Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P6ceCECENo7eI27NB7W7dJ4LICI.roa
File: P6ceCECENo7eI27NB7W7dJ4LICI.roa (raw, json)
Hash identifier: 5oiETwd1MeG+zv7vgq3kq+S9EinncJJZtlIBnEszyiI=
Subject key identifier: 3F:A7:1E:08:40:84:36:8E:DE:23:6E:CD:07:B5:BB:74:9E:0B:20:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01869B8DC8FBF8B4CFF3CC6780E822A57841
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P6ceCECENo7eI27NB7W7dJ4LICI.roa
Signing time: Wed 01 Mar 2023 05:03:25 +0000
ROA not before: Wed 01 Mar 2023 05:03:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 10:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:8d:c8:fb:f8:b4:cf:f3:cc:67:80:e8:22:a5:78:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 1 05:03:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fa71e084084368ede236ecd07b5bb749e0b2022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:de:9f:0e:e0:28:11:83:aa:0c:d0:bc:0d:77:
f2:10:15:a2:36:9f:79:d5:91:8f:25:86:c2:2e:ed:
e3:d0:21:87:ef:c0:d7:bd:32:e2:d3:c9:6d:71:70:
f4:22:24:c3:04:90:0b:03:71:73:1c:f5:88:78:68:
0f:84:7d:0f:13:8c:ce:5c:3f:1b:c4:66:83:77:9d:
d2:dc:cc:7e:41:00:aa:f4:1c:4e:cf:56:a5:c7:0e:
e7:7c:ac:12:d2:90:ba:4f:41:e3:be:ac:1b:e7:d1:
b5:4a:7d:df:56:89:c7:75:82:ab:46:6e:6e:e4:ac:
8b:3d:e1:53:fc:20:1b:ed:6d:df:6b:68:54:3c:39:
48:99:09:b5:73:f5:3d:58:4e:e2:b8:71:bd:68:7f:
d6:43:28:75:0a:dc:46:3e:c2:62:76:5f:34:27:18:
94:62:71:e3:31:e9:24:cd:d5:f9:5d:e2:ed:0e:72:
0d:0e:c6:5d:76:27:d6:c1:86:ea:88:33:d2:39:03:
2c:96:d3:cf:fc:80:aa:dd:be:4a:29:ec:46:06:56:
d9:d5:6c:76:51:cf:47:c6:3b:2d:04:c0:49:1b:7b:
29:f4:eb:64:c3:8a:35:79:57:ab:ea:3c:f9:d9:cb:
23:20:6e:f5:51:a1:08:c7:57:6d:ae:bb:46:03:67:
2c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A7:1E:08:40:84:36:8E:DE:23:6E:CD:07:B5:BB:74:9E:0B:20:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P6ceCECENo7eI27NB7W7dJ4LICI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.8.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a3:40:91:49:5d:ff:9e:3b:81:f3:a5:ef:f6:70:20:e2:a9:
97:94:b3:43:b1:e2:5e:d3:6d:44:09:71:bf:2c:c0:ea:88:29:
4c:4e:f1:2c:9a:e5:7a:52:85:9b:06:21:42:6b:85:24:ac:7a:
b9:81:3d:7d:c6:2c:c0:e1:ff:bc:c1:fe:d6:0d:45:89:7f:3c:
49:0d:7e:6f:ec:58:ea:d7:3c:4f:fb:79:f4:37:23:4f:ff:1a:
73:95:67:6d:8e:9a:1e:24:bc:2b:f6:e7:ea:6b:c7:4d:2f:48:
bf:dd:8d:0a:92:88:1f:2b:72:20:a5:48:44:08:2d:f2:a8:b9:
0c:49:b1:9d:ce:dd:d4:ac:f5:b8:19:bd:56:68:ec:50:d7:c1:
f0:7f:51:9f:ea:bd:1f:ed:7a:9c:1a:b9:7e:9a:a2:99:dd:07:
5c:90:7e:2b:34:87:39:10:a2:42:48:6c:65:d0:3a:b2:a7:a4:
ce:f7:5e:d2:f3:46:60:26:5e:bc:08:f5:d3:35:30:61:ec:63:
16:61:88:5f:a3:c2:c1:a6:9b:14:cb:13:c4:a8:b8:61:af:c8:
43:b9:b3:54:fb:f9:d9:8b:63:83:65:eb:4b:cf:5c:e4:d7:d7:
36:99:d8:7a:8e:d4:64:e8:cd:f2:8d:7b:a7:d9:6e:a3:66:ef:
c5:04:66:34
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYabjcj7+LTP88xngOgipXhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAxMDUwMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE3MWUwODQwODQzNjhlZGUyMzZlY2QwN2I1YmI3NDllMGIyMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N6fDuAoEYOqDNC8DXfyEBWiNp95
1ZGPJYbCLu3j0CGH78DXvTLi08ltcXD0IiTDBJALA3FzHPWIeGgPhH0PE4zOXD8b
xGaDd53S3Mx+QQCq9BxOz1alxw7nfKwS0pC6T0Hjvqwb59G1Sn3fVonHdYKrRm5u
5KyLPeFT/CAb7W3fa2hUPDlImQm1c/U9WE7iuHG9aH/WQyh1CtxGPsJidl80JxiU
YnHjMekkzdX5XeLtDnINDsZddifWwYbqiDPSOQMsltPP/ICq3b5KKexGBlbZ1Wx2
Uc9HxjstBMBJG3sp9Otkw4o1eVer6jz52csjIG71UaEIx1dtrrtGA2csOwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFD+nHghAhDaO3iNuzQe1u3SeCyAiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUDZjZUNFQ0VObzdlSTI3TkI3VzdkSjRMSUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBADA
fLYDBADBfAgDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXFgME
AMJXGwMEAMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwld7AwQAwld+AwQAwleI
AwQBwleKAwQAwlelAwQAwlerAwQAwlfGAwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoy
MAwDBALDOjQDBAbDOgADBADDhTcDBADDhcEDBADDhcMDBAHUwAADBAHUwNADBADU
wNMDBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQADggEBADyjQJFJXf+eO4Hzpe/2
cCDiqZeUs0Ox4l7TbUQJcb8swOqIKUxO8Sya5XpShZsGIUJrhSSsermBPX3GLMDh
/7zB/tYNRYl/PEkNfm/sWOrXPE/7efQ3I0//GnOVZ22Omh4kvCv25+prx00vSL/d
jQqSiB8rciClSEQILfKouQxJsZ3O3dSs9bgZvVZo7FDXwfB/UZ/qvR/tepwauX6a
opndB1yQfis0hzkQokJIbGXQOrKnpM73XtLzRmAmXrwI9dM1MGHsYxZhiF+jwsGm
mxTLE8SouGGvyEO5s1T7+dmLY4Nl60vPXOTX1zaZ2HqO1GTozfKNe6fZbqNm78UE
ZjQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org