Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/95w3TL-EYetM2D7MTjWc9kysqz4.roa
File: 95w3TL-EYetM2D7MTjWc9kysqz4.roa (raw, json)
Hash identifier: c1fAyVeUtwCVlSQtWdg50r2RXhMEbW8nejZ+VffUN6s=
Subject key identifier: F7:9C:37:4C:BF:84:61:EB:4C:D8:3E:CC:4E:35:9C:F6:4C:AC:AB:3E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C804E548357FE6A853A4E1D01AB398C0B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/95w3TL-EYetM2D7MTjWc9kysqz4.roa
Signing time: Tue 19 Dec 2023 04:21:06 +0000
ROA not before: Tue 19 Dec 2023 04:21:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.13.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:80:4e:54:83:57:fe:6a:85:3a:4e:1d:01:ab:39:8c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 04:21:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f79c374cbf8461eb4cd83ecc4e359cf64cacab3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:48:13:a5:64:b8:01:99:3f:5f:e8:b7:23:97:
58:01:52:cd:a3:02:2a:8a:12:6e:c7:f6:45:b0:57:
68:bc:08:ce:9a:4b:13:2e:68:39:ef:c0:63:27:6b:
60:4f:3b:5f:94:d1:36:0d:a1:5d:a7:08:83:79:61:
03:c3:92:60:ea:83:1a:d2:c3:7c:93:a5:3c:38:cc:
e5:90:2d:7f:16:a6:6a:66:7f:f0:70:9c:22:e3:4c:
af:93:c7:ce:c9:86:25:52:8a:74:cf:fc:f1:91:20:
1e:23:70:8b:bc:83:da:35:c5:9d:6b:1c:8e:4e:b1:
77:39:71:44:66:8e:f6:72:ca:df:13:07:4e:96:18:
5a:81:ec:cc:d0:7e:9a:37:bc:8f:b9:e9:75:5f:eb:
2c:a9:f4:54:05:36:9d:ed:8d:31:84:62:da:71:29:
3a:9b:eb:ba:c0:f8:ef:5a:33:b9:90:48:bb:74:2b:
81:35:f6:16:17:e9:d1:cb:91:13:bd:99:1e:6a:37:
7c:31:05:59:5b:99:75:db:e0:89:a4:b7:4b:c1:e5:
4a:17:06:2f:f1:61:f3:a3:c4:44:6c:b4:07:4c:fe:
1d:9a:6b:d9:2b:cc:d0:b9:d6:5f:58:ae:d9:48:20:
12:65:bf:6c:46:a8:78:04:e3:f1:66:80:b0:02:a2:
96:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9C:37:4C:BF:84:61:EB:4C:D8:3E:CC:4E:35:9C:F6:4C:AC:AB:3E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/95w3TL-EYetM2D7MTjWc9kysqz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
194.87.76.0/24
195.133.81.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
74:9d:50:9b:4d:0a:2f:d1:5d:b5:98:3c:5e:83:57:c2:db:b7:
0c:e7:14:08:84:79:96:c8:a6:60:67:af:61:2e:90:c0:8a:1d:
63:6b:89:c5:f0:d0:3e:f3:03:6f:15:95:64:19:3b:c8:ea:7b:
5c:b6:a8:63:56:7d:83:48:2a:cd:31:9d:be:ec:51:86:61:46:
da:6a:56:a5:1f:25:ca:e9:0e:cf:31:a3:26:e4:db:fa:4c:7b:
5f:a4:a2:d3:49:9e:4c:d1:e0:ea:d6:47:d5:ab:34:11:10:61:
15:23:78:16:10:4e:db:01:7f:27:47:43:35:06:be:b0:c5:a5:
39:ea:90:d1:b9:86:22:f5:56:6a:52:6b:9e:1f:8c:a1:36:47:
45:6f:99:f3:1f:dd:f5:6c:74:4f:dc:99:b9:52:41:f6:d2:00:
81:e4:f0:8e:4b:f7:91:96:89:83:c0:14:8c:41:54:29:17:01:
f4:e5:ec:44:d1:6a:6a:c8:ac:eb:de:75:be:a9:7d:b6:46:34:
1f:08:6f:a6:02:aa:f0:7a:f0:63:da:60:a8:4a:48:2c:e1:38:
df:af:4a:e4:38:ad:88:a0:03:07:4c:a0:4b:1c:b9:f5:85:98:
0b:c9:91:b0:1c:9f:ae:13:46:0f:86:e6:39:4d:7c:a4:89:a7:
75:73:62:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyATlSDV/5qhTpOHQGrOYwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjE5MDQyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzljMzc0Y2JmODQ2MWViNGNkODNlY2M0ZTM1OWNmNjRjYWNhYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEgTpWS4AZk/X+i3I5dYAVLNowIq
ihJux/ZFsFdovAjOmksTLmg578BjJ2tgTztflNE2DaFdpwiDeWEDw5Jg6oMa0sN8
k6U8OMzlkC1/FqZqZn/wcJwi40yvk8fOyYYlUop0z/zxkSAeI3CLvIPaNcWdaxyO
TrF3OXFEZo72csrfEwdOlhhagezM0H6aN7yPuel1X+ssqfRUBTad7Y0xhGLacSk6
m+u6wPjvWjO5kEi7dCuBNfYWF+nRy5ETvZkeajd8MQVZW5l12+CJpLdLweVKFwYv
8WHzo8REbLQHTP4dmmvZK8zQudZfWK7ZSCASZb9sRqh4BOPxZoCwAqKWewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPecN0y/hGHrTNg+zE41nPZMrKs+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTV3M1RMLUVZZXRNMkQ3TVRqV2M5a3lzcXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzKAwQA
wldMAwQAw4VRAwQA1MENMA0GCSqGSIb3DQEBCwUAA4IBAQB0nVCbTQov0V21mDxe
g1fC27cM5xQIhHmWyKZgZ69hLpDAih1ja4nF8NA+8wNvFZVkGTvI6ntctqhjVn2D
SCrNMZ2+7FGGYUbaalalHyXK6Q7PMaMm5Nv6THtfpKLTSZ5M0eDq1kfVqzQREGEV
I3gWEE7bAX8nR0M1Br6wxaU56pDRuYYi9VZqUmueH4yhNkdFb5nzH931bHRP3Jm5
UkH20gCB5PCOS/eRlomDwBSMQVQpFwH05exE0WpqyKzr3nW+qX22RjQfCG+mAqrw
evBj2mCoSkgs4Tjfr0rkOK2IoAMHTKBLHLn1hZgLyZGwHJ+uE0YPhuY5TXykiad1
c2L+
-----END CERTIFICATE-----
Generated at Wed Dec 20 11:30:05 2023 by rpki-client on console-ams.rpki-client.org