Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xfk_u8zVsCRy5ft8hPpcEItFFP0.roa
File: Xfk_u8zVsCRy5ft8hPpcEItFFP0.roa (raw, json)
Hash identifier: 56Uzkl42SkjC3Adb3I/9i9a5RCrFw7Ku1H1LMRszPHg=
Subject key identifier: 5D:F9:3F:BB:CC:D5:B0:24:72:E5:FB:7C:84:FA:5C:10:8B:45:14:FD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01898DD004E3B1A59DB9B40A53FEECB7C3A8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xfk_u8zVsCRy5ft8hPpcEItFFP0.roa
Signing time: Tue 25 Jul 2023 16:09:27 +0000
ROA not before: Tue 25 Jul 2023 16:09:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 193.124.227.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:d0:04:e3:b1:a5:9d:b9:b4:0a:53:fe:ec:b7:c3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 25 16:09:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df93fbbccd5b02472e5fb7c84fa5c108b4514fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:bd:bc:ee:e3:32:fe:f0:a0:59:58:47:2b:
56:a9:21:e1:d5:5b:77:77:28:49:23:c3:db:55:47:
33:5f:b1:f0:34:4b:04:23:de:82:5f:46:a2:14:e1:
2d:96:05:ef:c3:75:29:40:39:07:d4:fe:a7:96:d2:
9b:b6:7b:d7:d0:83:18:d7:db:af:de:c5:76:12:af:
56:b6:90:fe:7c:7d:ea:4a:07:1e:6b:7d:e6:5f:e5:
90:f2:cc:14:46:72:1b:97:1c:34:b2:3c:75:f5:3e:
e6:d1:ba:d6:06:f7:4d:9c:03:40:61:3c:3c:8c:59:
26:74:45:06:dd:14:99:8b:aa:f7:df:1e:ea:34:97:
aa:b8:0b:33:ac:82:7d:39:f2:f3:2a:c7:87:a2:6d:
7a:3c:79:d5:63:dd:be:a1:7b:c0:55:b5:b5:94:d4:
71:bd:13:3a:64:bf:87:fa:eb:f6:79:6a:3f:6a:29:
76:3b:9e:72:3b:e9:e6:cc:3d:4f:d0:f5:f3:2c:d4:
17:8e:3a:a6:7e:c5:8e:76:55:c5:db:15:29:b3:fb:
a5:4d:7c:5a:a2:ca:18:0d:e0:e0:d0:e9:cf:f5:90:
7c:cd:bc:27:f8:5f:0f:a9:75:6a:fe:1a:73:82:30:
88:83:6a:54:7c:c0:91:43:ef:40:e1:47:e0:4a:b1:
b7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F9:3F:BB:CC:D5:B0:24:72:E5:FB:7C:84:FA:5C:10:8B:45:14:FD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xfk_u8zVsCRy5ft8hPpcEItFFP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.18.0/24
193.124.49.0/24
193.124.227.0/24
194.87.23.0/24
194.87.53.0/24
194.87.160.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0/24
194.135.46.0/24
195.133.37.0/24
212.192.249.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5d:b7:fc:13:d0:e3:9d:43:89:47:db:ff:42:86:77:d6:3c:
98:7f:c7:8d:4f:52:57:4e:27:ad:f8:ff:7a:fa:7e:2c:7d:7b:
2a:23:a9:a0:0f:8a:92:25:51:12:be:a9:47:12:f2:9b:40:ce:
54:07:97:02:0f:71:bc:35:cb:e2:c8:94:85:e9:3b:bc:da:05:
c8:06:d7:58:f3:8d:ce:62:a9:78:cc:fb:1e:81:5f:48:0c:ad:
24:d5:62:ca:bf:fa:7b:23:64:5a:c5:bd:0e:57:93:0a:e1:a5:
ae:dc:9c:09:fa:3c:f8:78:c9:cf:eb:1f:d7:dd:d1:21:88:8a:
26:5a:b0:81:cc:07:02:f7:dd:a3:eb:69:cf:58:1e:cb:d0:8d:
ea:aa:15:f1:5b:d9:e6:1c:0f:d6:f6:24:80:52:19:71:ee:fc:
c5:7f:15:ff:e5:a7:27:a8:aa:3f:e9:98:0c:bc:32:30:c2:1c:
cb:c4:b0:e4:44:dc:a5:fd:73:81:4a:a0:8c:90:51:70:79:7c:
65:cf:fc:62:96:bc:b0:77:5f:8c:13:13:cf:2e:86:06:57:13:
9f:10:b4:0e:60:18:48:4c:38:56:a6:89:36:8c:fc:42:ce:6d:
2e:5b:fb:36:8b:10:c2:6a:be:df:e6:81:fa:51:3f:5d:81:d6:
97:1e:d0:37
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYmN0ATjsaWdubQKU/7st8OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI1MTYwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY5M2ZiYmNjZDViMDI0NzJlNWZiN2M4NGZhNWMxMDhiNDUxNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0+9vO7jMv7woFlYRytWqSHh1Vt3
dyhJI8PbVUczX7HwNEsEI96CX0aiFOEtlgXvw3UpQDkH1P6nltKbtnvX0IMY19uv
3sV2Eq9WtpD+fH3qSgcea33mX+WQ8swURnIblxw0sjx19T7m0brWBvdNnANAYTw8
jFkmdEUG3RSZi6r33x7qNJequAszrIJ9OfLzKseHom16PHnVY92+oXvAVbW1lNRx
vRM6ZL+H+uv2eWo/ail2O55yO+nmzD1P0PXzLNQXjjqmfsWOdlXF2xUps/ulTXxa
osoYDeDg0OnP9ZB8zbwn+F8PqXVq/hpzgjCIg2pUfMCRQ+9A4UfgSrG3VQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFF35P7vM1bAkcuX7fIT6XBCLRRT9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWGZrX3U4elZzQ1J5NWZ0OGhQcGNFSXRGRlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwlegAwQAwlfwAwQAwlfzAwQA
wocXAwQAwocuAwQAw4UlAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQBlXbf8E9Dj
nUOJR9v/QoZ31jyYf8eNT1JXTiet+P96+n4sfXsqI6mgD4qSJVESvqlHEvKbQM5U
B5cCD3G8NcviyJSF6Tu82gXIBtdY843OYql4zPsegV9IDK0k1WLKv/p7I2Raxb0O
V5MK4aWu3JwJ+jz4eMnP6x/X3dEhiIomWrCBzAcC992j62nPWB7L0I3qqhXxW9nm
HA/W9iSAUhlx7vzFfxX/5acnqKo/6ZgMvDIwwhzLxLDkRNyl/XOBSqCMkFFweXxl
z/xilrywd1+MExPPLoYGVxOfELQOYBhITDhWpok2jPxCzm0uW/s2ixDCar7f5oH6
UT9dgdaXHtA3
-----END CERTIFICATE-----
Generated at Wed Jul 26 14:08:01 2023 by rpki-client on console-fra.rpki-client.org