Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K0qv1n21tRTvpHviEJVi7E64kOM.roa
File: K0qv1n21tRTvpHviEJVi7E64kOM.roa (raw, json)
Hash identifier: 4HF57/zlYppHWnGWSB7RKc5ENGkFDvjUBDq/AQzLbH8=
Subject key identifier: 2B:4A:AF:D6:7D:B5:B5:14:EF:A4:7B:E2:10:95:62:EC:4E:B8:90:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188999F938E5C8A6D1A9B7F36C701B4D193
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K0qv1n21tRTvpHviEJVi7E64kOM.roa
Signing time: Thu 08 Jun 2023 06:09:12 +0000
ROA not before: Thu 08 Jun 2023 06:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.27.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:9f:93:8e:5c:8a:6d:1a:9b:7f:36:c7:01:b4:d1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 8 06:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b4aafd67db5b514efa47be2109562ec4eb890e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e2:65:7e:97:68:18:50:77:cb:0d:a1:a0:e8:
fc:b9:d5:9f:50:fa:20:5a:86:89:14:a2:3c:44:a4:
12:c3:15:e1:8c:d0:f2:a1:cc:46:ae:c4:bf:87:f3:
99:2f:3e:db:ed:d5:61:94:78:9b:ba:61:9d:4a:bc:
71:ed:8e:ca:df:7c:59:34:b1:f0:67:22:2b:ff:5a:
ce:4e:06:72:98:c4:94:08:dc:de:0a:b5:e7:8c:f2:
5a:54:04:e8:36:a2:a6:77:5c:ba:78:f1:dc:f1:40:
88:99:fd:7a:c3:4a:2a:b6:91:b1:34:3f:92:7e:77:
5d:f8:b8:b1:7a:ed:7b:ab:25:48:ad:a4:db:46:37:
93:28:dd:c0:9a:e8:a0:e3:0c:5d:3d:9d:03:35:52:
bc:2a:3c:a0:ca:07:fb:0a:ca:da:2f:d3:a6:b8:57:
fe:9b:e4:97:85:4e:ea:99:f8:5b:c3:3f:f6:27:7b:
1b:6b:db:b3:11:4b:a0:11:42:a7:58:97:f9:0f:40:
ed:2c:a5:29:c0:50:6c:a1:02:23:48:35:9b:d2:15:
e0:89:5b:df:34:2a:1f:b0:17:33:a7:5d:26:36:7a:
36:a1:5f:ab:2b:df:ee:95:09:0a:4b:05:0a:33:a0:
88:16:ed:16:86:15:35:7a:7e:af:bd:2a:aa:a5:f2:
33:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4A:AF:D6:7D:B5:B5:14:EF:A4:7B:E2:10:95:62:EC:4E:B8:90:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K0qv1n21tRTvpHviEJVi7E64kOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.136.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.56.0/21
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
41:7f:96:c3:6a:ce:df:ad:2b:c5:a0:ed:88:bb:e9:15:78:c8:
57:fc:dd:ed:fa:9a:c4:cc:55:b6:b0:1b:4e:c7:ef:8d:2f:17:
a0:9a:ee:ba:3b:60:e5:cd:7c:6f:3a:c2:ef:1f:ca:ce:dd:22:
3b:9c:3f:77:b7:09:2f:83:0f:7a:1b:30:1b:75:5d:da:65:02:
50:61:75:77:c1:95:85:e1:00:19:26:76:19:02:23:a9:e9:f5:
15:b5:ac:b3:4a:c2:16:4a:b7:e2:6d:c6:78:5e:f4:1a:17:e0:
76:df:11:74:14:d1:a9:56:a2:e7:22:55:bf:91:3e:bc:99:db:
40:02:dd:42:90:04:3d:11:e6:23:2a:9f:b6:b8:8f:26:eb:70:
aa:f4:5d:ba:a6:ed:af:1e:65:b0:8f:5d:db:40:c9:69:3b:30:
38:f3:69:63:01:9e:f3:ad:6c:93:de:6b:da:ff:48:97:77:68:
1e:21:fd:b3:f3:63:0b:4f:5c:ef:5d:9b:63:2a:2e:77:ac:79:
75:f7:6e:a9:3f:26:28:87:3d:54:f6:10:24:dc:a2:54:6f:b6:
44:83:04:4d:32:0b:43:16:9e:0a:c4:b4:85:50:76:74:39:31:
29:93:2d:98:0f:82:57:4b:7c:25:79:4c:3d:c0:06:f7:40:6e:
cb:ee:16:9c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYiZn5OOXIptGpt/NscBtNGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA4MDYwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRhYWZkNjdkYjViNTE0ZWZhNDdiZTIxMDk1NjJlYzRlYjg5MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOJlfpdoGFB3yw2hoOj8udWfUPog
WoaJFKI8RKQSwxXhjNDyocxGrsS/h/OZLz7b7dVhlHibumGdSrxx7Y7K33xZNLHw
ZyIr/1rOTgZymMSUCNzeCrXnjPJaVAToNqKmd1y6ePHc8UCImf16w0oqtpGxND+S
fndd+Lixeu17qyVIraTbRjeTKN3Amuig4wxdPZ0DNVK8Kjygygf7CsraL9OmuFf+
m+SXhU7qmfhbwz/2J3sba9uzEUugEUKnWJf5D0DtLKUpwFBsoQIjSDWb0hXgiVvf
NCofsBczp10mNno2oV+rK9/ulQkKSwUKM6CIFu0WhhU1en6vvSqqpfIzMwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFCtKr9Z9tbUU76R74hCVYuxOuJDjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSzBxdjFuMjF0UlR2cEh2aUVKVmk3RTY0a09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAwXzLMAwD
BADCOi0DBATCOiADBADCVxsDBADCV4gDBADCV8YDBAHCV9ADBAHCV94DBAPDOjgD
BADDhTcDBADDhcMDBAHUwAADBADUwQAwDQYJKoZIhvcNAQELBQADggEBAEF/lsNq
zt+tK8Wg7Yi76RV4yFf83e36msTMVbawG07H740vF6Ca7ro7YOXNfG86wu8fys7d
IjucP3e3CS+DD3obMBt1XdplAlBhdXfBlYXhABkmdhkCI6np9RW1rLNKwhZKt+Jt
xnhe9BoX4HbfEXQU0alWouciVb+RPryZ20AC3UKQBD0R5iMqn7a4jybrcKr0Xbqm
7a8eZbCPXdtAyWk7MDjzaWMBnvOtbJPea9r/SJd3aB4h/bPzYwtPXO9dm2MqLnes
eXX3bqk/JiiHPVT2ECTcolRvtkSDBE0yC0MWngrEtIVQdnQ5MSmTLZgPgldLfCV5
TD3ABvdAbsvuFpw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:01 2023 by rpki-client on console-fra.rpki-client.org