Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EEcqNIwaDSCBPpYyXlbwc-sh53k.roa
File: EEcqNIwaDSCBPpYyXlbwc-sh53k.roa (raw, json)
Hash identifier: YVHOw38NGuCnQEDfHAYeTyvlF2Q3SXY2gDO16o4wt2k=
Subject key identifier: 10:47:2A:34:8C:1A:0D:20:81:3E:96:32:5E:56:F0:73:EB:21:E7:79
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189BBED4CE892725BE279906F5A5C71890A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EEcqNIwaDSCBPpYyXlbwc-sh53k.roa
Signing time: Thu 03 Aug 2023 15:03:58 +0000
ROA not before: Thu 03 Aug 2023 15:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 193.124.227.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:ed:4c:e8:92:72:5b:e2:79:90:6f:5a:5c:71:89:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 3 15:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10472a348c1a0d20813e96325e56f073eb21e779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ed:47:2a:55:e5:8d:b3:30:bb:84:a3:d0:6b:
d7:49:09:ed:fc:c4:99:21:7e:aa:1c:6e:cb:61:e3:
d6:2e:c7:0c:c6:c0:8d:fb:87:cf:20:36:6d:ba:b7:
26:48:b0:6f:47:a0:b3:3d:75:c7:0a:c1:42:18:04:
2d:da:e9:c9:c3:c6:c6:2f:7e:9a:26:fa:cd:56:aa:
19:5a:d0:e2:1f:25:f2:ce:7a:7a:76:c5:6a:65:52:
ed:9c:1e:7c:9a:77:69:8f:1e:f4:05:85:ff:11:b7:
99:77:76:b3:17:50:9a:30:43:f4:7b:da:76:40:75:
95:c6:35:15:d2:44:91:8f:76:02:24:a8:01:03:0e:
86:92:fc:bf:34:6d:68:1b:29:48:63:d3:53:e3:ab:
b2:7e:f2:17:10:b6:ad:37:fa:d9:2d:98:59:21:e4:
ef:19:42:c5:6c:79:58:06:77:aa:cb:18:85:77:75:
13:f6:df:36:c7:4e:08:c6:e5:09:20:20:f0:d7:7b:
cb:33:60:48:b4:2a:be:ea:89:fa:c9:eb:b2:06:eb:
cb:7b:06:c0:26:21:3d:c1:6d:f7:4f:39:96:37:c4:
8c:ea:e5:99:e6:83:d6:21:ba:64:93:16:02:af:dc:
8d:b3:ed:23:2e:4b:db:96:0a:2a:b8:6c:80:a2:c3:
88:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:47:2A:34:8C:1A:0D:20:81:3E:96:32:5E:56:F0:73:EB:21:E7:79
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EEcqNIwaDSCBPpYyXlbwc-sh53k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.18.0/24
193.124.49.0/24
193.124.227.0/24
194.87.23.0/24
194.87.53.0/24
194.87.160.0/24
194.87.230.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0/24
195.133.37.0/24
212.192.10.0/24
212.192.249.0/24
Signature Algorithm: sha256WithRSAEncryption
63:75:07:43:22:12:03:9d:b6:99:c8:45:4c:c1:44:d5:36:28:
1a:d9:fb:41:ee:25:86:f4:e9:fe:43:ec:36:80:e0:f3:1c:a5:
d6:b6:7b:4a:28:b5:56:e8:a4:dc:0f:74:89:a1:e5:65:70:ae:
ec:cb:46:20:10:80:93:79:4f:f8:70:08:84:53:06:88:29:ea:
0b:af:06:c5:48:78:ff:68:bc:22:6d:ed:2d:4b:97:a5:a5:08:
69:ec:ec:71:22:14:2c:3e:a6:86:48:f9:2c:45:75:1f:49:fa:
c8:a2:65:92:b0:47:c9:ba:77:b3:42:6e:46:77:4f:8a:3a:d3:
16:83:06:96:a2:99:8d:34:11:cd:f9:99:6c:9f:89:25:77:5f:
b9:72:dd:97:e7:b5:47:0e:1f:31:7a:9a:0d:c7:a2:a7:12:33:
31:96:1f:bd:43:ec:84:84:56:8f:31:e2:69:d1:d3:30:80:24:
7f:d6:b5:de:a7:20:1e:e9:c6:62:ae:4c:d3:03:04:2c:b7:4c:
c7:6c:de:a7:e1:d5:20:32:14:6b:ba:05:8a:6f:2d:57:d9:7a:
cb:e0:2c:30:1e:e2:74:87:9a:2c:a7:46:76:ca:fb:d4:63:74:
21:06:dd:59:17:2b:4c:ff:78:67:fd:93:b8:56:b1:4b:77:86:
82:80:91:04
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYm77UzoknJb4nmQb1pccYkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAzMTUwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDQ3MmEzNDhjMWEwZDIwODEzZTk2MzI1ZTU2ZjA3M2ViMjFlNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO1HKlXljbMwu4Sj0GvXSQnt/MSZ
IX6qHG7LYePWLscMxsCN+4fPIDZturcmSLBvR6CzPXXHCsFCGAQt2unJw8bGL36a
JvrNVqoZWtDiHyXyznp6dsVqZVLtnB58mndpjx70BYX/EbeZd3azF1CaMEP0e9p2
QHWVxjUV0kSRj3YCJKgBAw6Gkvy/NG1oGylIY9NT46uyfvIXELatN/rZLZhZIeTv
GULFbHlYBneqyxiFd3UT9t82x04IxuUJICDw13vLM2BItCq+6on6yeuyBuvLewbA
JiE9wW33TzmWN8SM6uWZ5oPWIbpkkxYCr9yNs+0jLkvblgoquGyAosOIywIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBBHKjSMGg0ggT6WMl5W8HPrIed5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRUVjcU5Jd2FEU0NCUHBZeVhsYndjLXNoNTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwlegAwQAwlfmAwQAwlfwAwQA
wlfzAwQAwocXAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQBj
dQdDIhIDnbaZyEVMwUTVNiga2ftB7iWG9On+Q+w2gODzHKXWtntKKLVW6KTcD3SJ
oeVlcK7sy0YgEICTeU/4cAiEUwaIKeoLrwbFSHj/aLwibe0tS5elpQhp7OxxIhQs
PqaGSPksRXUfSfrIomWSsEfJunezQm5Gd0+KOtMWgwaWopmNNBHN+Zlsn4kld1+5
ct2X57VHDh8xepoNx6KnEjMxlh+9Q+yEhFaPMeJp0dMwgCR/1rXepyAe6cZirkzT
AwQst0zHbN6n4dUgMhRrugWKby1X2XrL4CwwHuJ0h5osp0Z2yvvUY3QhBt1ZFytM
/3hn/ZO4VrFLd4aCgJEE
-----END CERTIFICATE-----
Generated at Fri Aug 4 13:11:31 2023 by rpki-client on console-fra.rpki-client.org