Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YYPeD6hubfka4Q5Sq9BftjYIMqE.roa
File: YYPeD6hubfka4Q5Sq9BftjYIMqE.roa (raw, json)
Hash identifier: eJCFcLZsFe6iAVuk8wbbcn3T1iLGMGyh2pdMWwQSsqw=
Subject key identifier: 61:83:DE:0F:A8:6E:6D:F9:1A:E1:0E:52:AB:D0:5F:B6:36:08:32:A1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01869C9DC0F0A10FB5C6C301686754418E72
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YYPeD6hubfka4Q5Sq9BftjYIMqE.roa
Signing time: Wed 01 Mar 2023 10:00:29 +0000
ROA not before: Wed 01 Mar 2023 10:00:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:9d:c0:f0:a1:0f:b5:c6:c3:01:68:67:54:41:8e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 1 10:00:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6183de0fa86e6df91ae10e52abd05fb6360832a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:0e:7c:17:90:85:70:7b:79:e8:dc:62:f0:
a2:97:c8:cf:a0:b5:72:d6:40:f6:55:8b:77:9d:77:
dc:b6:0b:f9:d8:b4:47:6b:31:b2:a4:af:72:c1:1a:
72:cc:df:37:68:bd:61:6f:8e:5f:28:80:8c:9f:c4:
9f:89:3b:75:0c:2b:59:b3:fe:64:46:19:d4:44:f7:
ae:d4:ca:b0:81:79:3a:ad:86:56:49:7e:ac:33:7a:
89:6c:01:93:5b:d9:be:64:d9:b0:cc:81:ab:5e:dc:
09:08:24:20:70:e6:7d:36:32:7e:5d:b0:12:42:57:
bb:ad:82:41:ac:74:cb:c8:cf:f4:03:63:f0:30:3d:
b2:d7:d5:bc:d9:9a:d2:fe:7d:72:e5:02:a0:31:f1:
3a:6c:0f:fd:35:d9:52:78:1f:6f:a5:3a:d5:37:8a:
c4:87:f7:1d:1f:7d:77:6f:28:d1:e7:cc:d3:e7:31:
3f:f5:12:ef:6b:b9:4e:40:70:64:65:5b:9f:ca:f0:
2c:8f:d2:d5:d0:74:91:70:0d:e5:f7:46:6c:72:8f:
73:f2:e1:ce:eb:f4:9a:36:7e:67:ca:07:8d:02:ad:
69:11:22:b8:a7:08:88:ea:ba:b2:9e:6b:77:1a:2c:
f7:e6:10:5d:0f:a3:72:f0:97:6e:07:ca:b4:79:91:
d6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:83:DE:0F:A8:6E:6D:F9:1A:E1:0E:52:AB:D0:5F:B6:36:08:32:A1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YYPeD6hubfka4Q5Sq9BftjYIMqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.8.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
28:93:26:cb:c0:3a:fd:8a:be:09:a6:40:c5:6e:cf:14:10:8c:
e1:a6:d1:0d:e4:6e:ea:80:2b:67:41:36:16:78:26:ab:74:df:
d2:97:22:6d:90:21:3f:b9:37:fc:4f:0f:a7:28:62:a7:3e:67:
28:c4:a7:4f:96:90:53:ad:88:73:a2:b2:dc:01:d0:3f:6c:67:
aa:78:04:30:e2:ee:28:90:53:91:01:bb:24:1e:44:32:b4:4e:
db:29:bc:6a:58:59:10:e8:53:3d:c4:a5:1e:c4:ba:72:06:14:
22:24:a3:74:35:88:de:41:76:4e:35:a9:ab:c6:e9:b0:27:0d:
5a:b5:b5:fa:7d:ca:8b:00:06:2d:50:69:7a:98:88:48:b9:3d:
71:40:6e:b2:1a:29:74:e8:ab:58:73:a1:38:46:4b:fe:9c:38:
c2:04:7a:c6:d7:e7:b9:56:05:84:70:a0:63:44:f2:c8:fe:31:
ad:62:25:a4:6d:e7:20:63:91:2b:83:2b:81:d3:e3:dc:d3:2f:
ce:ad:d8:de:40:04:29:52:d6:a8:0a:b5:d3:ac:8d:80:d0:e5:
fa:a4:bc:ea:40:54:94:00:99:75:0a:a9:23:7f:a3:f7:ae:6f:
aa:1e:3e:0e:f1:d8:94:28:92:fa:0d:73:86:46:40:4f:b5:b4:
6f:eb:33:c1
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYacncDwoQ+1xsMBaGdUQY5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAxMTAwMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTgzZGUwZmE4NmU2ZGY5MWFlMTBlNTJhYmQwNWZiNjM2MDgzMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7kOfBeQhXB7eejcYvCil8jPoLVy
1kD2VYt3nXfctgv52LRHazGypK9ywRpyzN83aL1hb45fKICMn8SfiTt1DCtZs/5k
RhnURPeu1MqwgXk6rYZWSX6sM3qJbAGTW9m+ZNmwzIGrXtwJCCQgcOZ9NjJ+XbAS
Qle7rYJBrHTLyM/0A2PwMD2y19W82ZrS/n1y5QKgMfE6bA/9NdlSeB9vpTrVN4rE
h/cdH313byjR58zT5zE/9RLva7lOQHBkZVufyvAsj9LV0HSRcA3l90Zsco9z8uHO
6/SaNn5nygeNAq1pESK4pwiI6rqynmt3Giz35hBdD6Ny8JduB8q0eZHW2wIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFGGD3g+obm35GuEOUqvQX7Y2CDKhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWVlQZUQ2aHViZmthNFE1U3E5QmZ0allJTXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBADA
fLYDBADBfAgDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXFgME
AMJXGwMEAMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwld+AwQAwleIAwQBwleK
AwQAwlelAwQAwlerAwQAwlfGAwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoyMAwDBALD
OjQDBAbDOgADBADDhTcDBADDhcEDBADDhcMDBAHUwAADBAHUwNADBADUwNMDBADU
wQADBADUwQwwDQYJKoZIhvcNAQELBQADggEBACiTJsvAOv2KvgmmQMVuzxQQjOGm
0Q3kbuqAK2dBNhZ4Jqt039KXIm2QIT+5N/xPD6coYqc+ZyjEp0+WkFOtiHOistwB
0D9sZ6p4BDDi7iiQU5EBuyQeRDK0TtspvGpYWRDoUz3EpR7EunIGFCIko3Q1iN5B
dk41qavG6bAnDVq1tfp9yosABi1QaXqYiEi5PXFAbrIaKXToq1hzoThGS/6cOMIE
esbX57lWBYRwoGNE8sj+Ma1iJaRt5yBjkSuDK4HT49zTL86t2N5ABClS1qgKtdOs
jYDQ5fqkvOpAVJQAmXUKqSN/o/eub6oePg7x2JQokvoNc4ZGQE+1tG/rM8E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:06 2023 by rpki-client on console-fra.rpki-client.org