Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Dw2ItYzgc74ill290d6n83tGP0s.roa
File: Dw2ItYzgc74ill290d6n83tGP0s.roa (raw, json)
Hash identifier: SKJlxs4tjJ6/4whrPCVT3IQ8wclcvp5mQCuStGQWkJc=
Subject key identifier: 0F:0D:88:B5:8C:E0:73:BE:22:96:5D:BD:D1:DE:A7:F3:7B:46:3F:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A269B849B1056307E2A2E66FEED37E48C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Dw2ItYzgc74ill290d6n83tGP0s.roa
Signing time: Thu 24 Aug 2023 08:14:00 +0000
ROA not before: Thu 24 Aug 2023 08:14:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.254.0/24 maxlen: 24
195.133.10.0/23 maxlen: 23
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
212.192.13.0/24 maxlen: 24
195.133.56.0/23 maxlen: 23
195.133.52.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:9b:84:9b:10:56:30:7e:2a:2e:66:fe:ed:37:e4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 24 08:14:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f0d88b58ce073be22965dbdd1dea7f37b463f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4a:ac:d3:c7:3b:88:97:16:88:14:f7:21:de:
3d:cd:c6:94:4e:cf:04:be:bc:f1:37:e6:0d:05:d8:
10:e0:55:21:55:15:23:c4:2e:0d:80:97:ac:36:1d:
d0:75:3c:43:46:65:de:39:38:14:b8:05:38:9a:6d:
66:7a:28:1d:2b:92:e8:a1:1e:ac:e4:98:ed:6a:68:
66:95:13:ab:b7:5e:c5:15:85:de:6d:51:cf:f2:35:
b9:0c:2d:59:2a:89:f4:30:ae:94:c8:d5:56:32:f0:
9e:bc:f9:63:ef:c1:6e:ed:bb:1b:e0:e7:39:a0:d6:
e3:dc:31:c2:d1:5d:0b:cc:0e:9a:33:03:12:8a:73:
e0:99:4e:18:f2:01:d6:8a:65:11:0b:fa:f7:35:ab:
07:b7:51:89:6e:13:06:ae:3a:fc:2c:38:e6:c1:31:
ab:0f:43:9d:be:52:52:fb:3f:be:59:98:05:9d:b4:
bb:1b:45:fd:a2:3d:24:bd:25:9f:0e:42:6e:f1:68:
2a:96:cc:de:73:da:f4:d3:73:54:2d:2f:db:3e:f9:
09:42:e0:65:cc:da:1c:a1:ea:6d:0e:d1:01:e4:65:
89:6f:d5:48:65:ad:15:2d:fa:27:0c:06:3f:32:e0:
78:81:e3:c1:0f:7b:c9:86:0c:dc:db:7b:81:d3:6c:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:0D:88:B5:8C:E0:73:BE:22:96:5D:BD:D1:DE:A7:F3:7B:46:3F:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Dw2ItYzgc74ill290d6n83tGP0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
193.124.36.0/24
193.124.254.0/24
194.87.118.0/23
194.135.32.0/24
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.56.0/23
195.133.59.0/24
212.192.13.0/24
Signature Algorithm: sha256WithRSAEncryption
67:46:74:9b:35:e9:4d:b9:de:3e:92:1f:85:da:38:92:94:93:
5f:08:79:9e:e0:d9:51:1e:48:d2:b4:f8:25:36:b1:cc:05:73:
18:8b:eb:bf:ac:24:cb:55:3c:a2:c7:8c:65:c7:f2:10:f4:38:
7f:a3:67:72:aa:71:b7:02:53:5c:fc:fa:00:66:38:99:79:13:
77:55:43:e4:20:cd:5a:92:e0:a4:31:a5:47:ad:87:b9:fb:e6:
c8:83:c7:ac:e4:27:da:fe:ec:66:3f:83:16:08:2a:34:12:a0:
08:93:1e:79:73:c1:c5:75:8d:f7:b4:25:aa:11:ad:06:1c:e7:
c6:04:91:af:59:60:6c:bc:40:2b:72:76:cf:d1:aa:68:a7:88:
a0:98:1f:ab:88:0f:b1:3d:1a:f6:31:da:57:e5:26:43:3d:0e:
e3:06:13:29:c8:6d:52:00:33:31:3e:8d:16:69:01:99:87:6f:
2b:55:3c:a5:14:aa:d8:a8:b4:ca:8a:55:31:6c:66:4e:aa:af:
4c:ce:5f:e1:54:97:58:9c:4e:13:67:5a:bc:c8:5d:f0:5c:f2:
1c:e6:92:10:12:bb:6f:ea:d1:e1:a9:cd:b1:30:94:00:b3:ba:
59:9a:c6:49:80:2f:26:33:59:09:76:2b:40:39:2d:8e:8d:ec:
a5:43:aa:96
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYomm4SbEFYwfiouZv7tN+SMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI0MDgxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjBkODhiNThjZTA3M2JlMjI5NjVkYmRkMWRlYTdmMzdiNDYzZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokqs08c7iJcWiBT3Id49zcaUTs8E
vrzxN+YNBdgQ4FUhVRUjxC4NgJesNh3QdTxDRmXeOTgUuAU4mm1meigdK5LooR6s
5JjtamhmlROrt17FFYXebVHP8jW5DC1ZKon0MK6UyNVWMvCevPlj78Fu7bsb4Oc5
oNbj3DHC0V0LzA6aMwMSinPgmU4Y8gHWimURC/r3NasHt1GJbhMGrjr8LDjmwTGr
D0OdvlJS+z++WZgFnbS7G0X9oj0kvSWfDkJu8Wgqlszec9r003NULS/bPvkJQuBl
zNocoeptDtEB5GWJb9VIZa0VLfonDAY/MuB4gePBD3vJhgzc23uB02wUSwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFA8NiLWM4HO+IpZdvdHep/N7Rj9LMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRHcySXRZemdjNzRpbGwyOTBkNm44M3RHUDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAuUgKAwQA
wXwkAwQAwXz+AwQBwld2AwQAwocgAwQBw4UKAwQBw4UaAwQBw4U0AwQBw4U4AwQA
w4U7AwQA1MANMA0GCSqGSIb3DQEBCwUAA4IBAQBnRnSbNelNud4+kh+F2jiSlJNf
CHme4NlRHkjStPglNrHMBXMYi+u/rCTLVTyix4xlx/IQ9Dh/o2dyqnG3AlNc/PoA
ZjiZeRN3VUPkIM1akuCkMaVHrYe5++bIg8es5Cfa/uxmP4MWCCo0EqAIkx55c8HF
dY33tCWqEa0GHOfGBJGvWWBsvEArcnbP0apop4igmB+riA+xPRr2MdpX5SZDPQ7j
BhMpyG1SADMxPo0WaQGZh28rVTylFKrYqLTKilUxbGZOqq9Mzl/hVJdYnE4TZ1q8
yF3wXPIc5pIQErtv6tHhqc2xMJQAs7pZmsZJgC8mM1kJditAOS2OjeylQ6qW
-----END CERTIFICATE-----
Generated at Mon Sep 4 12:48:08 2023 by rpki-client on console-ams.rpki-client.org