8ky810aUFi
Oculticb5Whpjo4AfJIBj61EmrJyphwE2BSnZizTIf1SkFEp0iPBJ/f2QwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNrz2S+TtJPv2S2CxkkCv/cLJMKCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMnZQWkw1TzBrLV9aTFlMR1NRS185d3Nrd29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwXwSAwQA
wXwvAwQAwjouAwQAwlceAwQAwlcqAwQAwldsAwQAwlehAwQAwlejAwQAwlfNAwQA
wlfPMA0GCSqGSIb3DQEBCwUAA4IBAQAL6Cp6d/aiKWfGV7T2NcVNDtONv262n5bi
lUa8dwuJnf2X6ejGKDhtV4sHPsWmRO0b4GDDI6Z8T778001oiBIG4ZNbNR1/Zghi
ulZy3/m0VQ2Hljrwxz7zPHgeOfsBSYWUHuoZl7th573lBeVIx4oAv6JfvcmA583g
bsKfrxuUVIvzxQ06UabYMxNEanWhUyXq8pMNnGeMxLy8x9UFPevJ80B0jAOyAGyG
fhmdDx1BEzfZt5rQ2UN0vr5zfshVbcrgWLDlT7YEgcmWF1XGtHfpCTJr/H7DziSF
gDGycWfBivjpwZQ5KOAzS6DlyTBeupWueF5r4pmOsMIvCrLPJmak
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org