Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N9JUXt1ZiIgrIcsYweG1NRi94i0.roa
File: N9JUXt1ZiIgrIcsYweG1NRi94i0.roa (raw, json)
Hash identifier: mZnPkyEmhkjc09OPB32spHlFbybGXu7B8M3keTSet00=
Subject key identifier: 37:D2:54:5E:DD:59:88:88:2B:21:CB:18:C1:E1:B5:35:18:BD:E2:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189B762323D86AAEF7C3EB79548189D781A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N9JUXt1ZiIgrIcsYweG1NRi94i0.roa
Signing time: Wed 02 Aug 2023 17:53:33 +0000
ROA not before: Wed 02 Aug 2023 17:53:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b7:62:32:3d:86:aa:ef:7c:3e:b7:95:48:18:9d:78:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 2 17:53:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37d2545edd5988882b21cb18c1e1b53518bde22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7f:39:92:84:3a:e8:34:da:87:35:11:5b:8c:
d9:39:ec:dd:04:bf:ef:fa:5c:e7:16:50:12:90:ad:
32:5f:ba:c4:43:45:51:75:62:c3:7a:37:80:f6:cb:
d6:28:53:7a:79:e6:22:bd:73:75:8c:83:4f:a0:d0:
8a:40:4b:85:d3:6e:56:60:00:3d:f8:61:a9:d1:19:
b3:ba:40:d9:57:ba:5e:5f:62:e9:6b:bb:ba:d2:d6:
86:1b:43:07:ae:8c:75:99:08:50:5f:15:b9:e0:56:
4d:47:7a:d0:45:30:29:5d:8a:88:53:0e:ca:69:4b:
27:b5:e8:25:db:81:50:02:48:63:fb:bd:8c:8e:c6:
2a:16:f2:81:1e:7b:2e:00:64:26:61:41:8f:db:b8:
97:3f:41:62:c7:e5:26:ab:c8:d6:98:0c:02:50:c4:
a9:0b:0a:19:6b:c8:e8:00:51:3c:ff:43:14:ee:a4:
01:44:1d:75:2a:80:48:ff:fb:3b:34:c2:e8:99:b1:
38:39:89:6e:0d:bc:82:ea:5d:31:4d:12:22:99:e7:
85:84:f1:af:e5:76:63:4a:db:22:0f:3f:c4:dc:a1:
80:ee:b0:75:65:3d:42:b3:6e:0c:b2:fc:f5:60:05:
3c:63:91:44:3c:5e:fb:31:51:ba:b4:fc:a7:84:bf:
9f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D2:54:5E:DD:59:88:88:2B:21:CB:18:C1:E1:B5:35:18:BD:E2:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N9JUXt1ZiIgrIcsYweG1NRi94i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.201.0/24
194.87.166.0/24
194.87.181.0/24
194.135.30.0/24
212.192.0.0/24
212.192.248.0/24
212.192.250.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:15:f0:91:7f:8a:16:ba:86:dc:c0:67:94:75:70:58:d8:86:
7e:5f:e0:cd:d9:63:ee:20:f9:38:f0:32:ca:dd:04:b8:09:a8:
86:75:1a:f9:c8:ab:86:85:e2:a5:06:45:cb:eb:8d:d2:80:67:
20:02:46:0e:b6:0a:2a:64:af:d9:ac:f6:3c:5a:0a:6e:1f:11:
b4:77:d2:75:7e:32:31:ec:5a:69:a1:db:14:d0:e7:c1:a8:53:
f2:56:88:c4:6c:7a:5f:16:44:c4:df:bf:ab:61:30:89:8a:38:
78:cc:89:46:48:b0:30:66:9a:be:d7:e0:b7:57:dd:e0:d4:b8:
10:19:bf:31:9d:f2:37:15:34:97:8c:0c:46:a6:c1:46:81:ba:
ce:39:26:68:9b:c8:99:cf:50:06:86:cb:da:41:19:0a:23:01:
19:93:26:7e:ac:ed:17:69:85:f8:a0:42:7e:36:f2:49:b1:7f:
aa:13:aa:61:2b:48:c1:23:18:ce:aa:eb:13:da:aa:de:57:df:
02:d9:8e:84:85:c1:e7:9c:89:c4:3b:2a:94:ea:a9:4b:74:99:
94:13:38:63:6e:f1:1d:52:e4:41:eb:77:40:47:35:78:d5:67:
68:42:cb:da:1b:6e:02:7d:40:a5:16:a3:69:dc:57:f0:1f:da:
1a:e2:5a:93
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYm3YjI9hqrvfD63lUgYnXgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAyMTc1MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2QyNTQ1ZWRkNTk4ODg4MmIyMWNiMThjMWUxYjUzNTE4YmRlMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm385koQ66DTahzURW4zZOezdBL/v
+lznFlASkK0yX7rEQ0VRdWLDejeA9svWKFN6eeYivXN1jINPoNCKQEuF025WYAA9
+GGp0RmzukDZV7peX2Lpa7u60taGG0MHrox1mQhQXxW54FZNR3rQRTApXYqIUw7K
aUsntegl24FQAkhj+72MjsYqFvKBHnsuAGQmYUGP27iXP0Fix+Umq8jWmAwCUMSp
CwoZa8joAFE8/0MU7qQBRB11KoBI//s7NMLombE4OYluDbyC6l0xTRIimeeFhPGv
5XZjStsiDz/E3KGA7rB1ZT1Cs24Msvz1YAU8Y5FEPF77MVG6tPynhL+fyQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDfSVF7dWYiIKyHLGMHhtTUYveItMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTjlKVVh0MVppSWdySWNzWXdlRzFOUmk5NGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXzJAwQA
wlemAwQAwle1AwQAwoceAwQA1MAAAwQA1MD4AwQB1MD6MA0GCSqGSIb3DQEBCwUA
A4IBAQCLFfCRf4oWuobcwGeUdXBY2IZ+X+DN2WPuIPk48DLK3QS4CaiGdRr5yKuG
heKlBkXL643SgGcgAkYOtgoqZK/ZrPY8WgpuHxG0d9J1fjIx7FppodsU0OfBqFPy
VojEbHpfFkTE37+rYTCJijh4zIlGSLAwZpq+1+C3V93g1LgQGb8xnfI3FTSXjAxG
psFGgbrOOSZom8iZz1AGhsvaQRkKIwEZkyZ+rO0XaYX4oEJ+NvJJsX+qE6phK0jB
IxjOqusT2qreV98C2Y6EhcHnnInEOyqU6qlLdJmUEzhjbvEdUuRB63dARzV41Wdo
QsvaG24CfUClFqNp3FfwH9oa4lqT
-----END CERTIFICATE-----
Generated at Fri Aug 4 12:38:39 2023 by rpki-client on console-ams.rpki-client.org