Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KuDCmKrpqQfaPdbXldxYjmvUCAM.roa
File: KuDCmKrpqQfaPdbXldxYjmvUCAM.roa (raw, json)
Hash identifier: 9qXbcZMZQCF5CZoEdz9+6q1MQUBn+syFidbulxWLB0M=
Subject key identifier: 2A:E0:C2:98:AA:E9:A9:07:DA:3D:D6:D7:95:DC:58:8E:6B:D4:08:03
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186A7B54A676EA927C7588F00B08C20FED0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KuDCmKrpqQfaPdbXldxYjmvUCAM.roa
Signing time: Fri 03 Mar 2023 13:42:01 +0000
ROA not before: Fri 03 Mar 2023 13:42:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.120.0/23 maxlen: 24
195.133.9.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:b5:4a:67:6e:a9:27:c7:58:8f:00:b0:8c:20:fe:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 3 13:42:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ae0c298aae9a907da3dd6d795dc588e6bd40803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:39:30:37:06:e8:23:46:7d:2c:df:32:81:b0:
c6:46:39:07:b8:b6:1b:94:eb:1c:ff:3f:42:89:26:
1e:82:a9:6d:c9:0c:46:de:65:dc:72:07:92:b2:90:
c0:69:a7:e1:62:03:61:5e:9c:b6:4e:68:1e:45:f1:
5e:bc:18:c6:03:f6:a3:cc:4b:bc:0d:c8:da:43:1a:
62:82:e4:36:9d:dd:e8:a2:73:79:e6:5d:7e:d3:ec:
24:00:f2:60:2b:04:5e:73:cc:fd:26:10:9f:0b:b6:
d5:44:3c:0f:d3:8e:06:45:d7:b9:a8:3c:db:4e:9c:
ae:f0:05:b6:23:dc:f4:8b:69:0c:92:90:9f:c4:27:
89:5d:76:74:6b:9a:64:e3:88:62:57:cd:32:16:16:
60:57:16:1c:47:8e:9a:e9:a8:21:56:a5:54:e2:66:
5f:ec:3c:33:d9:14:61:f0:c7:0f:6e:b7:6e:fa:38:
29:42:66:67:25:d2:27:e0:62:fa:36:06:f8:bd:2f:
2c:08:a9:ba:8a:a5:ab:57:8b:a9:d1:2c:f6:38:58:
5c:55:04:a4:e8:4a:8d:c0:c8:76:5c:a7:62:74:cd:
ea:e7:ae:43:b8:e7:f6:c2:af:72:c3:19:1f:5c:73:
55:2d:d1:1b:c8:34:71:06:f1:31:9a:0e:91:e6:1e:
6c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E0:C2:98:AA:E9:A9:07:DA:3D:D6:D7:95:DC:58:8E:6B:D4:08:03
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KuDCmKrpqQfaPdbXldxYjmvUCAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.120.0/23
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.26.0/23
195.133.59.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
22:bf:b4:be:c5:ad:b0:15:63:d8:e9:1f:67:d4:92:ed:28:7b:
8a:3f:af:62:e2:b3:20:c7:48:17:0f:33:03:1a:2a:4d:f3:e4:
bb:17:1c:0b:22:b9:96:86:15:6d:88:83:c1:b0:4e:69:49:a5:
03:f1:41:c1:60:a2:4d:b4:01:26:89:24:71:0b:c9:65:c2:7a:
7f:fc:db:db:45:fc:a5:d3:2f:97:0b:61:69:03:c4:cc:1f:47:
ec:4d:78:a5:ab:9c:97:37:fe:0a:73:69:b4:dc:d7:c4:63:df:
fb:6c:be:cc:a9:61:d9:0e:fb:f3:eb:0d:f9:eb:4c:7f:42:f6:
74:f3:d4:5e:4d:00:58:99:de:95:7b:57:26:82:b6:66:f7:dc:
67:b5:0a:63:68:1d:30:4d:21:12:83:50:ed:dc:ab:ac:21:a5:
61:49:97:d7:ec:33:ed:85:84:e7:85:7a:ba:ea:73:29:2b:7a:
78:22:9b:7e:51:53:01:54:69:d4:ca:b0:ba:7a:d5:a7:d4:c3:
b1:2c:58:da:17:1f:0f:1a:5d:39:e1:df:84:f5:cb:fd:f0:01:
3a:c7:22:fd:58:2a:5f:1c:db:6d:88:10:98:80:d3:7b:50:78:
39:01:81:fd:ea:36:33:eb:08:36:ea:40:38:8b:08:60:29:08:
71:01:54:4f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYantUpnbqknx1iPALCMIP7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAzMTM0MjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWUwYzI5OGFhZTlhOTA3ZGEzZGQ2ZDc5NWRjNTg4ZTZiZDQwODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzkwNwboI0Z9LN8ygbDGRjkHuLYb
lOsc/z9CiSYegqltyQxG3mXccgeSspDAaafhYgNhXpy2TmgeRfFevBjGA/ajzEu8
DcjaQxpiguQ2nd3oonN55l1+0+wkAPJgKwRec8z9JhCfC7bVRDwP044GRde5qDzb
Tpyu8AW2I9z0i2kMkpCfxCeJXXZ0a5pk44hiV80yFhZgVxYcR46a6aghVqVU4mZf
7Dwz2RRh8McPbrdu+jgpQmZnJdIn4GL6Ngb4vS8sCKm6iqWrV4up0Sz2OFhcVQSk
6EqNwMh2XKdidM3q565DuOf2wq9ywxkfXHNVLdEbyDRxBvExmg6R5h5snQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCrgwpiq6akH2j3W15XcWI5r1AgDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS3VEQ21LcnBxUWZhUGRiWGxkeFlqbXZVQ0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBwld4AwQA
wlfhAwQAwocgAwQAwocmAwQAwodoAwQAw4UJAwQAw4UVAwQBw4UaAwQAw4U7AwQC
1MEYMA0GCSqGSIb3DQEBCwUAA4IBAQAiv7S+xa2wFWPY6R9n1JLtKHuKP69i4rMg
x0gXDzMDGipN8+S7FxwLIrmWhhVtiIPBsE5pSaUD8UHBYKJNtAEmiSRxC8llwnp/
/NvbRfyl0y+XC2FpA8TMH0fsTXilq5yXN/4Kc2m03NfEY9/7bL7MqWHZDvvz6w35
60x/QvZ089ReTQBYmd6Ve1cmgrZm99xntQpjaB0wTSESg1Dt3KusIaVhSZfX7DPt
hYTnhXq66nMpK3p4Ipt+UVMBVGnUyrC6etWn1MOxLFjaFx8PGl054d+E9cv98AE6
xyL9WCpfHNttiBCYgNN7UHg5AYH96jYz6wg26kA4iwhgKQhxAVRP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org