Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ADu0xIG0w70WgXs7TMIQxucDuYA.roa
File: ADu0xIG0w70WgXs7TMIQxucDuYA.roa (raw, json)
Hash identifier: aJqAzc0KX3wrf/1JrygX1etUKDq72dhnHPoFQf6SsFg=
Subject key identifier: 00:3B:B4:C4:81:B4:C3:BD:16:81:7B:3B:4C:C2:10:C6:E7:03:B9:80
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018998165227BD19F45FF15F30B33E7DAEB7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ADu0xIG0w70WgXs7TMIQxucDuYA.roa
Signing time: Thu 27 Jul 2023 16:02:26 +0000
ROA not before: Thu 27 Jul 2023 16:02:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 195.133.18.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:98:16:52:27:bd:19:f4:5f:f1:5f:30:b3:3e:7d:ae:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 27 16:02:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=003bb4c481b4c3bd16817b3b4cc210c6e703b980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:68:2f:92:56:71:48:a5:51:dd:03:f6:95:f0:
eb:f2:d2:1a:27:2a:53:b6:c2:2c:3c:53:c0:7a:e7:
ac:50:62:ac:a0:57:0e:20:dd:42:d6:4c:1e:24:d1:
0c:97:2b:fe:bf:0a:51:15:a8:02:f2:3e:e0:38:8a:
1f:bd:61:6f:c2:44:4c:8c:82:1f:0f:63:cf:f6:9f:
c4:79:84:ca:9b:68:3b:5d:29:a7:44:6c:75:d1:cc:
d9:43:5c:17:13:7e:60:1c:69:18:68:01:e1:7b:2e:
51:ab:97:92:01:e4:a2:83:40:4a:c9:b4:2b:9f:29:
b1:95:b6:0a:dd:bd:48:9c:42:ed:9f:73:b1:ed:27:
d6:cb:0a:c7:46:ad:1e:54:89:32:69:66:e9:fe:d9:
ad:0f:55:ef:45:ea:79:fd:e3:a1:01:dc:99:fc:27:
71:de:01:5d:a9:12:f0:18:04:09:15:a2:52:ae:ae:
6e:f9:d1:55:74:38:ed:76:3e:2b:f3:46:45:b1:f5:
a2:23:a5:0b:3a:1c:28:e0:9e:ff:3a:bd:0e:e1:11:
97:1b:56:33:22:d5:62:cd:29:32:86:86:64:16:f8:
b1:5f:51:9f:27:ed:b7:62:a5:a2:1b:d6:9b:24:59:
85:17:69:07:0a:23:44:00:f9:82:f0:99:36:40:2a:
e9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3B:B4:C4:81:B4:C3:BD:16:81:7B:3B:4C:C2:10:C6:E7:03:B9:80
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ADu0xIG0w70WgXs7TMIQxucDuYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.249.0-194.85.250.255
195.133.18.0/24
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
1b:c2:4f:d2:86:dd:ba:9d:37:04:21:12:c3:8d:6f:a3:bc:7b:
cf:74:55:b3:3e:79:fe:a4:6c:0a:73:ad:03:33:e2:2c:36:ec:
b9:7b:f8:f2:e0:1e:25:78:6f:af:a6:ec:eb:e2:65:22:c8:5f:
85:c7:dc:4b:f6:12:ab:06:20:c1:38:54:bd:5a:90:ad:d1:4c:
6f:57:87:59:d9:c0:5d:40:f6:85:10:c6:77:7b:8d:a5:ef:e9:
4d:ca:c9:1b:d5:af:7a:ba:e6:6a:bd:89:a5:c1:8e:f2:a1:cd:
69:74:88:88:86:dc:9d:c7:12:e6:bb:44:30:db:d0:dd:90:9c:
d6:b2:b0:fd:bb:0b:10:08:55:d6:cc:d8:22:f1:a2:fe:d2:6b:
c5:fc:03:4b:8f:42:33:5b:c5:1d:08:5a:7d:8d:d8:4d:9f:40:
f3:af:ea:ad:15:a3:d9:45:b0:47:ba:ad:16:45:8e:8f:b7:ec:
e3:9f:b0:a7:e3:bf:bc:2b:29:ea:45:8f:93:37:b2:7d:5a:ba:
df:23:7c:ae:08:ac:81:bc:b7:bd:de:f6:a6:ac:9d:a5:7d:32:
9c:4a:68:c1:7b:80:fc:ac:aa:de:f1:93:17:62:77:f8:b8:77:
17:52:72:bd:63:c6:2a:d4:05:89:a5:94:81:b2:0b:16:0d:56:
15:03:ea:31
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYmYFlInvRn0X/FfMLM+fa63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MTYwMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDNiYjRjNDgxYjRjM2JkMTY4MTdiM2I0Y2MyMTBjNmU3MDNiOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGgvklZxSKVR3QP2lfDr8tIaJypT
tsIsPFPAeuesUGKsoFcOIN1C1kweJNEMlyv+vwpRFagC8j7gOIofvWFvwkRMjIIf
D2PP9p/EeYTKm2g7XSmnRGx10czZQ1wXE35gHGkYaAHhey5Rq5eSAeSig0BKybQr
nymxlbYK3b1InELtn3Ox7SfWywrHRq0eVIkyaWbp/tmtD1XvRep5/eOhAdyZ/Cdx
3gFdqRLwGAQJFaJSrq5u+dFVdDjtdj4r80ZFsfWiI6ULOhwo4J7/Or0O4RGXG1Yz
ItVizSkyhoZkFvixX1GfJ+23YqWiG9abJFmFF2kHCiNEAPmC8Jk2QCrpuQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAA7tMSBtMO9FoF7O0zCEMbnA7mAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQUR1MHhJRzB3NzBXZ1hzN1RNSVF4dWNEdVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBADCVfkD
BADCVfoDBADDhRIDBADDhScwDAMEANTA9QMEANTA9jANBgkqhkiG9w0BAQsFAAOC
AQEAG8JP0obdup03BCESw41vo7x7z3RVsz55/qRsCnOtAzPiLDbsuXv48uAeJXhv
r6bs6+JlIshfhcfcS/YSqwYgwThUvVqQrdFMb1eHWdnAXUD2hRDGd3uNpe/pTcrJ
G9Wverrmar2JpcGO8qHNaXSIiIbcnccS5rtEMNvQ3ZCc1rKw/bsLEAhV1szYIvGi
/tJrxfwDS49CM1vFHQhafY3YTZ9A86/qrRWj2UWwR7qtFkWOj7fs45+wp+O/vCsp
6kWPkzeyfVq63yN8rgisgby3vd72pqydpX0ynEpowXuA/Kyq3vGTF2J3+Lh3F1Jy
vWPGKtQFiaWUgbILFg1WFQPqMQ==
-----END CERTIFICATE-----
Generated at Thu Jul 27 19:54:21 2023 by rpki-client on console-fra.rpki-client.org