Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MAv88k7wL7kbhIqGIQ0IeDQuEXQ.roa
File: MAv88k7wL7kbhIqGIQ0IeDQuEXQ.roa (raw, json)
Hash identifier: UL5Oz3elAtXbeu2m9nmk9iHSYgjbYScTDtsj5uraH/o=
Subject key identifier: 30:0B:FC:F2:4E:F0:2F:B9:1B:84:8A:86:21:0D:08:78:34:2E:11:74
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018707B185EFC43173B8591B14C2BE84F191
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MAv88k7wL7kbhIqGIQ0IeDQuEXQ.roa
Signing time: Wed 22 Mar 2023 05:01:27 +0000
ROA not before: Wed 22 Mar 2023 05:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 04:59:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:07:b1:85:ef:c4:31:73:b8:59:1b:14:c2:be:84:f1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 22 05:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300bfcf24ef02fb91b848a86210d0878342e1174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6c:93:6c:a6:d6:b3:89:b6:b7:b2:a1:20:9d:
86:9f:19:17:67:50:2d:31:8b:79:bc:4e:85:ff:91:
70:1a:5d:68:83:80:b8:11:d6:20:03:39:b2:2a:be:
1a:36:c3:a3:31:46:ed:fb:36:02:d0:f9:bf:f4:52:
e7:15:cd:79:11:87:11:ab:82:0f:7e:a3:85:af:cf:
43:4c:9c:5f:19:84:8f:75:0f:d3:f9:c9:cb:9e:7c:
16:d5:fa:b4:99:10:39:37:c2:ee:32:da:de:84:33:
0b:75:6f:0d:a3:20:d4:a5:75:74:fc:9d:3d:14:91:
b8:c7:6d:b3:3f:3a:97:9b:b9:63:c4:4f:c4:32:84:
eb:15:79:32:93:94:14:5f:05:36:89:98:5f:0c:97:
98:94:3c:d0:53:d4:17:90:11:d1:3e:1a:00:52:8e:
b9:0d:38:51:89:37:ea:fb:5e:71:4a:f8:f9:e8:9f:
a1:5b:62:e9:ec:ef:b1:87:e1:5e:77:0b:a8:5b:f9:
a5:b5:da:7f:35:56:c0:6f:ed:0c:e9:71:36:54:2b:
31:f7:9d:87:98:6e:a0:26:b3:c0:5a:28:af:41:46:
f5:ce:9d:45:e6:3e:0a:9f:15:09:09:4e:61:5d:66:
0e:e1:aa:42:c8:42:23:de:b4:39:b5:61:d8:57:18:
35:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0B:FC:F2:4E:F0:2F:B9:1B:84:8A:86:21:0D:08:78:34:2E:11:74
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MAv88k7wL7kbhIqGIQ0IeDQuEXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.82.0/24
194.87.114.0/23
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:91:63:fa:ef:21:a6:e1:40:bc:8d:e0:e1:f1:c8:c2:0e:a8:
61:f0:19:60:ae:22:ab:2c:d3:b9:26:ab:a8:6e:10:b8:1c:cf:
af:04:02:87:58:a6:51:53:87:96:35:c2:f9:bb:83:51:fe:ad:
77:61:d1:07:e0:c6:7e:13:fb:47:ff:1a:f8:00:9b:86:91:ff:
77:7b:37:da:e4:72:94:0d:ed:14:a7:b4:3a:b8:36:03:ec:57:
06:32:b5:86:ce:b1:c1:97:0b:53:ca:fd:06:cf:49:a0:46:88:
1c:77:43:93:99:b4:49:30:6c:70:86:f3:7d:ba:7b:f8:9e:af:
f1:90:77:df:ab:73:b5:f3:dd:55:84:4b:41:c2:5d:63:c6:50:
e9:4d:5f:f9:4f:27:a4:ed:b5:fe:b5:6f:99:b1:cc:b7:a2:42:
4f:1c:f4:5d:b9:18:13:a7:eb:36:02:9e:bd:57:7d:a0:3e:97:
0d:2f:7e:fb:2f:08:44:b2:4b:f7:15:ae:f7:50:67:11:3f:bc:
20:f2:c2:fb:9d:fe:e8:64:06:6f:da:ba:e4:86:df:72:f4:74:
32:44:c0:b8:c9:d9:d2:83:eb:10:da:9f:c3:0d:28:54:c3:3f:
03:6f:18:5a:aa:7d:53:83:2c:64:40:5f:6c:7f:60:2b:d2:8e:
04:68:ff:f2
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYcHsYXvxDFzuFkbFMK+hPGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIyMDUwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBiZmNmMjRlZjAyZmI5MWI4NDhhODYyMTBkMDg3ODM0MmUxMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmyTbKbWs4m2t7KhIJ2GnxkXZ1At
MYt5vE6F/5FwGl1og4C4EdYgAzmyKr4aNsOjMUbt+zYC0Pm/9FLnFc15EYcRq4IP
fqOFr89DTJxfGYSPdQ/T+cnLnnwW1fq0mRA5N8LuMtrehDMLdW8NoyDUpXV0/J09
FJG4x22zPzqXm7ljxE/EMoTrFXkyk5QUXwU2iZhfDJeYlDzQU9QXkBHRPhoAUo65
DThRiTfq+15xSvj56J+hW2Lp7O+xh+FedwuoW/mltdp/NVbAb+0M6XE2VCsx952H
mG6gJrPAWiivQUb1zp1F5j4KnxUJCU5hXWYO4apCyEIj3rQ5tWHYVxg1/wIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFDAL/PJO8C+5G4SKhiENCHg0LhF0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUF2ODhrN3dMN2tiaElxR0lRMEllRFF1RVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBADB
fIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXGwMEAMJXUgMEAcJXcgME
AMJXdgMEAMJXiAMEAMJXpQMEAMJXqwMEAMJXxgMEAcJX0AMEAcJX3gMEAMM6MjAM
AwQCwzo0AwQGwzoAAwQAw4U3AwQAw4XDAwQB1MAAAwQB1MDQAwQA1MEAAwQA1MEM
MA0GCSqGSIb3DQEBCwUAA4IBAQBrkWP67yGm4UC8jeDh8cjCDqhh8BlgriKrLNO5
JquobhC4HM+vBAKHWKZRU4eWNcL5u4NR/q13YdEH4MZ+E/tH/xr4AJuGkf93ezfa
5HKUDe0Up7Q6uDYD7FcGMrWGzrHBlwtTyv0Gz0mgRogcd0OTmbRJMGxwhvN9unv4
nq/xkHffq3O1891VhEtBwl1jxlDpTV/5Tyek7bX+tW+Zscy3okJPHPRduRgTp+s2
Ap69V32gPpcNL377LwhEskv3Fa73UGcRP7wg8sL7nf7oZAZv2rrkht9y9HQyRMC4
ydnSg+sQ2p/DDShUwz8Dbxhaqn1TgyxkQF9sf2Ar0o4EaP/y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org