Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ca6b9ytzewJQzNNRXghuwdzvzgw.roa
File: Ca6b9ytzewJQzNNRXghuwdzvzgw.roa (raw, json)
Hash identifier: +7xdK4PpLK152maKZCMFwV8tj3vj4/E0VwIk7lSLRCY=
Subject key identifier: 09:AE:9B:F7:2B:73:7B:02:50:CC:D3:51:5E:08:6E:C1:DC:EF:CE:0C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CD7C431DA1D2C1EDB1E1FDC54104DDD27
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ca6b9ytzewJQzNNRXghuwdzvzgw.roa
Signing time: Fri 05 Jan 2024 03:56:48 +0000
ROA not before: Fri 05 Jan 2024 03:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 212.193.12.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d7:c4:31:da:1d:2c:1e:db:1e:1f:dc:54:10:4d:dd:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 5 03:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09ae9bf72b737b0250ccd3515e086ec1dcefce0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ac:97:0d:c8:03:43:6f:c8:a2:d2:a5:82:e8:
cd:12:6b:02:d2:23:8f:a3:10:30:92:65:2f:f6:f6:
80:fc:01:8a:96:81:ea:27:e4:4c:0f:9a:00:01:8f:
43:38:bf:dc:21:16:79:82:f0:33:a3:72:f7:ef:03:
0a:35:06:8f:65:ce:a8:ad:6e:aa:eb:4a:9a:4e:f5:
0d:5c:ce:b1:b0:4e:5f:2c:22:9a:2a:74:c7:cf:f9:
d1:94:9f:b4:24:91:0e:f2:af:0d:57:81:a6:ae:dc:
2d:7b:18:21:da:1b:8c:2f:d5:9a:f5:30:f2:e0:70:
3f:c9:87:ad:cd:12:6c:4a:63:e6:af:25:8d:99:c4:
b5:81:d9:8f:e3:c9:f2:a4:00:38:04:a0:87:47:57:
d0:b2:40:3f:77:60:cf:e8:cf:fa:73:8c:7f:d8:48:
cc:2a:3b:1c:57:c2:7b:4c:bb:c2:13:fc:fe:42:44:
a6:91:d3:09:de:95:93:80:6b:98:34:fe:3d:77:e5:
c6:70:1f:41:fc:bf:9a:63:b4:38:bb:0a:4e:de:39:
b7:ea:00:19:9e:ad:64:cb:6b:75:6e:88:9b:26:66:
26:b4:da:bc:9a:e5:91:79:c9:90:1b:ca:98:eb:44:
b9:c0:46:e0:00:bc:53:14:e9:63:23:ff:fb:5f:0c:
6f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AE:9B:F7:2B:73:7B:02:50:CC:D3:51:5E:08:6E:C1:DC:EF:CE:0C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ca6b9ytzewJQzNNRXghuwdzvzgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
193.124.95.0/24
194.58.66.0/24
194.87.26.0/24
194.87.128.0/24
194.87.170.0/24
194.87.224.0/24
194.87.229.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.25.0/24
195.133.27.0/24
195.133.84.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:93:29:e0:6a:ba:ef:b8:3a:77:36:44:3a:f9:78:0d:a1:01:
93:3f:8a:e6:aa:e6:8b:00:7d:44:9a:fe:00:45:33:38:89:f3:
8b:87:8b:85:17:f8:d8:fe:9d:2f:9a:fb:ae:4e:79:ed:59:0a:
0a:94:36:84:ed:30:a9:05:a2:6a:3a:bf:8a:ea:12:d8:4e:ba:
da:0b:4d:81:96:1d:69:78:31:b5:b3:d8:ad:08:34:50:b7:71:
61:35:3c:e3:9d:20:ae:6b:81:25:8a:cc:d5:d6:15:8e:a5:63:
0e:37:14:4f:f5:e0:b8:de:5b:6a:8e:86:27:b7:7e:52:f1:22:
f2:16:7e:76:b9:35:be:63:ab:43:04:2b:8e:07:2a:b7:75:e6:
26:ee:9a:9a:41:9a:4e:e9:40:fe:88:67:43:76:f5:9e:fc:5b:
77:bc:aa:16:13:64:38:1d:ab:d7:72:ae:7e:b1:24:1f:51:58:
39:d9:82:31:46:74:db:c0:a3:dc:6f:bd:95:ae:0c:47:d3:22:
f0:06:2d:9e:a6:37:26:e3:57:2e:60:4d:8e:db:58:86:9b:36:
37:63:89:ae:7d:8e:1b:69:4e:ee:e3:70:35:10:25:5e:3f:c4:
69:1e:1e:92:bf:12:50:23:25:12:5f:2b:23:0e:29:fe:e1:6f:
b2:5a:21:3b
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzXxDHaHSwe2x4f3FQQTd0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA1MDM1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFlOWJmNzJiNzM3YjAyNTBjY2QzNTE1ZTA4NmVjMWRjZWZjZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6yXDcgDQ2/IotKlgujNEmsC0iOP
oxAwkmUv9vaA/AGKloHqJ+RMD5oAAY9DOL/cIRZ5gvAzo3L37wMKNQaPZc6orW6q
60qaTvUNXM6xsE5fLCKaKnTHz/nRlJ+0JJEO8q8NV4Gmrtwtexgh2huML9Wa9TDy
4HA/yYetzRJsSmPmryWNmcS1gdmP48nypAA4BKCHR1fQskA/d2DP6M/6c4x/2EjM
KjscV8J7TLvCE/z+QkSmkdMJ3pWTgGuYNP49d+XGcB9B/L+aY7Q4uwpO3jm36gAZ
nq1ky2t1boibJmYmtNq8muWRecmQG8qY60S5wEbgALxTFOljI//7XwxvTwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFAmum/crc3sCUMzTUV4IbsHc784MMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ2E2Yjl5dHpld0pRek5OUlhnaHV3ZHp2emd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMF8LwME
AMF8XwMEAMI6QgMEAMJXGgMEAMJXgAMEAMJXqgMEAMJX4AMEAMJX5QMEAMKHIQME
AMM6NgMEAMM6PwMEAMOFGQMEAMOFGwMEAMOFVAMEANTAAQMEANTA1gMEANTA3gME
ANTBDDANBgkqhkiG9w0BAQsFAAOCAQEAe5Mp4Gq677g6dzZEOvl4DaEBkz+K5qrm
iwB9RJr+AEUzOInzi4eLhRf42P6dL5r7rk557VkKCpQ2hO0wqQWiajq/iuoS2E66
2gtNgZYdaXgxtbPYrQg0ULdxYTU8450grmuBJYrM1dYVjqVjDjcUT/XguN5bao6G
J7d+UvEi8hZ+drk1vmOrQwQrjgcqt3XmJu6amkGaTulA/ohnQ3b1nvxbd7yqFhNk
OB2r13KufrEkH1FYOdmCMUZ028Cj3G+9la4MR9Mi8AYtnqY3JuNXLmBNjttYhps2
N2OJrn2OG2lO7uNwNRAlXj/EaR4ekr8SUCMlEl8rIw4p/uFvslohOw==
-----END CERTIFICATE-----
Generated at Fri Jan 5 11:29:44 2024 by rpki-client on console-ams.rpki-client.org