Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PokNHltAQrWRY5QX4Sd95zFd-hc.roa
File: PokNHltAQrWRY5QX4Sd95zFd-hc.roa (raw, json)
Hash identifier: PSScRVPTQhJ2auS2PI6G0NkjXELoriAt9di5a6mkpn0=
Subject key identifier: 3E:89:0D:1E:5B:40:42:B5:91:63:94:17:E1:27:7D:E7:31:5D:FA:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018794A915E8FD63B07C675597D4B784F9F6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PokNHltAQrWRY5QX4Sd95zFd-hc.roa
Signing time: Tue 18 Apr 2023 13:58:41 +0000
ROA not before: Tue 18 Apr 2023 13:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.27.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:a9:15:e8:fd:63:b0:7c:67:55:97:d4:b7:84:f9:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 18 13:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e890d1e5b4042b591639417e1277de7315dfa17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6a:ae:8b:6e:f9:18:02:14:04:4b:0d:e7:27:
50:4c:2a:4b:11:03:37:8d:d2:5b:a4:8d:82:14:95:
f1:91:e2:22:5d:7b:01:ff:8f:a8:9e:f0:50:bb:57:
4b:48:d5:e4:93:ac:ea:a7:5e:52:dc:d0:6a:73:78:
2e:82:81:51:2d:c7:52:38:43:81:b9:e5:b9:6f:99:
16:31:8c:7e:a6:18:45:e1:ab:aa:a9:df:43:f3:c3:
58:fe:39:a4:c5:71:6d:e4:91:4e:f7:73:93:d8:90:
fc:8c:7a:02:1b:f0:b8:d5:4f:08:be:34:17:38:df:
74:8b:55:eb:83:b5:0d:89:5c:d4:2a:f8:19:a0:0e:
af:79:e8:65:55:83:25:4d:77:43:0e:bc:de:9a:71:
b3:dd:c2:fb:70:26:fd:a1:1f:48:0a:25:7d:a4:55:
8d:b8:54:cd:06:36:5c:52:80:2c:f5:73:85:44:76:
f1:4a:fd:5e:aa:98:ca:dc:88:3b:53:18:29:5c:60:
76:c1:ea:3a:69:5d:58:8d:b0:52:3b:bd:d6:d7:bf:
72:30:85:d8:20:d1:70:51:b1:1b:3b:9c:8b:46:d1:
99:50:ca:a6:4a:63:7e:0d:a7:2a:05:80:d5:8e:7f:
19:dd:c1:ca:56:22:6d:86:21:c3:62:3b:43:79:26:
07:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:89:0D:1E:5B:40:42:B5:91:63:94:17:E1:27:7D:E7:31:5D:FA:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PokNHltAQrWRY5QX4Sd95zFd-hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.82.0/24
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.56.0/21
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:19:a4:eb:fc:a1:18:25:2d:0a:49:d5:a3:aa:e1:56:5a:e9:
53:4a:ad:ba:61:0a:27:70:83:de:f7:78:03:2f:8b:83:c8:a6:
e9:0e:04:82:be:0c:4f:85:25:f8:b8:ea:77:6b:c5:64:0b:0c:
a6:95:93:23:6b:d4:42:2f:e1:34:98:88:3c:dc:f7:3d:17:f3:
d4:46:9b:1f:1f:f3:62:76:1c:ee:7f:60:d6:e4:5f:ef:9d:0e:
c5:4a:01:f8:ce:72:57:ec:53:22:94:3d:ca:04:64:35:82:5b:
1a:50:10:26:77:db:96:3d:6f:71:68:53:7c:b4:ea:16:4d:bf:
98:eb:ac:83:e0:cc:88:16:9b:bf:08:0b:79:d7:9b:dd:13:60:
9f:d7:b1:b3:bb:21:d6:93:76:67:dd:3f:f2:95:80:ab:2e:3f:
5b:92:88:ce:78:8d:4e:af:d0:5c:ca:97:bd:f1:b2:0c:c1:79:
0c:2a:05:4a:f4:8b:33:a6:75:ce:ad:8d:4c:ab:00:75:9f:e2:
a4:e9:1f:14:f9:ce:a9:fb:1e:51:2a:45:78:3d:31:98:15:c5:
bd:7e:10:99:6d:ae:60:8d:b8:6e:59:e3:14:a7:40:fc:f9:9f:
0d:84:42:3b:c4:b6:d7:cf:a5:68:a2:ee:78:24:5f:e7:73:e7:
20:0d:67:53
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYeUqRXo/WOwfGdVl9S3hPn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDE4MTM1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTg5MGQxZTViNDA0MmI1OTE2Mzk0MTdlMTI3N2RlNzMxNWRmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2qui275GAIUBEsN5ydQTCpLEQM3
jdJbpI2CFJXxkeIiXXsB/4+onvBQu1dLSNXkk6zqp15S3NBqc3gugoFRLcdSOEOB
ueW5b5kWMYx+phhF4auqqd9D88NY/jmkxXFt5JFO93OT2JD8jHoCG/C41U8IvjQX
ON90i1Xrg7UNiVzUKvgZoA6veehlVYMlTXdDDrzemnGz3cL7cCb9oR9ICiV9pFWN
uFTNBjZcUoAs9XOFRHbxSv1eqpjK3Ig7UxgpXGB2weo6aV1YjbBSO73W179yMIXY
INFwUbEbO5yLRtGZUMqmSmN+DacqBYDVjn8Z3cHKViJthiHDYjtDeSYH4QIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFD6JDR5bQEK1kWOUF+EnfecxXfoXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUG9rTkhsdEFRcldSWTVRWDRTZDk1ekZkLWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAMF8yzAM
AwQAwjotAwQEwjogAwQAwlcbAwQAwldSAwQAwld2AwQAwleIAwQAwlelAwQAwler
AwQAwlfGAwQBwlfQAwQBwlfeAwQDwzo4AwQAw4U3AwQAw4XDAwQB1MAAAwQB1MDQ
AwQA1MEAAwQA1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQB+GaTr/KEYJS0KSdWjquFW
WulTSq26YQoncIPe93gDL4uDyKbpDgSCvgxPhSX4uOp3a8VkCwymlZMja9RCL+E0
mIg83Pc9F/PURpsfH/Nidhzuf2DW5F/vnQ7FSgH4znJX7FMilD3KBGQ1glsaUBAm
d9uWPW9xaFN8tOoWTb+Y66yD4MyIFpu/CAt515vdE2Cf17GzuyHWk3Zn3T/ylYCr
Lj9bkojOeI1Or9Bcype98bIMwXkMKgVK9IszpnXOrY1MqwB1n+Kk6R8U+c6p+x5R
KkV4PTGYFcW9fhCZba5gjbhuWeMUp0D8+Z8NhEI7xLbXz6Voou54JF/nc+cgDWdT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org