Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4v1yNTICVw-lVO4yjmcL0Pvagm4.roa
File: 4v1yNTICVw-lVO4yjmcL0Pvagm4.roa (raw, json)
Hash identifier: A6Og8KNpu4ZKrjjzr6J9arWiHIla66bMvuofeJI+ekQ=
Subject key identifier: E2:FD:72:35:32:02:57:0F:A5:54:EE:32:8E:67:0B:D0:FB:DA:82:6E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AF9C8D800CE4E1DA8DE065B11C8E41099
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4v1yNTICVw-lVO4yjmcL0Pvagm4.roa
Signing time: Wed 04 Oct 2023 08:23:23 +0000
ROA not before: Wed 04 Oct 2023 08:23:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:c8:d8:00:ce:4e:1d:a8:de:06:5b:11:c8:e4:10:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 4 08:23:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2fd72353202570fa554ee328e670bd0fbda826e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:a6:77:6e:5a:80:c9:49:d2:1f:99:1b:f7:
f8:cd:58:18:86:ce:13:aa:72:a4:8e:d2:f3:29:3d:
f4:97:2d:69:cd:41:b5:d1:8b:12:d1:61:10:d8:24:
86:a4:ef:55:05:2e:67:37:19:ba:ac:cc:0f:8f:2d:
df:76:71:77:3b:52:84:d4:00:6c:62:71:ac:72:2e:
4b:b9:67:80:29:ae:68:60:f1:54:c9:79:67:7d:3e:
58:6d:f5:00:30:d3:c6:b6:4d:f6:0e:1a:ff:b5:7e:
15:a6:51:fa:7d:4f:2d:7e:e2:8f:2b:4b:52:2c:e2:
ef:c6:87:10:f8:6e:43:05:33:3c:e8:d1:11:92:e4:
73:91:a1:e9:00:97:38:34:a5:eb:a5:45:89:61:a9:
ca:de:70:8e:09:2d:3b:8e:09:11:7e:27:51:25:a8:
ad:9a:fe:a7:ac:d0:2e:1b:05:d8:04:c9:c1:99:09:
c0:cf:b4:2b:b0:5a:7a:dc:a3:ad:86:67:fb:6a:8c:
d1:68:74:c5:22:69:12:ec:5d:2d:18:34:9c:d1:bf:
be:50:c0:e2:aa:1d:d4:96:c1:48:a2:92:c8:ed:76:
45:4a:e1:cf:ea:19:42:64:01:53:a9:0c:38:46:ed:
54:56:b2:44:1d:fa:9d:46:57:38:b5:d7:3a:e1:e5:
c7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FD:72:35:32:02:57:0F:A5:54:EE:32:8E:67:0B:D0:FB:DA:82:6E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4v1yNTICVw-lVO4yjmcL0Pvagm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
193.124.90.0/24
194.58.42.0/24
194.87.2.0/24
194.87.76.0/24
194.87.81.0/24
194.87.136.0/24
194.87.172.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.14.0/23
195.133.25.0/24
195.133.27.0/24
195.133.35.0/24
212.192.4.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
71:58:fd:38:fe:ea:ca:0c:60:e9:98:e9:5a:62:67:ce:04:f7:
95:ac:0c:08:6f:63:b1:ca:11:07:14:d3:26:6f:e8:be:aa:d0:
29:48:5e:6b:82:bf:00:d6:35:9b:aa:3c:bd:57:b8:b1:0b:3a:
47:a4:1e:c8:dd:02:1b:c1:c9:ac:8e:53:0c:b5:3a:0f:9c:86:
1a:15:3b:54:cb:22:f5:94:e5:98:1b:19:7d:1a:78:25:5d:a0:
79:d3:8e:a5:2a:c9:eb:73:e3:e9:25:3a:eb:e5:bb:01:9c:d4:
88:3a:11:42:e8:23:65:0b:e5:91:08:77:8a:5f:b7:77:14:8e:
d9:f2:d6:0e:1b:62:9a:38:6e:e9:d3:52:97:79:5f:15:81:d7:
56:43:5a:78:12:e8:b3:26:86:cc:d2:7b:7a:87:2f:ea:6c:7a:
46:a9:04:a3:bf:19:cb:84:4d:05:c4:7e:13:9c:6e:b2:30:a0:
ae:59:07:36:97:4f:0b:61:b6:1a:d3:39:0f:1a:16:07:c8:ac:
5f:5d:f3:40:91:74:bb:84:36:01:2d:7e:ef:47:3c:1c:15:0b:
75:f7:00:2c:82:08:b7:ce:4e:f7:e8:3c:e5:e3:48:60:ab:6b:
26:05:65:9a:7f:cf:fd:ca:fc:2c:4c:85:a5:d4:77:1a:26:89:
d8:ac:c6:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYr5yNgAzk4dqN4GWxHI5BCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA0MDgyMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZkNzIzNTMyMDI1NzBmYTU1NGVlMzI4ZTY3MGJkMGZiZGE4MjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjimd25agMlJ0h+ZG/f4zVgYhs4T
qnKkjtLzKT30ly1pzUG10YsS0WEQ2CSGpO9VBS5nNxm6rMwPjy3fdnF3O1KE1ABs
YnGsci5LuWeAKa5oYPFUyXlnfT5YbfUAMNPGtk32Dhr/tX4VplH6fU8tfuKPK0tS
LOLvxocQ+G5DBTM86NERkuRzkaHpAJc4NKXrpUWJYanK3nCOCS07jgkRfidRJait
mv6nrNAuGwXYBMnBmQnAz7QrsFp63KOthmf7aozRaHTFImkS7F0tGDSc0b++UMDi
qh3UlsFIopLI7XZFSuHP6hlCZAFTqQw4Ru1UVrJEHfqdRlc4tdc64eXHbQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOL9cjUyAlcPpVTuMo5nC9D72oJuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNHYxeU5USUNWdy1sVk80eWptY0wwUHZhZ200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwHy0AwQA
wXxaAwQAwjoqAwQAwlcCAwQAwldMAwQAwldRAwQAwleIAwQAwlesAwQAwlfQAwQA
wlfiAwQAwlfnAwQBw4UOAwQAw4UZAwQAw4UbAwQAw4UjAwQA1MAEAwQA1MEOMA0G
CSqGSIb3DQEBCwUAA4IBAQBxWP04/urKDGDpmOlaYmfOBPeVrAwIb2OxyhEHFNMm
b+i+qtApSF5rgr8A1jWbqjy9V7ixCzpHpB7I3QIbwcmsjlMMtToPnIYaFTtUyyL1
lOWYGxl9GnglXaB5046lKsnrc+PpJTrr5bsBnNSIOhFC6CNlC+WRCHeKX7d3FI7Z
8tYOG2KaOG7p01KXeV8VgddWQ1p4EuizJobM0nt6hy/qbHpGqQSjvxnLhE0FxH4T
nG6yMKCuWQc2l08LYbYa0zkPGhYHyKxfXfNAkXS7hDYBLX7vRzwcFQt19wAsggi3
zk736Dzl40hgq2smBWWaf8/9yvwsTIWl1HcaJonYrMaO
-----END CERTIFICATE-----
Generated at Wed Oct 11 10:52:58 2023 by rpki-client on console-ams.rpki-client.org