Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3LNSHqXxnBLem7ibZ0yPTOHayZg.roa
File: 3LNSHqXxnBLem7ibZ0yPTOHayZg.roa (raw, json)
Hash identifier: QJ7dRtQUMNwdMjRKMLU13mWtM61QzBXBOMUyvThsfv8=
Subject key identifier: DC:B3:52:1E:A5:F1:9C:12:DE:9B:B8:9B:67:4C:8F:4C:E1:DA:C9:98
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185766DC540229D911352B91186F07CCFAD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3LNSHqXxnBLem7ibZ0yPTOHayZg.roa
Signing time: Tue 03 Jan 2023 06:59:43 +0000
ROA not before: Tue 03 Jan 2023 06:59:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:6d:c5:40:22:9d:91:13:52:b9:11:86:f0:7c:cf:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 3 06:59:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcb3521ea5f19c12de9bb89b674c8f4ce1dac998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:78:ff:ef:32:ef:ad:1c:5e:11:13:bb:9c:92:
45:88:d6:fb:08:72:94:32:a1:33:99:e0:ce:d0:0a:
6d:40:e6:22:64:cc:51:e6:85:8c:66:5c:7e:b0:83:
ef:74:52:ce:70:76:2b:52:b1:88:f5:d8:7d:83:ea:
c3:45:7c:bf:4f:99:71:17:a2:1e:0c:23:93:8f:49:
b8:26:6d:9b:70:29:96:22:ff:5b:0b:50:71:cd:f9:
68:dc:d6:cb:95:7f:60:14:4f:f2:13:2e:a6:1c:83:
50:14:bd:aa:74:44:f7:01:cc:08:e4:cd:5e:0b:e0:
3e:22:eb:ae:a8:34:32:9e:44:8a:8f:37:18:06:70:
1c:10:8d:c1:d3:be:54:cd:3a:ff:6a:89:1c:e9:ea:
16:93:e4:78:60:af:59:4d:53:75:9b:57:0e:2f:9f:
b9:02:d3:d3:fc:26:ea:36:7f:4a:e5:6f:6b:48:e5:
98:04:df:ae:57:77:4f:18:4c:68:5e:10:d5:61:57:
59:b0:05:48:08:ff:ae:26:2a:b2:4f:d3:6c:89:16:
20:03:69:20:65:48:47:83:ff:e0:f2:b5:1c:aa:f3:
79:12:78:6e:18:ca:1a:9a:97:ed:f9:b3:fe:4b:87:
d2:66:77:c2:66:a4:d5:1c:95:47:68:e9:23:b7:a7:
55:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B3:52:1E:A5:F1:9C:12:DE:9B:B8:9B:67:4C:8F:4C:E1:DA:C9:98
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3LNSHqXxnBLem7ibZ0yPTOHayZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
195.58.59.0/24
195.133.13.0-195.133.14.255
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8e:d1:a6:7d:d6:18:41:16:cb:aa:fa:d2:98:4b:b4:54:21:
62:b4:e4:98:42:b1:5f:6c:8d:b4:bf:bc:9c:41:23:c0:d1:82:
da:fc:73:5e:36:43:fe:d1:e4:d8:9a:17:76:f2:6b:29:03:8b:
28:ce:29:bf:02:56:59:77:6f:2c:18:67:11:10:42:af:3c:b7:
df:ac:8b:a8:c2:4c:b9:3d:79:6f:80:81:2e:7b:ae:4c:76:96:
e0:ec:c3:24:6f:ec:6c:6a:1b:5f:aa:46:e1:e6:55:58:cc:25:
f9:f0:e8:be:42:f3:45:07:10:ef:85:95:d4:72:68:fe:b6:b0:
be:d5:45:82:c8:4c:98:59:ea:35:ba:32:84:46:21:3c:19:f9:
b5:51:5a:68:80:b2:d8:1d:5d:e1:d5:96:93:86:bf:7d:1d:62:
81:53:d8:50:7a:43:8f:9a:6c:d1:7d:09:9a:06:63:7c:94:78:
d7:05:d4:fc:b6:60:ea:d7:68:0a:49:4b:15:08:87:64:91:a0:
de:b4:e3:1e:d0:80:cb:09:f6:03:61:35:a5:75:6f:36:69:85:
01:e2:98:48:84:a1:f1:bb:8f:a6:f4:09:25:84:69:89:93:41:
70:08:2d:0b:21:76:28:d5:a6:dd:0b:eb:92:1b:99:a8:fb:f2:
ad:ec:16:1f
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYV2bcVAIp2RE1K5EYbwfM+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAzMDY1OTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2IzNTIxZWE1ZjE5YzEyZGU5YmI4OWI2NzRjOGY0Y2UxZGFjOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnj/7zLvrRxeERO7nJJFiNb7CHKU
MqEzmeDO0AptQOYiZMxR5oWMZlx+sIPvdFLOcHYrUrGI9dh9g+rDRXy/T5lxF6Ie
DCOTj0m4Jm2bcCmWIv9bC1Bxzflo3NbLlX9gFE/yEy6mHINQFL2qdET3AcwI5M1e
C+A+IuuuqDQynkSKjzcYBnAcEI3B075UzTr/aokc6eoWk+R4YK9ZTVN1m1cOL5+5
AtPT/CbqNn9K5W9rSOWYBN+uV3dPGExoXhDVYVdZsAVICP+uJiqyT9NsiRYgA2kg
ZUhHg//g8rUcqvN5EnhuGMoampft+bP+S4fSZnfCZqTVHJVHaOkjt6dVCQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFNyzUh6l8ZwS3pu4m2dMj0zh2smYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM0xOU0hxWHhuQkxlbTdpYloweVBUT0hheVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAwHy2AwQA
wHy8AwQAwXzjAwQAwlX5AwQAwlX7AwQAwle7AwQAwzo7MAwDBADDhQ0DBADDhQ4D
BADDhSUwDAMEAMOFJwMEAsOFKAMEANTABAMEANTA8AMEANTBHAMEANTBHzANBgkq
hkiG9w0BAQsFAAOCAQEAi47Rpn3WGEEWy6r60phLtFQhYrTkmEKxX2yNtL+8nEEj
wNGC2vxzXjZD/tHk2JoXdvJrKQOLKM4pvwJWWXdvLBhnERBCrzy336yLqMJMuT15
b4CBLnuuTHaW4OzDJG/sbGobX6pG4eZVWMwl+fDovkLzRQcQ74WV1HJo/rawvtVF
gshMmFnqNboyhEYhPBn5tVFaaICy2B1d4dWWk4a/fR1igVPYUHpDj5ps0X0JmgZj
fJR41wXU/LZg6tdoCklLFQiHZJGg3rTjHtCAywn2A2E1pXVvNmmFAeKYSISh8buP
pvQJJYRpiZNBcAgtCyF2KNWm3QvrkhuZqPvyrewWHw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org