Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TrNtftLvELu1Us0zEEdEd9p4Lfc.roa
File: TrNtftLvELu1Us0zEEdEd9p4Lfc.roa (raw, json)
Hash identifier: aDpKzeMSRrVQ9Hd7rHGcfRuNqRkEIOwHR2DrvZ08++U=
Subject key identifier: 4E:B3:6D:7E:D2:EF:10:BB:B5:52:CD:33:10:47:44:77:DA:78:2D:F7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018728C8F01F6948018BBA75E6D83A7159A8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TrNtftLvELu1Us0zEEdEd9p4Lfc.roa
Signing time: Tue 28 Mar 2023 15:14:29 +0000
ROA not before: Tue 28 Mar 2023 15:14:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:c8:f0:1f:69:48:01:8b:ba:75:e6:d8:3a:71:59:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 28 15:14:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eb36d7ed2ef10bbb552cd3310474477da782df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2d:49:fb:54:56:ff:e1:f2:5a:4c:9f:b0:08:
94:db:0a:af:2d:c3:5a:d1:ea:44:f5:56:e5:2c:93:
b4:e8:83:5a:90:b1:d9:ef:bd:39:32:e8:fa:1e:6b:
26:e2:a0:ce:f0:51:3a:74:c2:cc:7a:57:e8:ce:b9:
89:35:9d:2a:c9:5c:be:d6:86:87:aa:cc:77:34:b9:
00:c7:1c:89:29:f8:11:30:d8:8c:3f:82:4b:61:62:
7f:83:db:3d:df:39:b7:0f:66:cb:3b:af:79:b5:ad:
72:4e:de:ba:3c:17:c8:9e:5b:5b:26:0d:ab:59:c5:
7a:93:39:70:11:08:14:f7:dd:b4:53:88:00:fc:f8:
99:c1:5e:03:eb:b1:52:7e:fb:36:78:ce:2f:2e:25:
0f:4b:30:5d:6c:e0:46:8c:ab:0c:39:d0:05:a4:f2:
6a:09:dc:fd:7c:4d:a5:c6:17:96:c1:19:8d:52:14:
84:9a:cc:d1:85:65:e5:f7:22:92:58:e6:dd:1e:3d:
ad:f5:d3:de:fd:b4:67:38:f9:45:46:20:ca:68:b8:
e0:be:49:ac:07:01:a8:d0:82:85:4d:75:16:9f:7f:
fd:08:64:cd:af:83:24:19:da:c3:7d:87:97:61:13:
be:9a:02:a5:3c:14:e1:6a:f0:33:eb:48:42:8a:64:
d3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B3:6D:7E:D2:EF:10:BB:B5:52:CD:33:10:47:44:77:DA:78:2D:F7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TrNtftLvELu1Us0zEEdEd9p4Lfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.188.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.84.0/24
194.87.86.0/24
194.87.187.0/24
195.133.13.0/24
195.133.37.0/24
195.133.39.0/24
212.192.240.0/24
212.192.243.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
33:51:fb:ec:a7:1a:56:73:6a:bf:6a:c4:5f:e0:8f:3c:a6:b2:
e2:20:76:89:45:33:00:3b:cb:9a:b2:eb:45:92:1c:05:64:22:
02:8b:57:8b:0c:20:8b:d8:d5:ad:e1:72:8c:18:fa:00:14:b4:
34:8f:40:68:fe:7e:e7:a2:91:d7:24:e4:29:12:d3:ba:30:a7:
e2:ce:c0:95:30:d8:72:b7:79:f0:e7:f0:dd:88:37:d8:eb:89:
f3:e9:02:1a:2e:65:c0:4a:3d:ff:ab:b7:d4:bc:6f:1c:bb:6d:
59:5d:02:98:e4:58:fa:d7:43:df:18:8b:af:cd:30:11:03:a9:
55:7d:46:fe:9e:25:8e:2e:1d:33:45:e9:ca:fa:79:93:56:24:
84:e6:82:7a:40:35:0b:20:70:74:61:6a:8a:97:c9:40:85:17:
9d:1a:69:02:cc:f4:8e:00:67:4e:d5:db:29:1f:0a:4c:6e:27:
bc:f6:cf:2e:ad:d1:5b:68:ef:d2:13:aa:28:ce:24:b5:68:6f:
54:46:1e:8c:e1:8b:66:9e:69:3e:1a:25:eb:f9:ec:00:7d:f1:
03:15:4e:ce:56:2a:fd:e7:c8:01:4d:0f:3f:2b:62:24:71:88:
da:6a:94:8a:1f:df:21:39:95:3d:6e:65:5b:63:0b:df:f0:da:
11:39:16:49
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYcoyPAfaUgBi7p15tg6cVmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI4MTUxNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIzNmQ3ZWQyZWYxMGJiYjU1MmNkMzMxMDQ3NDQ3N2RhNzgyZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS1J+1RW/+HyWkyfsAiU2wqvLcNa
0epE9VblLJO06INakLHZ7705Muj6Hmsm4qDO8FE6dMLMelfozrmJNZ0qyVy+1oaH
qsx3NLkAxxyJKfgRMNiMP4JLYWJ/g9s93zm3D2bLO695ta1yTt66PBfInltbJg2r
WcV6kzlwEQgU9920U4gA/PiZwV4D67FSfvs2eM4vLiUPSzBdbOBGjKsMOdAFpPJq
Cdz9fE2lxheWwRmNUhSEmszRhWXl9yKSWObdHj2t9dPe/bRnOPlFRiDKaLjgvkms
BwGo0IKFTXUWn3/9CGTNr4MkGdrDfYeXYRO+mgKlPBThavAz60hCimTTywIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFE6zbX7S7xC7tVLNMxBHRHfaeC33MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVHJOdGZ0THZFTHUxVXMwekVFZEVkOXA0TGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwHy8AwQA
wXzjAwQAwlX5AwQAwlX7AwQAwldUAwQAwldWAwQAwle7AwQAw4UNAwQAw4UlAwQA
w4UnAwQA1MDwAwQA1MDzAwQA1MEcAwQA1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQAz
UfvspxpWc2q/asRf4I88prLiIHaJRTMAO8uasutFkhwFZCICi1eLDCCL2NWt4XKM
GPoAFLQ0j0Bo/n7nopHXJOQpEtO6MKfizsCVMNhyt3nw5/DdiDfY64nz6QIaLmXA
Sj3/q7fUvG8cu21ZXQKY5Fj610PfGIuvzTARA6lVfUb+niWOLh0zRenK+nmTViSE
5oJ6QDULIHB0YWqKl8lAhRedGmkCzPSOAGdO1dspHwpMbie89s8urdFbaO/SE6oo
ziS1aG9URh6M4Ytmnmk+GiXr+ewAffEDFU7OVir958gBTQ8/K2IkcYjaapSKH98h
OZU9bmVbYwvf8NoRORZJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org