Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/URdKsUVQxl9qFmU1KL90mjA5Pww.roa
File: URdKsUVQxl9qFmU1KL90mjA5Pww.roa (raw, json)
Hash identifier: 7A8oqMz/vIgQEKISMpNaE/JwG1cuiOlHJGHOtuxDsqw=
Subject key identifier: 51:17:4A:B1:45:50:C6:5F:6A:16:65:35:28:BF:74:9A:30:39:3F:0C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188AB6D12F4E2BA191399A42479867FE443
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/URdKsUVQxl9qFmU1KL90mjA5Pww.roa
Signing time: Sun 11 Jun 2023 17:07:12 +0000
ROA not before: Sun 11 Jun 2023 17:07:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 212.193.30.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ab:6d:12:f4:e2:ba:19:13:99:a4:24:79:86:7f:e4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 11 17:07:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51174ab14550c65f6a16653528bf749a30393f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ad:e0:ca:d2:a9:01:28:2d:96:ae:b2:8b:cb:
14:26:45:23:da:20:33:ed:52:9a:23:9e:ea:e1:40:
f1:b5:82:a4:ab:c0:de:83:f7:8c:91:8e:bd:f5:ee:
36:4e:8a:2e:d4:dd:50:6e:99:12:47:6b:86:da:ba:
59:54:a7:19:da:af:87:3c:46:e5:90:04:f7:1b:22:
47:8d:ba:6d:c1:48:80:98:0c:8d:6d:55:9f:93:ec:
17:ef:e6:29:cf:48:10:97:83:68:c7:5c:18:4a:f0:
94:aa:cd:e0:28:a3:6b:a8:5c:75:be:03:46:2a:18:
f5:28:1c:d1:2e:db:19:b6:f5:c0:2e:d5:17:e5:92:
a7:09:25:67:d2:63:40:43:ab:c7:a8:7f:a4:97:e7:
ad:04:2e:e2:71:b1:12:fd:7d:6e:4c:4e:d9:e7:d0:
fe:50:72:f7:54:3c:25:86:f5:f9:ea:d1:2d:d8:f9:
f8:1c:54:32:f5:58:ad:8d:34:a3:be:67:6b:ff:62:
cf:d2:f4:af:51:a6:f2:33:bf:8e:f9:3f:80:cf:d8:
12:df:57:22:79:c0:2e:ae:75:0f:03:b1:88:a4:4f:
2c:2a:64:39:b2:d8:1b:9d:d0:25:0e:88:7f:cf:73:
02:82:6d:a9:48:77:47:8b:f3:5d:6d:2c:a9:07:31:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:17:4A:B1:45:50:C6:5F:6A:16:65:35:28:BF:74:9A:30:39:3F:0C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/URdKsUVQxl9qFmU1KL90mjA5Pww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.85.0/24
194.87.87.0/24
195.133.38.0/24
212.192.242.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f0:81:24:21:f0:ba:7b:b7:d7:a6:f4:30:e2:99:39:5a:5e:
2a:97:1f:78:52:a8:f3:88:97:d9:bf:66:d6:3d:2f:5a:31:fd:
f0:61:3e:e3:7f:ec:c4:0e:f1:1b:14:0a:ed:2a:7f:a8:62:1c:
32:99:aa:2f:a3:49:7d:75:64:05:4a:47:13:44:13:30:6c:40:
50:c4:9b:32:82:4e:df:6c:97:c6:25:11:43:ab:a4:02:dc:b3:
05:9f:50:a8:41:8b:ed:09:54:88:6f:90:9f:41:7c:1f:3f:b8:
f3:bc:c1:82:56:b8:b1:1d:b6:b5:06:d5:de:2a:f0:20:60:90:
7f:f7:1c:c9:23:1c:ee:5f:54:96:44:c7:33:51:d6:a6:44:5b:
06:c9:9c:02:ab:ff:21:39:95:4a:79:63:f3:b3:7d:9f:e0:1a:
ae:11:10:56:5e:32:ff:05:22:99:ed:78:3a:2e:06:4f:b4:5b:
1d:f2:f3:ff:89:f5:e7:27:61:61:a3:cc:f3:60:7b:5a:70:b5:
92:54:19:e5:5e:4b:d7:f3:4a:05:a3:d9:ac:23:1d:78:49:b5:
5c:34:35:59:16:3b:21:e9:e3:32:a1:e4:6f:15:df:65:b6:6c:
ee:e4:77:00:f9:6c:be:99:2f:c2:7e:b9:3e:7c:f7:52:96:a7:
b0:6d:db:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYirbRL04roZE5mkJHmGf+RDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjExMTcwNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTE3NGFiMTQ1NTBjNjVmNmExNjY1MzUyOGJmNzQ5YTMwMzkzZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K3gytKpASgtlq6yi8sUJkUj2iAz
7VKaI57q4UDxtYKkq8Deg/eMkY699e42Toou1N1QbpkSR2uG2rpZVKcZ2q+HPEbl
kAT3GyJHjbptwUiAmAyNbVWfk+wX7+Ypz0gQl4Nox1wYSvCUqs3gKKNrqFx1vgNG
Khj1KBzRLtsZtvXALtUX5ZKnCSVn0mNAQ6vHqH+kl+etBC7icbES/X1uTE7Z59D+
UHL3VDwlhvX56tEt2Pn4HFQy9VitjTSjvmdr/2LP0vSvUabyM7+O+T+Az9gS31ci
ecAurnUPA7GIpE8sKmQ5stgbndAlDoh/z3MCgm2pSHdHi/NdbSypBzGQUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFEXSrFFUMZfahZlNSi/dJowOT8MMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVVJkS3NVVlF4bDlxRm1VMUtMOTBtakE1UHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwldVAwQA
wldXAwQAw4UmAwQA1MDyAwQA1MEeMA0GCSqGSIb3DQEBCwUAA4IBAQB28IEkIfC6
e7fXpvQw4pk5Wl4qlx94UqjziJfZv2bWPS9aMf3wYT7jf+zEDvEbFArtKn+oYhwy
maovo0l9dWQFSkcTRBMwbEBQxJsygk7fbJfGJRFDq6QC3LMFn1CoQYvtCVSIb5Cf
QXwfP7jzvMGCVrixHba1BtXeKvAgYJB/9xzJIxzuX1SWRMczUdamRFsGyZwCq/8h
OZVKeWPzs32f4BquERBWXjL/BSKZ7Xg6LgZPtFsd8vP/ifXnJ2Fho8zzYHtacLWS
VBnlXkvX80oFo9msIx14SbVcNDVZFjsh6eMyoeRvFd9ltmzu5HcA+Wy+mS/Cfrk+
fPdSlqewbds8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org