Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Z1eAYvnLwSn_RIg9NY4bm5WfEd8.roa
File: Z1eAYvnLwSn_RIg9NY4bm5WfEd8.roa (raw, json)
Hash identifier: JGLmDf8au1BLOCIMXkeUsHSSET8gCedbtZDuYsYubCI=
Subject key identifier: 67:57:80:62:F9:CB:C1:29:FF:44:88:3D:35:8E:1B:9B:95:9F:11:DF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B8F546C5FB62D2C930DA6D2F80DA681BB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Z1eAYvnLwSn_RIg9NY4bm5WfEd8.roa
Signing time: Thu 02 Nov 2023 09:19:16 +0000
ROA not before: Thu 02 Nov 2023 09:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:54:6c:5f:b6:2d:2c:93:0d:a6:d2:f8:0d:a6:81:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 2 09:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67578062f9cbc129ff44883d358e1b9b959f11df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:76:4b:85:ee:7e:03:12:45:6f:51:9c:80:57:
a9:6b:7f:5a:59:5a:f3:a0:e1:bf:9e:a4:36:06:af:
73:17:3a:bd:af:49:11:13:af:ea:80:56:23:51:78:
7b:fd:32:4d:77:be:7e:ab:14:9f:83:05:32:5d:5a:
a3:1a:52:00:3c:87:91:36:b2:9f:91:01:aa:f9:8b:
7f:59:a7:f8:ac:63:1f:b8:cf:61:78:23:d5:0f:8e:
05:cc:06:a3:3f:6d:92:40:64:da:05:76:4f:15:93:
ab:64:38:4f:58:5e:b4:24:b3:e7:a2:8c:ce:44:fe:
17:b9:dc:b0:91:5d:48:d5:a2:e8:08:d5:08:2c:b4:
eb:7a:a3:ba:6b:41:b8:93:a8:0e:d4:19:dc:ba:8b:
3c:d2:dd:3b:d7:9d:e0:25:a4:df:cb:03:d7:3d:0d:
be:29:21:fb:af:33:d5:c5:c9:53:fd:d6:2a:52:a0:
ae:01:e2:01:2f:1f:ff:e5:05:41:4a:ae:dd:fa:84:
5c:32:b1:5d:55:2d:fb:d7:c1:67:e1:e5:58:77:81:
59:fa:10:8b:de:03:bd:85:fd:00:a6:59:97:f7:9f:
a0:fd:c2:18:43:3c:dc:ee:38:60:5a:7b:1b:31:16:
60:6d:32:2a:3c:6f:09:43:d6:18:1e:79:d2:3b:56:
cf:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:57:80:62:F9:CB:C1:29:FF:44:88:3D:35:8E:1B:9B:95:9F:11:DF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Z1eAYvnLwSn_RIg9NY4bm5WfEd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
192.124.180.0/24
193.124.17.0/24
193.124.90.0/24
194.58.42.0/24
194.87.76.0/24
194.87.136.0/24
194.87.172.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.14.0/23
195.133.25.0/24
195.133.27.0/24
195.133.35.0/24
212.192.4.0/24
212.192.8.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
00:6e:9f:3f:4e:46:91:a7:d9:ed:39:d1:45:e2:75:9a:9f:7a:
5d:f8:f7:03:a3:89:33:f1:b1:3b:72:bd:88:86:d2:11:5e:28:
58:19:09:df:40:9f:25:fe:ee:50:0b:56:80:b5:1b:ad:3d:b3:
65:e2:30:ba:1b:91:a4:23:8c:c0:48:41:0b:5a:98:51:98:ca:
83:af:08:44:ee:78:fb:2b:b8:f2:93:a7:cb:0e:a0:ff:62:79:
b1:d2:bb:dc:25:63:19:d0:84:e3:b2:16:c9:a3:59:e9:43:c5:
91:e6:70:77:22:ea:60:20:21:71:dd:c2:4e:c2:02:76:b7:67:
47:49:57:ea:d6:d8:e4:bb:9a:d6:cb:27:c7:6d:6d:8c:f0:38:
26:bd:e1:d5:e6:e5:9f:16:96:6e:d7:71:e9:69:3f:9a:d0:81:
63:98:e0:e3:97:f3:8c:d2:d6:04:a0:0b:c2:9b:6a:68:61:bd:
4e:98:fd:bd:5f:61:28:e2:c3:00:cf:fb:37:da:8b:50:8a:ac:
f0:d7:6c:9d:9b:48:f8:5a:62:96:71:98:bb:a8:ba:27:8f:53:
42:26:1b:0b:aa:af:f6:f5:06:23:83:36:88:fd:1e:fc:8f:c8:
a0:14:70:5f:f3:8e:1c:4b:cb:0d:e2:90:4a:b3:57:e6:82:bf:
c9:37:aa:2c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYuPVGxfti0skw2m0vgNpoG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTAyMDkxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzU3ODA2MmY5Y2JjMTI5ZmY0NDg4M2QzNThlMWI5Yjk1OWYxMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnZLhe5+AxJFb1GcgFepa39aWVrz
oOG/nqQ2Bq9zFzq9r0kRE6/qgFYjUXh7/TJNd75+qxSfgwUyXVqjGlIAPIeRNrKf
kQGq+Yt/Waf4rGMfuM9heCPVD44FzAajP22SQGTaBXZPFZOrZDhPWF60JLPnoozO
RP4XudywkV1I1aLoCNUILLTreqO6a0G4k6gO1Bncuos80t07153gJaTfywPXPQ2+
KSH7rzPVxclT/dYqUqCuAeIBLx//5QVBSq7d+oRcMrFdVS3718Fn4eVYd4FZ+hCL
3gO9hf0AplmX95+g/cIYQzzc7jhgWnsbMRZgbTIqPG8JQ9YYHnnSO1bPgwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFGdXgGL5y8Ep/0SIPTWOG5uVnxHfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWjFlQVl2bkx3U25fUklnOU5ZNGJtNVdmRWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEALlICwME
AMB8tAMEAMF8EQMEAMF8WgMEAMI6KgMEAMJXTAMEAMJXiAMEAMJXrAMEAMJX0AME
AMJX4gMEAMJX5wMEAcOFDgMEAMOFGQMEAMOFGwMEAMOFIwMEANTABAMEANTACAME
ANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAAG6fP05GkafZ7TnRReJ1mp96Xfj3A6OJ
M/GxO3K9iIbSEV4oWBkJ30CfJf7uUAtWgLUbrT2zZeIwuhuRpCOMwEhBC1qYUZjK
g68IRO54+yu48pOnyw6g/2J5sdK73CVjGdCE47IWyaNZ6UPFkeZwdyLqYCAhcd3C
TsICdrdnR0lX6tbY5Lua1ssnx21tjPA4Jr3h1eblnxaWbtdx6Wk/mtCBY5jg45fz
jNLWBKALwptqaGG9Tpj9vV9hKOLDAM/7N9qLUIqs8NdsnZtI+FpilnGYu6i6J49T
QiYbC6qv9vUGI4M2iP0e/I/IoBRwX/OOHEvLDeKQSrNX5oK/yTeqLA==
-----END CERTIFICATE-----
Generated at Wed Nov 15 14:17:41 2023 by rpki-client on console-ams.rpki-client.org