Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H1uxmwwUMz0m5f48pCTyXQ5xZjs.roa
File: H1uxmwwUMz0m5f48pCTyXQ5xZjs.roa (raw, json)
Hash identifier: JNQulBlAKB25us/MwY2AqN/eaBpjbl51oEc8qzaPP38=
Subject key identifier: 1F:5B:B1:9B:0C:14:33:3D:26:E5:FE:3C:A4:24:F2:5D:0E:71:66:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186030B758C21F8661BD9AF95B2D413C5B5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H1uxmwwUMz0m5f48pCTyXQ5xZjs.roa
Signing time: Mon 30 Jan 2023 14:18:47 +0000
ROA not before: Mon 30 Jan 2023 14:18:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.8.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:0b:75:8c:21:f8:66:1b:d9:af:95:b2:d4:13:c5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 30 14:18:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f5bb19b0c14333d26e5fe3ca424f25d0e71663b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:11:7c:bf:34:4a:b0:9e:65:d3:fe:cf:a8:7c:
39:7c:b2:c4:e8:d7:ca:24:61:41:5a:b9:03:e7:af:
87:fb:e3:c3:5f:5f:98:ec:8c:d9:ce:9d:6c:2f:6e:
2e:10:04:2a:02:a7:33:8b:3b:ad:53:f6:33:10:6a:
bb:a2:1c:59:18:09:f2:94:42:4d:c4:af:ab:99:68:
dd:6e:97:57:45:dd:d4:b6:d7:42:9e:f6:ef:b0:68:
e6:74:42:f2:e9:5c:79:c7:9b:93:40:53:45:b9:1c:
9b:85:f0:d3:12:a0:80:67:95:cf:d2:52:e9:1d:a4:
18:5b:1f:eb:12:49:f0:97:59:2d:b3:47:4d:f6:5e:
f1:28:46:2f:da:36:b8:77:f0:c5:5b:10:f5:2d:29:
d8:e3:41:d4:35:e0:66:93:34:04:f7:e7:cc:52:eb:
99:08:16:30:7f:4a:5b:49:2a:44:4a:ba:de:f4:8a:
75:88:4d:fe:77:2d:d3:4a:a1:66:c0:b9:e3:5f:70:
ca:d9:74:4f:8e:ee:01:d6:92:db:57:18:bf:bc:10:
3b:48:8f:76:fc:a3:db:c6:8c:25:c5:e3:41:4f:fa:
d7:b5:9b:c7:bc:06:c3:c9:df:4f:47:eb:06:7e:83:
85:95:18:fa:f3:ff:e5:6c:7a:42:ee:90:6e:8a:c5:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5B:B1:9B:0C:14:33:3D:26:E5:FE:3C:A4:24:F2:5D:0E:71:66:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H1uxmwwUMz0m5f48pCTyXQ5xZjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
192.124.182.0/23
193.124.8.0/24
193.124.16.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.6.0/24
194.87.17.0/24
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.122.0/23
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.160.0/24
194.87.165.0/24
194.87.171.0/24
194.87.177.0/24
194.87.198.0/23
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
50:4c:b1:28:e6:6f:9c:46:9f:be:dc:25:1a:92:0a:f7:5a:4d:
45:e8:a8:5b:39:4b:9a:a0:90:ac:c2:37:f7:db:89:4d:ba:bd:
c3:f5:98:c8:ee:fd:f3:39:d0:55:a8:eb:e7:6e:8a:ba:95:cb:
84:39:82:37:71:ac:e0:bf:c1:55:a7:f8:0b:45:39:ea:c3:8c:
61:d7:c3:1d:0d:d3:b8:6b:19:a7:a9:6e:41:62:77:40:9a:51:
fc:aa:00:8f:50:84:a7:2a:76:41:4f:66:cd:5b:dd:cf:73:89:
1f:6f:75:45:cb:a0:66:03:b8:a5:a7:76:6a:6d:0f:e3:40:cb:
ac:51:95:d1:72:f9:cd:32:33:eb:f5:fe:79:e1:55:99:dd:44:
91:3e:3c:ef:66:b2:33:33:ae:c1:15:3c:23:f6:6b:3b:d6:ec:
54:a6:85:03:fe:ce:5f:2a:23:95:fb:10:e0:7a:29:a6:f0:58:
88:cf:7e:25:ba:d0:d0:33:2e:b2:c5:6e:0c:96:35:5c:c1:05:
ef:73:19:b1:50:3a:af:22:17:60:11:c0:fa:4e:82:1e:d7:d4:
7c:37:4e:40:22:b8:b0:b5:55:41:55:75:7b:34:93:c3:0f:2f:
e5:70:3e:97:f5:79:15:2f:f8:24:5a:86:71:55:9f:5b:47:9e:
66:42:06:b3
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYYDC3WMIfhmG9mvlbLUE8W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMwMTQxODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjViYjE5YjBjMTQzMzNkMjZlNWZlM2NhNDI0ZjI1ZDBlNzE2NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRF8vzRKsJ5l0/7PqHw5fLLE6NfK
JGFBWrkD56+H++PDX1+Y7IzZzp1sL24uEAQqAqczizutU/YzEGq7ohxZGAnylEJN
xK+rmWjdbpdXRd3UttdCnvbvsGjmdELy6Vx5x5uTQFNFuRybhfDTEqCAZ5XP0lLp
HaQYWx/rEknwl1kts0dN9l7xKEYv2ja4d/DFWxD1LSnY40HUNeBmkzQE9+fMUuuZ
CBYwf0pbSSpESrre9Ip1iE3+dy3TSqFmwLnjX3DK2XRPju4B1pLbVxi/vBA7SI92
/KPbxowlxeNBT/rXtZvHvAbDyd9PR+sGfoOFlRj68//lbHpC7pBuisWqmQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFB9bsZsMFDM9JuX+PKQk8l0OcWY7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSDF1eG13d1VNejBtNWY0OHBDVHlYUTV4WmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAMB8rAMEAcB8tgMEAMF8CAMEAMF8EAMEAMF8hQMEAMF8ywMEAMI6KjAMAwQA
wjotAwQEwjogAwQAwlcGAwQAwlcRAwQAwlcWAwQAwlcbAwQAwldSMAwDBAHCV3ID
BADCV3QDBADCV3YDBAHCV3oDBADCV34DBADCV4gDBAHCV4oDBADCV6ADBADCV6UD
BADCV6sDBADCV7EDBAHCV8YDBAHCV9ADBAHCV94DBADCV+kDBADDOjIwDAMEAsM6
NAMEBsM6AAMEAMOFDAMEAMOFNwMEAMOFXgMEAMOFwQMEAMOFwwMEAdTAAAMEAdTA
0AMEANTA0wMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEAUEyxKOZvnEaf
vtwlGpIK91pNReioWzlLmqCQrMI399uJTbq9w/WYyO798znQVajr526KupXLhDmC
N3Gs4L/BVaf4C0U56sOMYdfDHQ3TuGsZp6luQWJ3QJpR/KoAj1CEpyp2QU9mzVvd
z3OJH291RcugZgO4pad2am0P40DLrFGV0XL5zTIz6/X+eeFVmd1EkT4872ayMzOu
wRU8I/ZrO9bsVKaFA/7OXyojlfsQ4HoppvBYiM9+JbrQ0DMussVuDJY1XMEF73MZ
sVA6ryIXYBHA+k6CHtfUfDdOQCK4sLVVQVV1ezSTww8v5XA+l/V5FS/4JFqGcVWf
W0eeZkIGsw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org