Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KIDkg2iP2ggGTA5Zi3r8x3rivcs.roa
File: KIDkg2iP2ggGTA5Zi3r8x3rivcs.roa (raw, json)
Hash identifier: CaylGty91oXU6w+iP4HNpr94EM34dH+nRRfIcxtZkUE=
Subject key identifier: 28:80:E4:83:68:8F:DA:08:06:4C:0E:59:8B:7A:FC:C7:7A:E2:BD:CB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018625656F48F6DDDDB57615BAF84E0C46C5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KIDkg2iP2ggGTA5Zi3r8x3rivcs.roa
Signing time: Mon 06 Feb 2023 06:24:09 +0000
ROA not before: Mon 06 Feb 2023 06:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:65:6f:48:f6:dd:dd:b5:76:15:ba:f8:4e:0c:46:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 6 06:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2880e483688fda08064c0e598b7afcc77ae2bdcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:76:74:3c:9e:10:b4:07:e9:3b:29:61:03:b7:
93:5e:c5:ce:05:0a:35:a2:8c:21:d6:fa:73:ac:a9:
67:df:c4:f0:43:b5:55:de:f9:fb:24:66:d8:7b:03:
5b:48:3c:e5:1c:0c:67:f6:f5:fd:d2:88:14:82:29:
9c:06:0b:10:3b:a1:5a:fb:4d:e5:9c:ff:28:ba:c3:
b8:13:3e:e5:44:ce:ed:12:ca:6f:29:61:02:cc:a7:
3b:fd:99:c4:08:c8:d9:7b:f4:f1:65:4d:cb:ad:0b:
cb:7b:54:7e:58:90:a4:6e:5f:47:ba:ca:3a:a4:8f:
36:91:31:27:ac:c3:ad:3e:84:d0:47:bc:cd:a5:4d:
c6:45:b1:dc:84:b2:8b:20:47:3e:1c:72:e3:0b:6a:
a8:91:0f:ef:d6:63:dc:51:c3:57:45:75:50:e0:1b:
dc:ef:6a:7b:d8:9e:02:0d:c1:52:83:82:d4:94:bb:
6d:51:cd:0b:80:46:48:d7:d1:98:34:ba:55:2c:7d:
60:c2:ac:95:0d:cc:06:3e:5b:a8:2a:54:2f:fd:35:
38:13:bf:7c:b7:31:11:ea:a3:e2:82:f8:0e:50:b3:
6e:8c:1c:82:49:10:86:56:de:99:8e:f3:16:89:58:
c9:d1:47:a7:10:88:2e:09:04:22:a7:7e:97:19:17:
64:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:80:E4:83:68:8F:DA:08:06:4C:0E:59:8B:7A:FC:C7:7A:E2:BD:CB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KIDkg2iP2ggGTA5Zi3r8x3rivcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.188.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.84.0/24
194.87.86.0/24
194.87.187.0/24
195.133.13.0-195.133.14.255
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:00:43:64:a5:7d:10:80:04:46:32:bf:3f:eb:be:25:39:7f:
3e:56:30:4e:89:92:f6:fb:52:29:7b:64:7f:f5:d5:7e:72:c3:
64:28:0b:94:79:50:e0:7a:54:97:8f:1f:8a:d4:ce:f4:aa:27:
bf:93:ed:33:7b:08:2f:54:99:4c:f8:d2:29:6d:48:f2:b9:01:
e7:50:69:de:2d:15:8b:86:9a:5c:79:d8:fd:50:7d:25:11:b2:
ef:54:17:fc:9f:fc:f2:82:fa:55:01:50:98:b8:62:4f:95:68:
3a:59:d0:dd:44:0e:bf:d6:22:20:1f:8d:42:11:e0:29:66:16:
98:44:5a:ba:e3:c6:2b:bd:88:f5:dc:b8:eb:a9:4d:be:73:4c:
be:1f:2d:b0:a2:7b:12:0f:97:6c:2d:89:1e:c3:e2:a7:75:6f:
33:4a:11:53:b0:93:97:93:70:3a:c9:87:de:f5:06:76:81:6b:
2e:f5:86:aa:09:e3:63:4d:1a:77:18:ba:2b:3c:b1:d8:63:0e:
28:af:bf:1e:0b:08:f4:45:16:74:cb:6a:80:67:8f:d1:82:7b:
7b:03:de:6f:a2:f8:79:b0:d9:b7:ab:14:6b:6b:e9:8d:43:46:
29:0c:69:73:b2:72:3b:2b:08:69:c7:71:0c:24:80:8a:1f:14:
91:52:69:ce
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYYlZW9I9t3dtXYVuvhODEbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA2MDYyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODgwZTQ4MzY4OGZkYTA4MDY0YzBlNTk4YjdhZmNjNzdhZTJiZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXZ0PJ4QtAfpOylhA7eTXsXOBQo1
oowh1vpzrKln38TwQ7VV3vn7JGbYewNbSDzlHAxn9vX90ogUgimcBgsQO6Fa+03l
nP8ousO4Ez7lRM7tEspvKWECzKc7/ZnECMjZe/TxZU3LrQvLe1R+WJCkbl9Huso6
pI82kTEnrMOtPoTQR7zNpU3GRbHchLKLIEc+HHLjC2qokQ/v1mPcUcNXRXVQ4Bvc
72p72J4CDcFSg4LUlLttUc0LgEZI19GYNLpVLH1gwqyVDcwGPluoKlQv/TU4E798
tzER6qPigvgOULNujByCSRCGVt6ZjvMWiVjJ0UenEIguCQQip36XGRdkqwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCiA5INoj9oIBkwOWYt6/Md64r3LMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0lEa2cyaVAyZ2dHVEE1Wmkzcjh4M3JpdmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAwHy8AwQA
wXzjAwQAwlX5AwQAwlX7AwQAwldUAwQAwldWAwQAwle7MAwDBADDhQ0DBADDhQ4D
BADDhSUwDAMEAMOFJwMEAsOFKAMEANTABAMEANTA8AMEANTBHAMEANTBHzANBgkq
hkiG9w0BAQsFAAOCAQEAHwBDZKV9EIAERjK/P+u+JTl/PlYwTomS9vtSKXtkf/XV
fnLDZCgLlHlQ4HpUl48fitTO9Konv5PtM3sIL1SZTPjSKW1I8rkB51Bp3i0Vi4aa
XHnY/VB9JRGy71QX/J/88oL6VQFQmLhiT5VoOlnQ3UQOv9YiIB+NQhHgKWYWmERa
uuPGK72I9dy466lNvnNMvh8tsKJ7Eg+XbC2JHsPip3VvM0oRU7CTl5NwOsmH3vUG
doFrLvWGqgnjY00adxi6Kzyx2GMOKK+/HgsI9EUWdMtqgGeP0YJ7ewPeb6L4ebDZ
t6sUa2vpjUNGKQxpc7JyOysIacdxDCSAih8UkVJpzg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:01 2023 by rpki-client on console-fra.rpki-client.org