Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NTWWlKqR2DYGl-B3oJiuHWAuktM.roa
File: NTWWlKqR2DYGl-B3oJiuHWAuktM.roa (raw, json)
Hash identifier: mq+CueczYSPwzrGlD7b6xnNwdsXPzSytcZ30Kq4mIJ4=
Subject key identifier: 35:35:96:94:AA:91:D8:36:06:97:E0:77:A0:98:AE:1D:60:2E:92:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01881DA6C8259206198EC7BF6EFAC23918A3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NTWWlKqR2DYGl-B3oJiuHWAuktM.roa
Signing time: Mon 15 May 2023 04:24:09 +0000
ROA not before: Mon 15 May 2023 04:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.82.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1d:a6:c8:25:92:06:19:8e:c7:bf:6e:fa:c2:39:18:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 15 04:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35359694aa91d8360697e077a098ae1d602e92d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d7:95:b6:1e:f3:48:bd:85:18:28:6d:35:7c:
22:1d:95:6f:57:01:83:f8:65:8d:54:42:7f:28:96:
96:86:92:bb:2e:d5:40:fd:3e:42:b8:13:c3:55:ff:
c6:4b:75:0b:4f:85:dc:ef:70:18:35:b9:57:1d:64:
9f:ac:83:24:3c:f5:76:db:98:7f:1f:4e:06:9c:2b:
bb:67:5a:36:77:9e:e4:d3:79:67:88:26:2c:da:82:
72:1b:6e:d1:09:bd:72:7a:9a:8c:49:4b:c9:d2:51:
fc:c4:9c:15:db:20:63:66:00:3f:79:39:4e:66:da:
ea:f0:c8:52:d3:e2:46:c9:2b:3c:a6:b2:2c:c8:3a:
25:d8:44:bf:77:5c:07:8b:86:23:cb:7d:8f:91:0a:
ac:ab:22:22:15:84:3a:6d:41:0f:fb:a3:dc:a7:ed:
80:4f:d6:84:e5:1b:a8:f2:45:36:12:9a:92:91:1c:
aa:5a:42:c1:fd:56:a0:6a:9c:94:28:16:5a:b2:18:
66:ef:b3:bf:48:8e:05:4a:b3:5d:d0:14:7f:be:ef:
3a:c7:80:43:d8:3a:c0:bd:ef:dd:ac:99:80:59:10:
94:31:d6:25:e2:59:31:dc:27:d0:f2:7e:91:74:de:
a3:1d:0f:f6:a6:ce:09:0a:e8:73:8a:de:00:b9:c0:
ed:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:35:96:94:AA:91:D8:36:06:97:E0:77:A0:98:AE:1D:60:2E:92:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NTWWlKqR2DYGl-B3oJiuHWAuktM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
194.87.90.0/24
194.87.181.0/24
194.87.198.0/24
195.133.82.0/24
212.193.0.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:a2:cb:ea:88:14:2f:44:c5:ad:2e:5f:d4:d6:23:19:54:13:
47:04:e6:27:8e:36:f8:3f:83:a1:f1:b5:51:41:56:e9:d5:d0:
31:3d:3e:0d:b9:86:f9:71:5e:49:66:01:0b:92:1e:aa:26:a3:
80:e4:f8:9f:59:d6:05:8d:38:4f:ba:8c:86:2d:cc:4f:28:f1:
d1:8b:ed:0a:2f:08:de:d6:30:f0:94:98:77:71:a9:93:b4:fa:
ce:3d:ee:e4:2c:b4:53:5c:e5:b6:2a:0d:ca:4d:0b:f3:4e:44:
7f:20:c6:8c:c2:61:bb:57:1e:ed:86:da:b5:7a:c0:8c:15:24:
85:31:84:f5:08:3c:b8:38:f0:52:c8:25:ba:9a:58:c1:54:12:
1f:b9:41:fa:5d:c7:4d:a5:ea:e4:20:1c:51:e0:2a:55:48:ac:
9a:0c:2c:41:db:52:30:9b:e3:64:e8:05:10:18:c0:ba:ec:2b:
75:98:91:f7:35:a2:1b:15:76:83:b3:b9:d3:a1:b2:fc:09:0c:
ba:0d:48:ad:b4:62:1a:6f:60:87:43:a0:2a:d6:95:ea:e1:22:
1f:bc:aa:66:e9:e4:d2:f0:a8:a4:8f:9e:7d:ed:1d:23:d7:c5:
40:60:28:71:2b:c3:ba:04:32:3e:41:90:b3:56:10:3b:7a:f5:
ae:ad:22:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgdpsglkgYZjse/bvrCORijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE1MDQyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM1OTY5NGFhOTFkODM2MDY5N2UwNzdhMDk4YWUxZDYwMmU5MmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNeVth7zSL2FGChtNXwiHZVvVwGD
+GWNVEJ/KJaWhpK7LtVA/T5CuBPDVf/GS3ULT4Xc73AYNblXHWSfrIMkPPV225h/
H04GnCu7Z1o2d57k03lniCYs2oJyG27RCb1yepqMSUvJ0lH8xJwV2yBjZgA/eTlO
Ztrq8MhS0+JGySs8prIsyDol2ES/d1wHi4Yjy32PkQqsqyIiFYQ6bUEP+6Pcp+2A
T9aE5Ruo8kU2EpqSkRyqWkLB/VagapyUKBZashhm77O/SI4FSrNd0BR/vu86x4BD
2DrAve/drJmAWRCUMdYl4lkx3CfQ8n6RdN6jHQ/2ps4JCuhzit4AucDtEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDU1lpSqkdg2Bpfgd6CYrh1gLpLTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTlRXV2xLcVIyRFlHbC1CM29KaXVIV0F1a3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwldJAwQA
wldaAwQAwle1AwQAwlfGAwQAw4VSAwQB1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQBK
osvqiBQvRMWtLl/U1iMZVBNHBOYnjjb4P4Oh8bVRQVbp1dAxPT4NuYb5cV5JZgEL
kh6qJqOA5PifWdYFjThPuoyGLcxPKPHRi+0KLwje1jDwlJh3camTtPrOPe7kLLRT
XOW2Kg3KTQvzTkR/IMaMwmG7Vx7thtq1esCMFSSFMYT1CDy4OPBSyCW6mljBVBIf
uUH6XcdNperkIBxR4CpVSKyaDCxB21Iwm+Nk6AUQGMC67Ct1mJH3NaIbFXaDs7nT
obL8CQy6DUittGIab2CHQ6Aq1pXq4SIfvKpm6eTS8Kikj5597R0j18VAYChxK8O6
BDI+QZCzVhA7evWurSJa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org