Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TWPeMjPA1c9vWbY7eKgw6Kdy238.roa
File: TWPeMjPA1c9vWbY7eKgw6Kdy238.roa (raw, json)
Hash identifier: BZFjlLVsYb/d2ZjbHTZnAhNZ0liSxjc+vn6T5GNxAs8=
Subject key identifier: 4D:63:DE:32:33:C0:D5:CF:6F:59:B6:3B:78:A8:30:E8:A7:72:DB:7F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185EC7B2D6C299FE3EBED1A94F3BFE2D1F5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TWPeMjPA1c9vWbY7eKgw6Kdy238.roa
Signing time: Thu 26 Jan 2023 05:09:33 +0000
ROA not before: Thu 26 Jan 2023 05:09:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 194.87.204.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ec:7b:2d:6c:29:9f:e3:eb:ed:1a:94:f3:bf:e2:d1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 26 05:09:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d63de3233c0d5cf6f59b63b78a830e8a772db7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a2:0d:5b:3a:19:98:df:73:e6:42:28:60:53:
49:81:5a:e2:d3:8b:64:f4:01:c3:2e:0a:68:e4:f9:
82:61:1f:1e:5a:0a:4e:39:ff:ee:ea:20:48:55:c4:
e1:08:f6:7c:7e:5b:62:bf:85:c8:d8:4e:9e:6c:4a:
fb:ac:2c:cf:8a:d8:d7:ca:c9:44:35:c8:69:5a:80:
38:2d:e7:d4:39:0d:4c:41:97:65:73:86:16:c8:39:
31:fd:be:70:81:a1:93:75:ed:b4:4c:49:35:7a:63:
2e:7c:a1:8e:40:64:ce:63:7f:4b:00:99:ad:71:0c:
5e:c0:03:9d:59:cb:5f:63:d4:67:d3:cc:f0:5c:69:
06:b9:91:81:ca:0a:35:b1:fb:36:44:79:fb:bd:dc:
30:92:75:a5:c6:7d:62:6e:84:2a:61:f8:a7:d9:8e:
df:39:47:94:06:6a:ec:61:46:b7:66:44:21:35:e8:
c5:2b:4c:b2:14:d1:41:d1:58:45:4b:42:64:9e:07:
85:1d:d3:9a:d3:24:f9:3f:98:88:94:e7:46:97:71:
e2:28:a2:0c:4a:30:fc:7a:5a:9c:04:99:86:9e:e7:
c3:05:64:21:7e:97:9a:ad:45:cf:7c:0e:51:45:58:
ff:df:0e:f7:99:09:b0:9e:ed:48:e6:9c:dc:67:d8:
7a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:63:DE:32:33:C0:D5:CF:6F:59:B6:3B:78:A8:30:E8:A7:72:DB:7F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TWPeMjPA1c9vWbY7eKgw6Kdy238.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
194.87.204.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.58.38.0/24
195.133.15.0/24
Signature Algorithm: sha256WithRSAEncryption
29:37:0c:18:b5:de:45:3b:b6:2b:40:e9:38:c4:b7:7a:8c:eb:
ca:bb:5f:44:14:02:74:3f:ee:48:d0:d8:57:7d:06:8b:ed:dc:
2e:06:11:a1:45:0e:09:82:85:b2:79:d2:5d:5c:35:ad:4f:ac:
fb:67:b7:e7:0a:6e:1d:bd:11:be:c9:dc:1d:bf:4c:fe:92:7e:
e3:66:d6:05:77:52:36:65:02:9d:09:49:e6:83:2a:bc:96:bf:
5d:96:20:cb:02:82:19:ee:79:89:00:96:7a:25:0d:08:a4:e9:
3b:b7:bb:fa:48:6d:82:f4:e7:0f:7b:64:3b:96:54:68:2d:d8:
0f:6a:a8:90:d3:12:df:91:09:37:21:e3:58:6b:19:05:92:c0:
3a:04:e5:9b:b9:0e:3f:27:06:16:71:9f:9c:39:7e:8e:d0:0a:
b2:8a:88:2d:b9:1f:63:da:fb:f1:60:af:69:da:f6:74:41:0c:
dd:c5:a7:12:41:b5:6a:40:80:4f:6b:10:88:91:e5:2c:95:e1:
bc:b6:d2:47:8d:34:e7:39:04:d2:0e:44:00:a3:a3:9f:cf:5e:
05:78:4b:43:b7:28:4d:6b:9f:9f:09:f0:03:d6:85:9a:64:91:
2c:9c:7b:e9:29:75:e7:ab:27:de:ab:7a:84:cc:51:fe:c2:75:
7d:9b:02:58
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYXsey1sKZ/j6+0alPO/4tH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI2MDUwOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYzZGUzMjMzYzBkNWNmNmY1OWI2M2I3OGE4MzBlOGE3NzJkYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKINWzoZmN9z5kIoYFNJgVri04tk
9AHDLgpo5PmCYR8eWgpOOf/u6iBIVcThCPZ8fltiv4XI2E6ebEr7rCzPitjXyslE
NchpWoA4LefUOQ1MQZdlc4YWyDkx/b5wgaGTde20TEk1emMufKGOQGTOY39LAJmt
cQxewAOdWctfY9Rn08zwXGkGuZGBygo1sfs2RHn7vdwwknWlxn1iboQqYfin2Y7f
OUeUBmrsYUa3ZkQhNejFK0yyFNFB0VhFS0JkngeFHdOa0yT5P5iIlOdGl3HiKKIM
SjD8elqcBJmGnufDBWQhfpearUXPfA5RRVj/3w73mQmwnu1I5pzcZ9h6YwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE1j3jIzwNXPb1m2O3ioMOinctt/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFdQZU1qUEExYzl2V2JZN2VLZ3c2S2R5MjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXzKAwQA
wlfMAwQAwlfQAwQAwlfiAwQAwlfnAwQAwzomAwQAw4UPMA0GCSqGSIb3DQEBCwUA
A4IBAQApNwwYtd5FO7YrQOk4xLd6jOvKu19EFAJ0P+5I0NhXfQaL7dwuBhGhRQ4J
goWyedJdXDWtT6z7Z7fnCm4dvRG+ydwdv0z+kn7jZtYFd1I2ZQKdCUnmgyq8lr9d
liDLAoIZ7nmJAJZ6JQ0IpOk7t7v6SG2C9OcPe2Q7llRoLdgPaqiQ0xLfkQk3IeNY
axkFksA6BOWbuQ4/JwYWcZ+cOX6O0AqyiogtuR9j2vvxYK9p2vZ0QQzdxacSQbVq
QIBPaxCIkeUsleG8ttJHjTTnOQTSDkQAo6Ofz14FeEtDtyhNa5+fCfAD1oWaZJEs
nHvpKXXnqyfeq3qEzFH+wnV9mwJY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:04 2023 by rpki-client on console-fra.rpki-client.org