Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DTBJSj9k6KtTdMwNmPRaJ_U0-c4.roa
File: DTBJSj9k6KtTdMwNmPRaJ_U0-c4.roa (raw, json)
Hash identifier: lGK38lT27/Xrhok5BsqpExUvw4zzSkYEknE1Y1iL/9o=
Subject key identifier: 0D:30:49:4A:3F:64:E8:AB:53:74:CC:0D:98:F4:5A:27:F5:34:F9:CE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186B7FAEF78E4BBE40DB33B65DB55606732
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DTBJSj9k6KtTdMwNmPRaJ_U0-c4.roa
Signing time: Mon 06 Mar 2023 17:32:01 +0000
ROA not before: Mon 06 Mar 2023 17:32:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 10:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:fa:ef:78:e4:bb:e4:0d:b3:3b:65:db:55:60:67:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 6 17:32:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d30494a3f64e8ab5374cc0d98f45a27f534f9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:35:0a:19:d4:0a:1c:93:85:c5:5b:a4:e1:a3:
bc:b9:05:75:79:b9:92:3c:63:1b:dd:ef:48:58:15:
9d:1a:78:04:98:cd:8a:a4:cb:96:23:5f:42:53:7a:
53:ef:4e:31:38:ed:49:d9:5f:9b:75:01:d4:38:05:
9f:ad:a8:92:1b:8b:b9:12:be:db:7b:9d:14:2f:fd:
3f:57:81:36:e8:b3:d9:2f:85:7b:3e:c9:bd:99:5b:
76:2b:ec:cd:11:71:06:ac:08:0b:cd:e0:a3:81:0f:
3e:cb:7a:15:af:83:3c:81:54:e4:f7:b6:fe:2c:ee:
5f:9c:f3:ef:af:45:a9:49:8d:2d:ec:a7:63:ce:cc:
65:0b:94:68:de:60:88:87:02:2e:c1:f1:a8:e8:9b:
4b:6c:ae:e7:7f:0a:67:07:ab:d8:75:96:8c:0b:f0:
d3:ee:c6:6d:62:7b:b3:07:c6:b8:3a:de:1f:91:05:
01:bd:52:a0:0c:4a:76:29:ab:95:e4:65:f6:c4:68:
98:11:d9:e8:c8:55:a2:14:f3:06:fe:8e:9b:de:61:
9b:59:08:7a:5d:79:d8:0a:4c:44:48:c2:cb:aa:9f:
dd:4d:b6:ae:1f:17:e2:60:55:e5:75:5d:3a:09:8a:
33:d1:3a:c8:2c:75:05:e3:22:9c:e5:5b:da:be:86:
d6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:30:49:4A:3F:64:E8:AB:53:74:CC:0D:98:F4:5A:27:F5:34:F9:CE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DTBJSj9k6KtTdMwNmPRaJ_U0-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.8.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.126.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
57:5d:d4:4b:0d:8a:0e:e7:a2:1d:d9:78:cb:62:72:63:50:b7:
52:ef:0c:33:b8:95:3d:b2:b1:e0:3c:60:9a:0b:15:c5:ca:52:
03:38:c2:2e:86:40:3b:ce:08:94:ea:fc:c5:db:9c:35:79:6b:
b0:62:a3:30:c3:b3:b1:1d:95:9b:bf:ac:28:39:7b:38:b8:66:
4d:68:da:75:ea:ea:ec:ec:2f:e9:12:63:9d:f6:1f:67:79:e1:
a0:dd:12:68:39:06:01:1f:da:20:86:1d:f5:30:26:9b:e9:03:
f8:1a:ef:7a:fd:b9:aa:c2:74:42:d9:06:48:61:47:e4:5d:54:
d8:bf:56:3e:9e:57:4c:4a:c8:08:cb:a8:ac:20:b2:0b:2f:64:
0a:47:b8:7f:5b:a2:d2:18:c3:a7:7e:af:5c:aa:c6:b3:dc:90:
53:9e:72:63:8b:4e:89:a6:af:bd:52:0a:80:3a:27:14:6b:a8:
99:52:ea:98:bd:28:6f:89:68:bd:f4:00:dc:83:7e:0a:90:60:
b5:60:f2:5d:eb:85:02:da:a2:a1:a1:ef:3c:2b:bf:13:73:73:
f8:ef:42:81:5f:99:ad:5e:9a:58:6c:91:13:22:1d:ac:10:cd:
ef:36:45:17:6f:91:7b:0b:56:30:13:7f:d7:25:8a:9f:f8:c1:
df:cc:68:26
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYa3+u945LvkDbM7ZdtVYGcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA2MTczMjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMwNDk0YTNmNjRlOGFiNTM3NGNjMGQ5OGY0NWEyN2Y1MzRmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTUKGdQKHJOFxVuk4aO8uQV1ebmS
PGMb3e9IWBWdGngEmM2KpMuWI19CU3pT704xOO1J2V+bdQHUOAWfraiSG4u5Er7b
e50UL/0/V4E26LPZL4V7Psm9mVt2K+zNEXEGrAgLzeCjgQ8+y3oVr4M8gVTk97b+
LO5fnPPvr0WpSY0t7KdjzsxlC5Ro3mCIhwIuwfGo6JtLbK7nfwpnB6vYdZaMC/DT
7sZtYnuzB8a4Ot4fkQUBvVKgDEp2KauV5GX2xGiYEdnoyFWiFPMG/o6b3mGbWQh6
XXnYCkxESMLLqp/dTbauHxfiYFXldV06CYoz0TrILHUF4yKc5VvavobWowIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFA0wSUo/ZOirU3TMDZj0Wif1NPnOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRFRCSlNqOWs2S3RUZE13Tm1QUmFKX1UwLWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBADA
fLYDBADBfAgDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXFgME
AMJXGwMEAMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwld+AwQAwleIAwQAwlel
AwQAwlerAwQAwlfGAwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoyMAwDBALDOjQDBAbD
OgADBADDhTcDBADDhcEDBADDhcMDBAHUwAADBAHUwNADBADUwNMDBADUwQADBADU
wQwwDQYJKoZIhvcNAQELBQADggEBAFdd1EsNig7noh3ZeMticmNQt1LvDDO4lT2y
seA8YJoLFcXKUgM4wi6GQDvOCJTq/MXbnDV5a7BiozDDs7EdlZu/rCg5ezi4Zk1o
2nXq6uzsL+kSY532H2d54aDdEmg5BgEf2iCGHfUwJpvpA/ga73r9uarCdELZBkhh
R+RdVNi/Vj6eV0xKyAjLqKwgsgsvZApHuH9botIYw6d+r1yqxrPckFOecmOLTomm
r71SCoA6JxRrqJlS6pi9KG+JaL30ANyDfgqQYLVg8l3rhQLaoqGh7zwrvxNzc/jv
QoFfma1emlhskRMiHawQze82RRdvkXsLVjATf9clip/4wd/MaCY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org