Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SveZUZp8wBE6SXzsk66GrAj_tWg.roa
File: SveZUZp8wBE6SXzsk66GrAj_tWg.roa (raw, json)
Hash identifier: 0te/kEY3yiAZB166SbiterltRGQcZNiKRWWNcvfAti0=
Subject key identifier: 4A:F7:99:51:9A:7C:C0:11:3A:49:7C:EC:93:AE:86:AC:08:FF:B5:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A7F7CFEC24A19992D8ABA47992DF66E97
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SveZUZp8wBE6SXzsk66GrAj_tWg.roa
Signing time: Sun 10 Sep 2023 14:26:52 +0000
ROA not before: Sun 10 Sep 2023 14:26:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.4.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:7c:fe:c2:4a:19:99:2d:8a:ba:47:99:2d:f6:6e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 10 14:26:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4af799519a7cc0113a497cec93ae86ac08ffb568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7e:45:51:c3:80:c6:6c:dc:e9:01:b2:73:e6:
55:2c:fc:73:06:c3:71:a4:79:5f:c2:12:5f:c8:2f:
63:83:0c:43:5b:c3:5d:af:6a:73:58:89:19:f4:55:
73:5a:8b:4a:83:62:77:14:05:99:e8:7c:5a:84:da:
08:3f:00:7b:32:af:aa:ab:36:aa:c5:1f:0f:9a:c7:
be:5c:3f:73:08:8e:94:da:a2:ed:97:8c:7c:6a:79:
02:31:79:3e:af:e0:23:9e:78:cd:a2:83:df:b1:7b:
42:2a:72:10:d6:d8:6c:f2:c0:c9:de:26:d1:4c:63:
ed:30:02:93:21:1b:5a:4c:d0:f1:7a:d7:06:7a:07:
98:c7:3c:f3:58:76:fe:72:0c:60:68:a5:a7:b3:7d:
f0:45:42:a6:c2:65:ed:a4:a1:8b:3b:a2:8f:94:0d:
42:b2:4e:2d:02:82:71:ed:e1:e2:c0:85:96:46:40:
b3:27:ad:e3:1c:37:00:4a:38:8f:ab:41:13:b5:8d:
41:d5:13:14:3e:9f:33:c2:21:e0:d9:55:c0:43:f3:
bb:b4:7c:b0:e5:33:42:4d:26:ab:f0:ec:9c:a2:ee:
1f:f3:8f:cf:aa:fc:6c:35:47:5d:f3:96:31:fe:a1:
4b:33:9f:14:d6:2c:fa:66:01:b0:66:e6:10:63:d9:
87:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F7:99:51:9A:7C:C0:11:3A:49:7C:EC:93:AE:86:AC:08:FF:B5:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SveZUZp8wBE6SXzsk66GrAj_tWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
193.124.4.0/24
194.87.2.0/24
194.87.30.0/24
194.87.44.0/24
194.87.221.0/24
195.133.94.0/24
212.192.8.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
79:3f:ef:d2:72:b3:92:f0:3e:9c:28:23:e5:95:92:fc:f5:9f:
b6:81:36:78:bf:c9:54:15:b8:7c:02:88:19:45:68:72:73:4d:
75:b6:30:69:2d:c8:ae:fb:2b:ac:e0:41:cd:cc:25:34:9d:9c:
26:6c:d2:e2:cc:5c:2f:f4:a9:f5:d6:27:c1:32:28:3f:a3:2d:
cf:ee:c3:31:a5:fe:9d:31:f3:f8:2a:2c:92:58:18:de:d6:c7:
bb:a0:c3:09:7a:25:98:c3:56:98:5f:ac:e7:9d:ce:3c:15:b0:
88:96:98:b6:96:24:0a:81:3c:ce:b5:a3:90:8b:5f:85:2b:83:
a2:36:3d:7a:88:c4:af:d3:c0:d5:73:96:71:68:51:51:ef:6e:
d6:99:35:1e:30:c3:9d:4d:1c:45:27:cf:68:95:e0:c2:b5:fc:
b7:54:a3:41:4c:3e:31:57:89:62:45:c3:59:7f:b4:94:6a:07:
b8:03:d3:02:af:41:7d:f1:16:b1:85:79:9f:e7:2e:5d:cf:bc:
de:b5:7b:f5:e2:db:a9:62:48:24:de:1e:03:1d:03:ba:87:1e:
96:45:02:71:9b:0b:0f:a2:fd:dd:5c:b2:07:25:4c:8d:0a:80:
a7:0b:0a:f8:ab:12:5b:53:31:d0:d0:94:9d:5c:cc:d5:0c:c1:
0a:c2:a4:b6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYp/fP7CShmZLYq6R5kt9m6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTEwMTQyNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWY3OTk1MTlhN2NjMDExM2E0OTdjZWM5M2FlODZhYzA4ZmZiNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon5FUcOAxmzc6QGyc+ZVLPxzBsNx
pHlfwhJfyC9jgwxDW8Ndr2pzWIkZ9FVzWotKg2J3FAWZ6HxahNoIPwB7Mq+qqzaq
xR8Pmse+XD9zCI6U2qLtl4x8ankCMXk+r+AjnnjNooPfsXtCKnIQ1ths8sDJ3ibR
TGPtMAKTIRtaTNDxetcGegeYxzzzWHb+cgxgaKWns33wRUKmwmXtpKGLO6KPlA1C
sk4tAoJx7eHiwIWWRkCzJ63jHDcASjiPq0ETtY1B1RMUPp8zwiHg2VXAQ/O7tHyw
5TNCTSar8Oycou4f84/PqvxsNUdd85Yx/qFLM58U1iz6ZgGwZuYQY9mHrQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEr3mVGafMAROkl87JOuhqwI/7VoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU3ZlWlVacDh3QkU2U1h6c2s2NkdyQWpfdFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy3AwQA
wXwEAwQAwlcCAwQAwlceAwQAwlcsAwQAwlfdAwQAw4VeAwQA1MAIAwQA1MD4MA0G
CSqGSIb3DQEBCwUAA4IBAQB5P+/ScrOS8D6cKCPllZL89Z+2gTZ4v8lUFbh8AogZ
RWhyc011tjBpLciu+yus4EHNzCU0nZwmbNLizFwv9Kn11ifBMig/oy3P7sMxpf6d
MfP4KiySWBje1se7oMMJeiWYw1aYX6znnc48FbCIlpi2liQKgTzOtaOQi1+FK4Oi
Nj16iMSv08DVc5ZxaFFR727WmTUeMMOdTRxFJ89oleDCtfy3VKNBTD4xV4liRcNZ
f7SUage4A9MCr0F98RaxhXmf5y5dz7zetXv14tupYkgk3h4DHQO6hx6WRQJxmwsP
ov3dXLIHJUyNCoCnCwr4qxJbUzHQ0JSdXMzVDMEKwqS2
-----END CERTIFICATE-----
Generated at Mon Sep 11 13:40:40 2023 by rpki-client on console-ams.rpki-client.org