Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MyJIoNXLmdAIHnEVKJEoefL1sNw.roa
File: MyJIoNXLmdAIHnEVKJEoefL1sNw.roa (raw, json)
Hash identifier: LPwAhU/bBcrLfBoCx6mHDxz5XasXrCF0iPdAvyTCR6A=
Subject key identifier: 33:22:48:A0:D5:CB:99:D0:08:1E:71:15:28:91:28:79:F2:F5:B0:DC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187573B153C348B90236EDF59732171685B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MyJIoNXLmdAIHnEVKJEoefL1sNw.roa
Signing time: Thu 06 Apr 2023 15:41:42 +0000
ROA not before: Thu 06 Apr 2023 15:41:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 22
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:3b:15:3c:34:8b:90:23:6e:df:59:73:21:71:68:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:41:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=332248a0d5cb99d0081e711528912879f2f5b0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d0:4e:8e:90:cf:30:46:ec:e4:9f:5f:5f:e5:
06:25:15:67:42:9e:f9:ca:3f:08:b0:4e:21:c4:7c:
0a:20:c1:b1:65:ac:19:19:0a:b8:ab:e8:61:42:f5:
ad:bd:40:78:1c:5f:76:b9:47:7a:82:b0:65:e0:77:
32:5e:11:c9:2e:2f:4e:f3:e9:bb:ef:2e:47:f5:08:
b0:75:b1:b9:14:3f:fb:c1:e0:8f:d8:5a:d5:05:d3:
6d:13:fd:24:5c:37:fd:83:0b:88:0c:0b:e2:ad:63:
44:90:73:ef:62:e3:f4:1b:23:ef:68:a8:72:64:e4:
ae:90:ba:6b:ba:0d:8e:4e:28:53:ed:5d:37:85:34:
3b:9d:ac:db:cc:6c:0e:33:0b:0b:16:21:1b:87:b8:
a8:09:4f:9c:89:72:26:2b:a8:cb:01:5b:24:bb:55:
f0:61:c2:29:b1:54:d6:de:d1:73:72:40:d8:58:bc:
05:23:f8:e7:37:f6:5e:7e:67:51:ac:11:b8:b4:bd:
f4:8f:b1:9f:18:14:cd:8a:90:95:b9:d5:f3:86:cb:
60:82:94:bb:73:58:95:df:17:1c:cc:05:12:84:61:
f5:e3:b0:4c:7e:19:cf:c1:52:a5:ca:a2:08:28:16:
50:2b:75:b8:fa:50:22:c6:d8:f6:78:95:ec:6a:be:
54:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:22:48:A0:D5:CB:99:D0:08:1E:71:15:28:91:28:79:F2:F5:B0:DC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MyJIoNXLmdAIHnEVKJEoefL1sNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.29.0/24
194.135.104.0/24
195.133.21.0/24
195.133.26.0/23
195.133.59.0/24
195.133.83.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:fe:36:cf:a6:7e:b6:ad:56:65:0d:3d:94:c0:90:66:26:6d:
17:68:93:7d:08:ad:e4:52:97:f6:41:76:59:62:e3:ce:0c:15:
b8:b5:e2:c3:c1:d5:10:85:d1:36:84:0f:a5:ff:c7:9b:40:1e:
27:97:4d:a0:5b:71:ef:f9:f2:75:d8:b8:96:21:40:7e:3a:6d:
8e:5c:22:34:5a:77:78:2a:de:73:c4:e1:92:3f:fa:18:05:4a:
4d:a2:db:ae:b1:02:50:fc:f2:06:95:c6:ec:f7:03:36:83:2a:
77:e6:41:b9:79:af:ee:f5:5a:ca:d7:08:1a:3a:f4:8b:db:91:
0c:83:3c:4c:eb:c8:00:84:a8:e9:b5:e5:e4:13:ba:f1:5d:98:
2b:55:78:e1:eb:21:ab:f2:c7:cf:64:5f:9a:5b:1d:ae:40:2b:
84:0f:62:cc:68:1f:fc:bc:67:5c:b2:65:4a:86:57:80:a8:2e:
74:b3:71:7a:da:56:70:4d:60:6a:0c:61:25:a1:e2:36:d2:93:
31:39:6a:dc:97:b0:b4:48:c0:f1:e8:f2:b6:d2:79:ac:ab:9a:
ef:b8:4e:3e:b0:5d:5f:f3:7f:44:68:1b:0f:08:fa:9e:2f:10:
36:a6:52:03:8e:30:70:b2:94:0f:53:93:52:61:3e:a0:be:e1:
78:0a:e0:d0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYdXOxU8NIuQI27fWXMhcWhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTU0MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzIyNDhhMGQ1Y2I5OWQwMDgxZTcxMTUyODkxMjg3OWYyZjViMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktBOjpDPMEbs5J9fX+UGJRVnQp75
yj8IsE4hxHwKIMGxZawZGQq4q+hhQvWtvUB4HF92uUd6grBl4HcyXhHJLi9O8+m7
7y5H9QiwdbG5FD/7weCP2FrVBdNtE/0kXDf9gwuIDAvirWNEkHPvYuP0GyPvaKhy
ZOSukLprug2OTihT7V03hTQ7nazbzGwOMwsLFiEbh7ioCU+ciXImK6jLAVsku1Xw
YcIpsVTW3tFzckDYWLwFI/jnN/ZefmdRrBG4tL30j7GfGBTNipCVudXzhstggpS7
c1iV3xcczAUShGH147BMfhnPwVKlyqIIKBZQK3W4+lAixtj2eJXsar5U9wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDMiSKDVy5nQCB5xFSiRKHny9bDcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXlKSW9OWExtZEFJSG5FVktKRW9lZkwxc053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwPAwQA
wXwYAwQAwlcdAwQAwodoAwQAw4UVAwQBw4UaAwQAw4U7AwQAw4VTAwQC1MEYMA0G
CSqGSIb3DQEBCwUAA4IBAQA8/jbPpn62rVZlDT2UwJBmJm0XaJN9CK3kUpf2QXZZ
YuPODBW4teLDwdUQhdE2hA+l/8ebQB4nl02gW3Hv+fJ12LiWIUB+Om2OXCI0Wnd4
Kt5zxOGSP/oYBUpNotuusQJQ/PIGlcbs9wM2gyp35kG5ea/u9VrK1wgaOvSL25EM
gzxM68gAhKjpteXkE7rxXZgrVXjh6yGr8sfPZF+aWx2uQCuED2LMaB/8vGdcsmVK
hleAqC50s3F62lZwTWBqDGEloeI20pMxOWrcl7C0SMDx6PK20nmsq5rvuE4+sF1f
839EaBsPCPqeLxA2plIDjjBwspQPU5NSYT6gvuF4CuDQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:02 2023 by rpki-client on console-fra.rpki-client.org