Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X65I4rVTd1ND6k6Hw92_ROhZOfQ.roa
File: X65I4rVTd1ND6k6Hw92_ROhZOfQ.roa (raw, json)
Hash identifier: rTBaEcyB+6vXxgDMDihZdZkUME4z3tH6Hp1wBz5g+uk=
Subject key identifier: 5F:AE:48:E2:B5:53:77:53:43:EA:4E:87:C3:DD:BF:44:E8:59:39:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187428AF111DA284C843139D2ACA55FA441
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X65I4rVTd1ND6k6Hw92_ROhZOfQ.roa
Signing time: Sun 02 Apr 2023 15:16:54 +0000
ROA not before: Sun 02 Apr 2023 15:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:42:8a:f1:11:da:28:4c:84:31:39:d2:ac:a5:5f:a4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 2 15:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fae48e2b553775343ea4e87c3ddbf44e85939f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:59:ee:ff:e0:f9:c8:bf:2f:3c:32:e6:9f:00:
24:a9:0d:b4:0e:00:41:75:1b:2a:a4:28:ba:58:19:
69:00:30:4b:dd:3d:8a:39:1e:66:ba:35:8c:8d:5d:
02:a0:47:d1:a3:14:cf:e4:4d:18:49:59:44:1a:ba:
89:31:0e:88:00:b0:75:f2:e7:17:b9:d5:24:40:91:
ff:b4:6b:e5:56:70:44:51:8c:10:5c:f2:17:8d:cd:
bb:10:dc:d7:9f:0e:39:68:cc:16:eb:bf:21:96:d9:
92:a4:5c:41:dc:53:e9:34:c1:b0:1f:79:41:77:32:
99:f0:34:9a:64:78:69:48:83:58:39:73:5a:44:32:
31:34:a8:63:97:98:8f:ae:12:a3:72:6e:41:8f:cf:
18:8e:62:33:1b:a1:0e:6c:ff:88:6b:90:70:fd:dc:
37:f7:69:c2:f7:1f:f7:cb:6a:20:b6:17:47:99:de:
1c:4c:b7:29:e7:46:af:02:e1:e3:80:2b:43:e7:46:
5d:ab:68:98:fd:bf:2d:eb:76:fd:cc:15:4e:d4:2a:
a9:ed:0b:c9:70:39:34:c0:de:62:c9:aa:3a:33:ec:
61:ac:cf:21:a9:65:9c:63:e4:39:68:f0:59:ae:62:
32:6b:b1:43:f4:c2:c7:02:33:b9:cc:f7:aa:ea:e1:
fd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AE:48:E2:B5:53:77:53:43:EA:4E:87:C3:DD:BF:44:E8:59:39:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X65I4rVTd1ND6k6Hw92_ROhZOfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.82.0/24
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.50.0/24
195.58.56.0/21
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a8:21:4b:53:10:d7:54:9e:19:c1:6a:16:f5:7c:b5:92:bd:
a1:bb:fb:41:66:fe:d0:c2:a9:15:4b:06:69:ae:78:f5:d8:ab:
c0:a2:8f:5d:c2:a4:24:fb:44:05:3f:06:c5:f7:3b:24:96:c2:
2e:7a:33:50:ef:39:0e:28:3c:91:c8:c9:fd:99:44:43:07:1c:
95:41:1f:a3:3e:35:85:ed:e8:1f:bb:bb:80:63:a3:79:94:4b:
fb:09:d9:b3:79:23:50:45:3e:28:68:99:b9:69:0b:2a:e0:ec:
57:d8:3f:8f:35:c0:48:c3:11:2c:4e:f2:2e:0a:bb:7b:44:a8:
35:7e:5d:c5:e4:c4:d3:7d:1d:62:83:73:2d:8b:cd:3a:e1:89:
a5:9c:00:59:39:7e:16:97:28:0e:6d:c6:c1:3e:65:68:0a:39:
2c:06:33:31:c5:13:bc:5f:66:ae:aa:ad:b0:d5:60:78:65:53:
26:c8:08:0a:6d:26:69:6f:e4:4f:e6:c6:0e:9f:55:21:82:d1:
d0:2e:4b:8c:1e:19:d8:e1:51:6f:87:89:ab:95:00:42:e8:53:
f5:a2:c5:64:32:d3:22:c8:95:16:bd:75:57:e0:e9:70:07:b7:
ee:01:77:30:53:85:70:be:d3:c2:56:18:2b:72:d1:be:9c:bf:
e0:32:fb:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYdCivER2ihMhDE50qylX6RBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDAyMTUxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFlNDhlMmI1NTM3NzUzNDNlYTRlODdjM2RkYmY0NGU4NTkzOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVnu/+D5yL8vPDLmnwAkqQ20DgBB
dRsqpCi6WBlpADBL3T2KOR5mujWMjV0CoEfRoxTP5E0YSVlEGrqJMQ6IALB18ucX
udUkQJH/tGvlVnBEUYwQXPIXjc27ENzXnw45aMwW678hltmSpFxB3FPpNMGwH3lB
dzKZ8DSaZHhpSINYOXNaRDIxNKhjl5iPrhKjcm5Bj88YjmIzG6EObP+Ia5Bw/dw3
92nC9x/3y2ogthdHmd4cTLcp50avAuHjgCtD50Zdq2iY/b8t63b9zBVO1Cqp7QvJ
cDk0wN5iyao6M+xhrM8hqWWcY+Q5aPBZrmIya7FD9MLHAjO5zPeq6uH95wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFF+uSOK1U3dTQ+pOh8Pdv0ToWTn0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWDY1STRyVlRkMU5ENms2SHc5Ml9ST2haT2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBADB
fIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXGwMEAMJXUgMEAMJXdgME
AMJXiAMEAMJXpQMEAMJXqwMEAMJXxgMEAcJX0AMEAcJX3gMEAMM6MgMEA8M6OAME
AMOFNwMEAMOFwwMEAdTAAAMEAdTA0AMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsF
AAOCAQEAIKghS1MQ11SeGcFqFvV8tZK9obv7QWb+0MKpFUsGaa549dirwKKPXcKk
JPtEBT8Gxfc7JJbCLnozUO85Dig8kcjJ/ZlEQwcclUEfoz41he3oH7u7gGOjeZRL
+wnZs3kjUEU+KGiZuWkLKuDsV9g/jzXASMMRLE7yLgq7e0SoNX5dxeTE030dYoNz
LYvNOuGJpZwAWTl+FpcoDm3GwT5laAo5LAYzMcUTvF9mrqqtsNVgeGVTJsgICm0m
aW/kT+bGDp9VIYLR0C5LjB4Z2OFRb4eJq5UAQuhT9aLFZDLTIsiVFr11V+DpcAe3
7gF3MFOFcL7TwlYYK3LRvpy/4DL7Pg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org