Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZBB1LfRBq2lTYSmzOitpTKqPto.roa
File: NZBB1LfRBq2lTYSmzOitpTKqPto.roa (raw, json)
Hash identifier: IwENnxkZWHMOWrX+AXwJbPHpkoNbBabifwWIBxpKyQc=
Subject key identifier: 35:90:41:D4:B7:D1:06:AD:A5:4D:84:A6:CC:E8:AD:A5:32:AA:3E:DA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01857154357C5C63B6D6F54FA0BB92519776
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZBB1LfRBq2lTYSmzOitpTKqPto.roa
Signing time: Mon 02 Jan 2023 07:13:42 +0000
ROA not before: Mon 02 Jan 2023 07:13:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.4.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:54:35:7c:5c:63:b6:d6:f5:4f:a0:bb:92:51:97:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 07:13:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359041d4b7d106ada54d84a6cce8ada532aa3eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e2:8d:e1:85:74:bb:a8:f1:20:d9:05:13:d1:
4f:d1:c2:43:fd:25:d0:2a:71:fc:f3:f8:53:6f:cc:
74:02:70:26:e8:0a:9b:28:d1:ad:8b:07:b7:95:11:
90:4e:94:2d:96:d5:6e:4a:1d:aa:d2:45:9a:b8:ce:
71:c9:49:64:58:fb:e4:d1:e4:e1:30:37:e5:6c:79:
83:4d:c0:e7:fb:c0:11:89:2d:03:b0:c1:1a:1c:6c:
ba:b3:cc:4d:e4:b8:7a:d2:fa:b7:ee:62:80:f5:09:
7b:bb:1b:5b:8e:6d:3d:1d:a3:5f:3d:5b:30:4c:46:
48:86:ef:7f:8c:bb:5f:47:80:82:53:8a:a2:ff:85:
9f:c2:0c:a7:44:85:fd:49:6d:c9:59:bf:2c:51:de:
29:0a:4b:da:52:a7:cc:9b:f8:ea:bd:6a:d0:9c:9e:
54:ad:39:9d:5c:ed:ed:8e:3b:42:53:55:a7:68:62:
f9:7b:20:e4:b1:00:31:78:f6:bf:68:2d:78:4d:a2:
58:2c:75:a7:eb:57:42:b4:99:37:94:2f:d8:6e:32:
e4:77:11:3a:77:63:7c:02:ca:7f:7c:44:04:a6:11:
50:28:69:0c:39:f4:72:0e:08:92:a3:c7:a9:12:8f:
c1:35:cb:0c:79:c0:42:33:54:4c:c2:01:66:2e:0e:
bb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:90:41:D4:B7:D1:06:AD:A5:4D:84:A6:CC:E8:AD:A5:32:AA:3E:DA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZBB1LfRBq2lTYSmzOitpTKqPto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0-193.124.4.255
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.58.0/23
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
21:fa:1a:7d:c0:b6:28:e7:f3:45:37:ca:38:52:16:44:97:16:
02:c3:ab:07:36:a7:ce:9e:1f:f0:0e:8c:51:d6:52:ad:01:bd:
8f:4a:eb:82:9b:be:4e:aa:ce:61:2e:b4:fa:13:9c:08:30:f7:
cf:84:43:a8:16:20:f8:c6:74:b4:81:46:c9:f5:4e:1d:c1:49:
38:a7:67:e6:45:11:45:56:5d:6e:df:01:20:f3:42:10:e0:bb:
70:ee:4b:75:3b:3a:97:21:53:ce:7f:d5:56:6b:fe:f9:77:a6:
9f:26:9c:1a:69:5d:82:b9:90:93:82:d5:d3:c6:ef:f9:74:b0:
1a:5c:e7:8b:0b:f2:1f:81:26:b5:a7:83:4a:49:d7:29:cc:95:
fc:7d:2f:4c:25:e2:43:4a:f8:07:59:bb:03:0f:4e:c0:60:9c:
de:48:ca:23:f6:44:7e:97:58:94:48:ea:66:84:74:32:62:a5:
e7:8d:b8:f8:e7:e4:13:0d:45:85:32:2a:95:29:94:90:da:95:
66:5e:fb:0b:cf:86:10:ad:0d:8c:8b:96:b8:2b:d5:db:26:0c:
ea:e2:8c:c8:70:80:b7:30:bc:aa:c1:d8:4a:26:64:4f:74:44:
5f:86:c2:30:9f:00:38:42:f1:13:39:c2:3b:61:0c:bb:22:75:
ce:e9:9b:a9
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAYVxVDV8XGO21vVPoLuSUZd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAyMDcxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkwNDFkNGI3ZDEwNmFkYTU0ZDg0YTZjY2U4YWRhNTMyYWEzZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eKN4YV0u6jxINkFE9FP0cJD/SXQ
KnH88/hTb8x0AnAm6AqbKNGtiwe3lRGQTpQtltVuSh2q0kWauM5xyUlkWPvk0eTh
MDflbHmDTcDn+8ARiS0DsMEaHGy6s8xN5Lh60vq37mKA9Ql7uxtbjm09HaNfPVsw
TEZIhu9/jLtfR4CCU4qi/4WfwgynRIX9SW3JWb8sUd4pCkvaUqfMm/jqvWrQnJ5U
rTmdXO3tjjtCU1WnaGL5eyDksQAxePa/aC14TaJYLHWn61dCtJk3lC/YbjLkdxE6
d2N8Asp/fEQEphFQKGkMOfRyDgiSo8epEo/BNcsMecBCM1RMwgFmLg67eQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFDWQQdS30QatpU2EpszoraUyqj7aMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTlpCQjFMZlJCcTJsVFlTbXpPaXRwVEtxUHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCAU4EAgABMIIB
RgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tDAMAwQAwXwDAwQAwXwEAwQAwXwGAwQA
wXwIAwQAwXwSAwQAwXyFAwQAwXzJAwQAwXzLAwQAwXzPAwQAwjomAwQAwjoqMAwD
BADCOi0DBATCOiADBAHCOjoDBADCVwcDBALCVxgDBADCVzgDBADCV0wDBAHCV1ID
BADCV2gDBADCV3QDBADCV3YDBADCV3sDBADCV4gDBAHCV4oDBADCV5UDBADCV6MD
BADCV6UwDAMEAMJXqwMEAMJXrAMEAMJXsAMEAMJXtgMEAcJXxgMEAMJXygMEAcJX
0AMEAcJX3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQA
w4VeAwQAw4XDAwQB1MAAAwQA1MAKAwQA1MDeAwQA1MEAAwQA1MEMMA0GCSqGSIb3
DQEBCwUAA4IBAQAh+hp9wLYo5/NFN8o4UhZElxYCw6sHNqfOnh/wDoxR1lKtAb2P
SuuCm75Oqs5hLrT6E5wIMPfPhEOoFiD4xnS0gUbJ9U4dwUk4p2fmRRFFVl1u3wEg
80IQ4Ltw7kt1OzqXIVPOf9VWa/75d6afJpwaaV2CuZCTgtXTxu/5dLAaXOeLC/If
gSa1p4NKSdcpzJX8fS9MJeJDSvgHWbsDD07AYJzeSMoj9kR+l1iUSOpmhHQyYqXn
jbj45+QTDUWFMiqVKZSQ2pVmXvsLz4YQrQ2Mi5a4K9XbJgzq4ozIcIC3MLyqwdhK
JmRPdERfhsIwnwA4QvETOcI7YQy7InXO6Zup
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org